Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/loRGKrrv435ataATdAisDYl6ZxY.roa
File: loRGKrrv435ataATdAisDYl6ZxY.roa (raw, json)
Hash identifier: mjYVAZvDLcPpHmk9nYl1xhafHsD1f2ILmUDUpmFVW9I=
Subject key identifier: 96:84:46:2A:BA:EF:E3:7E:5A:B5:A0:13:74:08:AC:0D:89:7A:67:16
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186A9ECB61B95502BD2C941520A6BF2BC4B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/loRGKrrv435ataATdAisDYl6ZxY.roa
Signing time: Sat 04 Mar 2023 00:01:47 +0000
ROA not before: Sat 04 Mar 2023 00:01:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 2a0f:ea42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a9:ec:b6:1b:95:50:2b:d2:c9:41:52:0a:6b:f2:bc:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 4 00:01:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9684462abaefe37e5ab5a0137408ac0d897a6716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:39:3e:6e:3f:d7:f7:73:67:06:08:13:d3:2c:
67:cd:f1:9a:9e:1e:6e:3c:62:f3:00:4e:ed:1b:79:
0b:49:13:0d:a7:73:bf:d9:bc:af:e3:d0:b9:ff:c3:
16:d4:dd:3d:4d:0f:94:0b:41:f0:1b:aa:1c:84:7b:
2e:1a:f4:a1:9a:0d:d2:4a:c9:df:cb:c4:96:1a:a8:
28:ee:3c:27:40:67:34:ad:f4:47:ae:78:07:04:18:
3f:c4:c0:be:60:3f:4f:73:29:c6:0a:ed:ae:88:07:
0a:e2:3a:55:2e:12:fe:64:16:e0:76:ff:09:0e:f3:
96:5e:4f:6e:0d:84:2c:ca:09:dd:c4:5e:0b:94:16:
b4:d6:b1:fa:04:8b:c3:b7:60:fb:4b:b9:51:4a:1a:
c8:bf:f1:14:7e:80:a9:dd:91:83:ac:07:68:d8:26:
90:64:bd:14:d2:d4:f8:a1:85:ef:d9:eb:b6:17:25:
f7:b4:f4:1b:84:ba:0d:1c:de:78:97:41:61:73:52:
ba:64:c5:10:78:b7:54:1f:a0:1b:fe:20:25:8b:a6:
f3:10:8f:91:6f:c2:90:94:30:99:f5:ed:f4:5e:45:
df:8e:39:cb:b5:3d:e8:b4:05:3c:90:96:3b:94:bb:
4d:92:13:0c:a9:db:22:7c:06:e4:f7:85:e8:d7:a5:
ca:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:84:46:2A:BA:EF:E3:7E:5A:B5:A0:13:74:08:AC:0D:89:7A:67:16
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/loRGKrrv435ataATdAisDYl6ZxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ea42::/32
Signature Algorithm: sha256WithRSAEncryption
3b:ca:59:ed:b2:7e:f4:06:09:50:ea:7c:21:f5:53:8c:80:7a:
45:15:3b:53:28:8a:e3:9d:e5:78:9a:b4:10:60:bf:c1:7f:f4:
11:87:a5:8a:ef:3e:5b:22:95:39:92:ec:ee:6e:64:2e:b0:62:
6d:59:cd:f5:9c:ab:82:a7:d2:02:2a:3d:e1:03:e0:74:68:34:
62:27:d7:83:9b:ef:e1:77:f6:01:26:53:8f:43:0c:b1:fa:11:
79:b2:79:e7:9a:48:e0:69:a4:44:8e:b4:82:83:fa:7e:a8:9e:
4b:3e:c0:fd:43:ad:93:9f:09:32:c5:3d:3f:90:fb:a8:ab:73:
03:27:eb:31:75:f2:50:2d:b3:ff:42:e7:dc:1a:74:0f:51:6c:
61:51:71:1f:57:05:7e:37:2f:cd:e2:ca:32:ca:6f:5f:02:47:
bf:90:98:f9:43:37:06:57:8c:fd:be:78:e9:a2:07:15:63:63:
08:d1:38:0d:31:ac:6d:e9:7b:20:de:67:17:e8:57:08:3e:db:
65:44:c8:01:c6:87:1f:7f:33:38:09:67:60:5c:ab:e9:57:d9:
0e:24:82:92:d8:62:0f:00:b5:35:fb:6a:0f:90:df:c4:22:e2:
ca:e3:1d:54:0e:13:19:8e:27:2c:1e:3b:fb:04:e7:fd:e5:60:
19:72:55:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYap7LYblVAr0slBUgpr8rxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzA0MDAwMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg0NDYyYWJhZWZlMzdlNWFiNWEwMTM3NDA4YWMwZDg5N2E2NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzk+bj/X93NnBggT0yxnzfGanh5u
PGLzAE7tG3kLSRMNp3O/2byv49C5/8MW1N09TQ+UC0HwG6ochHsuGvShmg3SSsnf
y8SWGqgo7jwnQGc0rfRHrngHBBg/xMC+YD9PcynGCu2uiAcK4jpVLhL+ZBbgdv8J
DvOWXk9uDYQsygndxF4LlBa01rH6BIvDt2D7S7lRShrIv/EUfoCp3ZGDrAdo2CaQ
ZL0U0tT4oYXv2eu2FyX3tPQbhLoNHN54l0Fhc1K6ZMUQeLdUH6Ab/iAli6bzEI+R
b8KQlDCZ9e30XkXfjjnLtT3otAU8kJY7lLtNkhMMqdsifAbk94Xo16XKPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJaERiq67+N+WrWgE3QIrA2JemcWMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbG9SR0tycnY0MzVhdGFBVGRBaXNEWWw2WnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg/qQjAN
BgkqhkiG9w0BAQsFAAOCAQEAO8pZ7bJ+9AYJUOp8IfVTjIB6RRU7UyiK453leJq0
EGC/wX/0EYeliu8+WyKVOZLs7m5kLrBibVnN9ZyrgqfSAio94QPgdGg0YifXg5vv
4Xf2ASZTj0MMsfoRebJ555pI4GmkRI60goP6fqieSz7A/UOtk58JMsU9P5D7qKtz
AyfrMXXyUC2z/0Ln3Bp0D1FsYVFxH1cFfjcvzeLKMspvXwJHv5CY+UM3BleM/b54
6aIHFWNjCNE4DTGsbel7IN5nF+hXCD7bZUTIAcaHH38zOAlnYFyr6VfZDiSCkthi
DwC1NftqD5DfxCLiyuMdVA4TGY4nLB47+wTn/eVgGXJVHA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:41 2025 by rpki-client