Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/l8p3LchQWd3KutpN7wp7Gc_3FJM.roa
File: l8p3LchQWd3KutpN7wp7Gc_3FJM.roa (raw, json)
Hash identifier: y5Msaloi4F7KytVTYCM0MHr49shVe6EoqTDuQHiVSwk=
Subject key identifier: 97:CA:77:2D:C8:50:59:DD:CA:BA:DA:4D:EF:0A:7B:19:CF:F7:14:93
Certificate issuer: /CN=6ad0b0e44cc86a51769547c22ad796184b54b092
Certificate serial: 018CBA8180288F3030C374C139AC34731E4F
Authority key identifier: 6A:D0:B0:E4:4C:C8:6A:51:76:95:47:C2:2A:D7:96:18:4B:54:B0:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atCw5EzIalF2lUfCKteWGEtUsJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/l8p3LchQWd3KutpN7wp7Gc_3FJM.roa
Signing time: Sat 30 Dec 2023 11:34:58 +0000
ROA not before: Sat 30 Dec 2023 11:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25446
IP address blocks: 2a0c:c580::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:81:80:28:8f:30:30:c3:74:c1:39:ac:34:73:1e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ad0b0e44cc86a51769547c22ad796184b54b092
Validity
Not Before: Dec 30 11:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97ca772dc85059ddcabada4def0a7b19cff71493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ad:c2:4f:43:8f:24:9a:98:2d:22:c1:b4:f9:
c4:8d:df:0e:11:a0:cf:c9:0e:68:23:4e:a2:27:cb:
fc:83:88:3b:ac:8d:92:97:92:6b:75:c2:33:06:8f:
36:0e:05:ad:9a:0f:83:42:32:8d:fb:fd:fe:18:a9:
0f:fe:7c:12:09:06:1f:55:61:7c:73:f5:95:04:39:
0d:1b:f7:40:e9:77:40:42:73:d8:4f:b9:72:d0:63:
80:53:6a:5f:78:ea:94:51:1e:70:d8:81:98:96:91:
e7:48:d9:bb:32:45:de:cc:c8:2a:c5:05:35:a3:36:
31:46:d6:9b:0d:d0:df:1d:bc:33:9f:aa:75:fb:a5:
cd:2c:41:87:8b:de:7a:d0:be:b6:ac:d3:41:d8:38:
ee:eb:b9:07:05:19:2c:f3:6a:f1:03:f6:74:60:b7:
45:60:77:ba:3b:eb:36:71:c0:25:2e:a1:a8:b1:79:
3e:a2:09:24:c3:98:67:62:f8:9b:57:4a:c1:07:57:
a0:22:e3:39:bb:96:66:d1:2f:ff:57:ae:98:c6:a9:
65:96:0a:ad:2b:16:63:28:40:93:a6:c5:ba:a7:08:
ee:14:44:bc:67:8a:f8:b8:b4:a4:c1:d5:22:87:a7:
62:7f:e0:c6:fe:25:44:fe:7f:99:a7:f7:f0:fe:00:
14:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CA:77:2D:C8:50:59:DD:CA:BA:DA:4D:EF:0A:7B:19:CF:F7:14:93
X509v3 Authority Key Identifier:
keyid:6A:D0:B0:E4:4C:C8:6A:51:76:95:47:C2:2A:D7:96:18:4B:54:B0:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atCw5EzIalF2lUfCKteWGEtUsJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/l8p3LchQWd3KutpN7wp7Gc_3FJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/atCw5EzIalF2lUfCKteWGEtUsJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:c580::/48
Signature Algorithm: sha256WithRSAEncryption
1f:89:fa:46:e6:69:b2:47:af:7d:03:2c:b8:5c:19:c7:8a:43:
d4:e0:2d:48:c8:e1:ab:05:87:bc:5b:f9:ac:13:e5:67:12:95:
74:ca:22:71:61:d8:03:82:06:f0:e3:aa:91:3e:1f:7a:40:f1:
ae:29:f5:8e:07:ec:59:e9:1d:4e:93:74:23:bf:0c:a8:76:d5:
89:75:b5:8b:a7:fe:b4:0f:70:25:f1:26:80:d5:12:ba:6a:d7:
d0:b1:56:20:11:7d:a3:4c:8d:51:78:71:d8:c7:ee:ad:53:b4:
b6:05:57:f8:bc:4f:65:15:3f:39:1d:28:08:52:0d:5e:08:32:
f7:a2:90:d2:17:bb:78:31:c6:a8:00:35:92:5a:bb:8f:0d:9c:
17:eb:cc:fc:c8:cc:71:cb:c1:a3:43:0b:1a:ee:53:f2:23:78:
9d:c9:bd:a2:fd:49:16:aa:d8:6f:80:74:a4:2b:4d:d8:64:f3:
e6:66:10:40:f4:c6:ce:18:24:fd:5c:36:00:29:d2:48:d3:03:
b2:9e:13:7e:68:29:36:75:e0:5a:cd:bc:f0:9b:dc:8e:7b:b2:
0c:5f:42:63:00:3c:33:88:58:ec:6b:88:99:85:27:b4:d9:55:
c0:ce:89:74:b0:2d:b4:21:f1:53:0b:91:eb:b2:29:a4:a5:c8:
38:79:a8:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYy6gYAojzAww3TBOaw0cx5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZDBiMGU0NGNjODZhNTE3Njk1NDdjMjJhZDc5NjE4NGI1
NGIwOTIwHhcNMjMxMjMwMTEzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NhNzcyZGM4NTA1OWRkY2FiYWRhNGRlZjBhN2IxOWNmZjcxNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a3CT0OPJJqYLSLBtPnEjd8OEaDP
yQ5oI06iJ8v8g4g7rI2Sl5JrdcIzBo82DgWtmg+DQjKN+/3+GKkP/nwSCQYfVWF8
c/WVBDkNG/dA6XdAQnPYT7ly0GOAU2pfeOqUUR5w2IGYlpHnSNm7MkXezMgqxQU1
ozYxRtabDdDfHbwzn6p1+6XNLEGHi9560L62rNNB2Dju67kHBRks82rxA/Z0YLdF
YHe6O+s2ccAlLqGosXk+ogkkw5hnYvibV0rBB1egIuM5u5Zm0S//V66Yxqlllgqt
KxZjKECTpsW6pwjuFES8Z4r4uLSkwdUih6dif+DG/iVE/n+Zp/fw/gAUtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJfKdy3IUFndyrraTe8KexnP9xSTMB8GA1UdIwQY
MBaAFGrQsORMyGpRdpVHwirXlhhLVLCSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXRDdzVFeklhbEYybFVmQ0t0ZVdHRXRVc0pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81YTFlZjctZjNhNC00NzNjLWE2OWMt
NDgyMjVmMzExMWNmLzEvbDhwM0xjaFFXZDNLdXRwTjd3cDdHY18zRkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81YTFlZjctZjNhNC00NzNjLWE2OWMtNDgyMjVmMzExMWNm
LzEvYXRDdzVFeklhbEYybFVmQ0t0ZVdHRXRVc0pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgzFgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfifpG5mmyR699Ayy4XBnHikPU4C1IyOGrBYe8
W/msE+VnEpV0yiJxYdgDggbw46qRPh96QPGuKfWOB+xZ6R1Ok3QjvwyodtWJdbWL
p/60D3Al8SaA1RK6atfQsVYgEX2jTI1ReHHYx+6tU7S2BVf4vE9lFT85HSgIUg1e
CDL3opDSF7t4McaoADWSWruPDZwX68z8yMxxy8GjQwsa7lPyI3idyb2i/UkWqthv
gHSkK03YZPPmZhBA9MbOGCT9XDYAKdJI0wOynhN+aCk2deBazbzwm9yOe7IMX0Jj
ADwziFjsa4iZhSe02VXAzol0sC20IfFTC5Hrsimkpcg4eaiQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:23:17 2025 by rpki-client