Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/LH0eH09fp_7POGY3R1Kxb_p_EvY.roa
File: LH0eH09fp_7POGY3R1Kxb_p_EvY.roa (raw, json)
Hash identifier: stwtCAHfsMGsVwuNA4xq6TO+j8Sm3WZCTpJ+2KYenp0=
Subject key identifier: 2C:7D:1E:1F:4F:5F:A7:FE:CF:38:66:37:47:52:B1:6F:FA:7F:12:F6
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 01856FE6EC09E79E3FFC8EACE695E6662B21
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/LH0eH09fp_7POGY3R1Kxb_p_EvY.roa
Signing time: Mon 02 Jan 2023 00:34:42 +0000
ROA not before: Mon 02 Jan 2023 00:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49846
IP address blocks: 2a01:348:317:8000::/49 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:ec:09:e7:9e:3f:fc:8e:ac:e6:95:e6:66:2b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 2 00:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c7d1e1f4f5fa7fecf3866374752b16ffa7f12f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:67:ff:c8:2b:70:c5:5c:0e:65:30:fb:af:
00:a3:d7:3d:a4:45:a2:eb:d3:0a:5f:3e:98:39:f9:
f5:70:36:ad:d4:15:5f:3e:2f:7b:34:2e:ba:9b:97:
9b:91:2e:dd:6a:2e:15:89:ac:33:50:e9:a4:b7:b4:
2c:25:1f:9d:48:dc:14:3f:ad:b2:6e:d5:4e:7c:55:
dd:d8:83:69:c9:d0:39:7e:72:4b:c1:7b:dd:ca:bc:
21:b0:97:9c:ea:d3:f5:bd:62:1c:1b:53:02:91:c7:
cd:dc:09:2f:96:89:ef:d9:70:30:21:8a:02:f7:99:
69:7c:71:88:f3:6e:c7:f8:02:08:47:a6:24:54:1a:
32:95:ef:25:f7:25:61:7d:34:c1:ce:e5:84:35:d6:
30:55:51:9b:02:e7:85:fc:a7:d7:60:a9:c8:68:eb:
2c:4f:78:15:83:84:3e:1b:2c:05:43:95:c9:d1:14:
f7:90:3d:8f:92:36:d8:b9:a4:c4:36:b6:e7:e1:30:
70:c2:b6:cb:21:7d:21:2d:a8:38:94:8f:ca:af:51:
1e:7f:e4:ec:72:cc:2a:f7:46:a8:f2:ab:f2:ea:18:
81:e0:b2:6e:9e:61:89:f5:e7:36:35:9d:07:26:4e:
a5:11:32:79:c4:6d:ff:cd:86:6c:00:5a:1f:17:4a:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7D:1E:1F:4F:5F:A7:FE:CF:38:66:37:47:52:B1:6F:FA:7F:12:F6
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/LH0eH09fp_7POGY3R1Kxb_p_EvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:348:317:8000::/49
Signature Algorithm: sha256WithRSAEncryption
ca:64:57:50:49:3d:47:aa:c7:d6:27:13:6e:94:cb:8f:23:08:
ea:5e:6f:ef:22:e3:ba:73:c7:25:d5:30:3e:8e:d2:c3:ab:93:
20:1d:04:f2:9a:eb:86:f4:28:c1:e3:2f:0d:eb:ef:3d:ad:d4:
3e:d7:5c:93:af:e6:2d:99:df:b4:7b:8e:31:b0:c6:83:34:25:
e7:d4:60:24:71:d3:4a:a1:65:c6:5e:e0:66:1b:9c:7e:a2:37:
63:e4:d4:7a:18:87:0a:8d:75:c7:b6:f5:a9:bb:27:40:56:25:
3a:a2:fd:58:e8:1f:41:0a:59:6a:ea:8e:7a:08:94:b4:89:85:
5e:a5:cb:25:96:e9:91:1b:7b:15:f1:3f:99:ca:67:ca:c8:3e:
5f:ec:d7:35:28:48:1b:bb:40:fd:10:23:dd:2f:bb:9c:8e:cf:
2f:2c:4d:58:9f:0d:0e:97:53:df:0b:7e:dc:82:38:68:89:c9:
87:ff:89:c7:05:ce:97:7d:a0:c6:31:04:62:4c:a5:4a:10:9b:
50:f9:7c:67:c9:84:19:10:81:1c:49:b7:05:da:7a:e4:2d:61:
61:42:25:5e:e1:54:69:fb:54:46:9e:fb:9e:8a:df:88:f7:3a:
4b:d4:dd:1e:4d:f7:f6:4c:5b:3a:ed:3b:1b:78:e4:aa:d5:cd:
87:d8:45:a8
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVv5uwJ554//I6s5pXmZishMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjMwMTAyMDAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdkMWUxZjRmNWZhN2ZlY2YzODY2Mzc0NzUyYjE2ZmZhN2YxMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKxn/8grcMVcDmUw+68Ao9c9pEWi
69MKXz6YOfn1cDat1BVfPi97NC66m5ebkS7dai4ViawzUOmkt7QsJR+dSNwUP62y
btVOfFXd2INpydA5fnJLwXvdyrwhsJec6tP1vWIcG1MCkcfN3Akvlonv2XAwIYoC
95lpfHGI827H+AIIR6YkVBoyle8l9yVhfTTBzuWENdYwVVGbAueF/KfXYKnIaOss
T3gVg4Q+GywFQ5XJ0RT3kD2PkjbYuaTENrbn4TBwwrbLIX0hLag4lI/Kr1Eef+Ts
cswq90ao8qvy6hiB4LJunmGJ9ec2NZ0HJk6lETJ5xG3/zYZsAFofF0ptXQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFCx9Hh9PX6f+zzhmN0dSsW/6fxL2MB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvTEgwZUgwOWZwXzdQT0dZM1IxS3hiX3BfRXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgHKgEDSAMX
gDANBgkqhkiG9w0BAQsFAAOCAQEAymRXUEk9R6rH1icTbpTLjyMI6l5v7yLjunPH
JdUwPo7Sw6uTIB0E8prrhvQoweMvDevvPa3UPtdck6/mLZnftHuOMbDGgzQl59Rg
JHHTSqFlxl7gZhucfqI3Y+TUehiHCo11x7b1qbsnQFYlOqL9WOgfQQpZauqOegiU
tImFXqXLJZbpkRt7FfE/mcpnysg+X+zXNShIG7tA/RAj3S+7nI7PLyxNWJ8NDpdT
3wt+3II4aInJh/+JxwXOl32gxjEEYkylShCbUPl8Z8mEGRCBHEm3Bdp65C1hYUIl
XuFUaftURp77norfiPc6S9TdHk339kxbOu07G3jkqtXNh9hFqA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:21 2025 by rpki-client