Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa
File: lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa (raw, json)
Hash identifier: E1h7fEZoHtLN0C9xQbo2jejC5+6SxY9ZBjm3mhKs7kA=
Subject key identifier: 94:25:42:58:F9:8B:46:CF:0C:C7:35:0E:60:BE:0C:C1:34:7F:83:D1
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 178A7BFA
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa
Signing time: Sat 01 Jan 2022 13:03:15 +0000
ROA not before: Sat 01 Jan 2022 13:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a09:e1c1:f000::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394951674 (0x178a7bfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94254258f98b46cf0cc7350e60be0cc1347f83d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:b0:3e:8c:ee:10:2c:37:86:99:08:41:c6:
04:84:65:3d:95:62:03:78:a3:7a:af:0c:03:91:94:
38:f8:a9:22:be:1d:07:d0:f9:a3:91:19:d3:47:9b:
fd:76:19:da:3e:8e:5e:54:9b:89:d2:74:95:78:19:
74:da:ba:69:d8:57:06:4e:65:85:c1:c9:2a:67:d3:
c4:71:88:aa:39:cb:86:9e:7f:d4:3a:a6:78:d7:d5:
b9:95:01:c5:15:93:5e:3a:17:34:70:45:60:7b:55:
e1:24:65:8d:0e:3c:ae:32:f7:84:f1:3b:b2:44:82:
a0:b5:85:f3:a9:76:98:ee:2d:33:f7:7d:98:d5:16:
73:cb:12:9c:82:8c:78:77:b3:cc:e8:af:59:66:e3:
7b:9a:3a:ae:8c:61:6f:81:89:74:ab:0a:36:9e:86:
d5:26:a6:59:6e:08:05:2d:5f:8a:1b:cd:52:58:e2:
b6:52:ce:f3:53:e8:df:b8:17:79:32:e2:b4:2e:5b:
d8:7c:3c:c2:79:fa:c0:81:33:7a:0d:a7:4a:63:2e:
0b:6d:b4:bd:ab:e4:da:3a:28:8d:bb:61:e2:19:99:
84:90:3f:03:63:b5:91:bb:ed:93:97:d2:30:39:4c:
86:ac:ae:7e:cd:88:66:6a:6f:3c:34:06:9f:e1:6e:
b6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:25:42:58:F9:8B:46:CF:0C:C7:35:0E:60:BE:0C:C1:34:7F:83:D1
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:f000::/44
Signature Algorithm: sha256WithRSAEncryption
1d:40:bb:37:59:fe:6c:4f:cd:d1:dd:38:d2:4c:3a:30:fd:23:
20:c3:25:07:c1:a6:83:5a:54:6b:31:72:e2:0f:03:4a:64:82:
dc:27:2d:1d:76:5b:2d:49:bf:6e:c6:61:81:bc:db:0e:73:7e:
cb:50:69:c0:13:07:b6:ee:fe:47:40:97:88:8b:a9:7b:c8:cd:
4b:a5:85:69:51:ad:9c:4c:14:9d:7b:47:08:19:93:c9:dd:41:
f6:d5:6b:76:80:91:d3:63:5d:bc:97:eb:96:20:52:b8:c4:b0:
1d:b6:42:ce:68:f1:c6:d0:45:f8:21:31:58:d1:a6:2c:b4:bb:
84:74:a1:2d:7c:4e:63:cd:d2:b4:8b:62:23:d2:88:55:be:2b:
44:bf:37:54:38:df:88:92:17:9c:10:9b:af:5e:b5:ea:9d:bc:
f9:ad:ac:ce:61:cd:75:48:b8:b5:a9:64:10:f0:33:f1:90:1e:
28:24:68:c5:84:fe:da:3c:2a:10:d5:4e:c7:29:9f:c9:4a:82:
33:53:f3:4c:bd:fc:e3:3c:37:5f:11:3c:53:15:92:45:f2:d3:
e8:c9:70:a9:7d:70:93:55:0a:f0:ab:02:37:3a:65:51:a3:b0:
30:af:a2:43:0d:e6:92:3d:75:a7:53:bf:60:c0:a8:70:49:d5:
9d:b2:85:e6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEF4p7+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQyNTQyNThmOThi
NDZjZjBjYzczNTBlNjBiZTBjYzEzNDdmODNkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcdsD6M7hAsN4aZCEHGBIRlPZViA3ijeq8MA5GUOPipIr4d
B9D5o5EZ00eb/XYZ2j6OXlSbidJ0lXgZdNq6adhXBk5lhcHJKmfTxHGIqjnLhp5/
1DqmeNfVuZUBxRWTXjoXNHBFYHtV4SRljQ48rjL3hPE7skSCoLWF86l2mO4tM/d9
mNUWc8sSnIKMeHezzOivWWbje5o6roxhb4GJdKsKNp6G1SamWW4IBS1fihvNUlji
tlLO81Po37gXeTLitC5b2Hw8wnn6wIEzeg2nSmMuC220vavk2joojbth4hmZhJA/
A2O1kbvtk5fSMDlMhqyufs2IZmpvPDQGn+FutuUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSUJUJY+YtGzwzHNQ5gvgzBNH+D0TAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L2xDVkNXUG1MUnM4TXh6VU9ZTDRNd1RSX2c5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoJ4cHwADANBgkqhkiG9w0BAQsF
AAOCAQEAHUC7N1n+bE/N0d040kw6MP0jIMMlB8Gmg1pUazFy4g8DSmSC3CctHXZb
LUm/bsZhgbzbDnN+y1BpwBMHtu7+R0CXiIupe8jNS6WFaVGtnEwUnXtHCBmTyd1B
9tVrdoCR02NdvJfrliBSuMSwHbZCzmjxxtBF+CExWNGmLLS7hHShLXxOY83StIti
I9KIVb4rRL83VDjfiJIXnBCbr1616p28+a2szmHNdUi4talkEPAz8ZAeKCRoxYT+
2jwqENVOxymfyUqCM1PzTL384zw3XxE8UxWSRfLT6MlwqX1wk1UK8KsCNzplUaOw
MK+iQw3mkj11p1O/YMCocEnVnbKF5g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org