Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/lpOh6EU__9rQTPu_3wUKqjUbRMg.roa
File: lpOh6EU__9rQTPu_3wUKqjUbRMg.roa (raw, json)
Hash identifier: LlwuVpSX/eSaSBAsYFp3wxas8YE9hbjuvoRYY5NdGxQ=
Subject key identifier: 96:93:A1:E8:45:3F:FF:DA:D0:4C:FB:BF:DF:05:0A:AA:35:1B:44:C8
Certificate issuer: /CN=ca9c980eaa16141b5c4815c6389ca25b3f2ed77c
Certificate serial: 09FCB165
Authority key identifier: CA:9C:98:0E:AA:16:14:1B:5C:48:15:C6:38:9C:A2:5B:3F:2E:D7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypyYDqoWFBtcSBXGOJyiWz8u13w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/lpOh6EU__9rQTPu_3wUKqjUbRMg.roa
Signing time: Sat 01 Jan 2022 00:57:53 +0000
ROA not before: Sat 01 Jan 2022 00:57:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202329
IP address blocks: 2001:678:6e0::/48 maxlen: 48
2001:678:6e3::/48 maxlen: 48
2001:678:6e0::/45 maxlen: 45
2001:678:6e2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167555429 (0x9fcb165)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9c980eaa16141b5c4815c6389ca25b3f2ed77c
Validity
Not Before: Jan 1 00:57:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9693a1e8453fffdad04cfbbfdf050aaa351b44c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7b:44:8a:32:a3:b6:a9:82:b9:ac:a0:6a:05:
d1:1f:9e:10:9b:59:ca:41:c7:bc:ea:32:34:24:01:
82:6e:6c:28:7b:26:75:20:13:df:44:02:a5:1e:5b:
3f:56:f7:cd:8e:6b:2e:75:8a:ae:11:d1:cf:a3:f6:
99:f5:86:2e:c6:34:cd:17:7b:70:7c:e1:0f:ee:a8:
51:7a:04:cb:07:29:22:82:d5:27:23:94:ee:9f:94:
e1:89:ab:8f:b7:f2:c7:bb:11:d4:94:fa:81:76:b4:
91:ad:78:20:48:b2:f0:50:e7:fa:a4:5e:96:f4:be:
14:79:9f:32:50:cc:42:7a:63:70:f1:cc:b5:51:5b:
26:d3:0b:c0:6f:80:26:d5:f0:02:17:d5:cb:aa:d1:
79:d7:7a:60:59:64:bc:28:f5:39:9d:b7:90:81:0a:
08:42:25:de:d7:3c:a2:3d:24:a1:4f:1e:68:d8:c7:
1a:5e:51:aa:0e:6a:3f:ef:69:46:92:3e:54:c9:02:
8c:11:fa:07:e5:8c:a8:c5:ac:a2:e5:52:e0:44:73:
b2:2d:57:be:1b:f3:bb:11:af:53:a5:7c:c6:b5:e9:
38:c6:44:98:06:ff:a3:7a:8f:1a:c3:80:8d:66:2a:
58:01:3e:f9:f0:5c:75:06:59:6b:01:55:d7:7c:09:
77:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:93:A1:E8:45:3F:FF:DA:D0:4C:FB:BF:DF:05:0A:AA:35:1B:44:C8
X509v3 Authority Key Identifier:
keyid:CA:9C:98:0E:AA:16:14:1B:5C:48:15:C6:38:9C:A2:5B:3F:2E:D7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypyYDqoWFBtcSBXGOJyiWz8u13w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/lpOh6EU__9rQTPu_3wUKqjUbRMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/ypyYDqoWFBtcSBXGOJyiWz8u13w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:6e0::/45
Signature Algorithm: sha256WithRSAEncryption
5f:1e:c9:0b:b8:c4:44:c9:66:35:17:10:1d:e0:c8:14:52:f9:
b4:36:5d:cb:ea:e1:f8:c9:cd:bc:91:47:ff:12:fe:3e:d2:d9:
e4:09:f5:41:3f:91:48:40:77:f0:03:9d:fa:e4:00:eb:63:52:
4e:76:ba:f9:b7:8b:dd:3c:b5:2d:0b:b0:58:e9:67:a5:c9:65:
dc:f4:4b:ef:a0:52:87:65:2e:20:c1:cd:a9:69:27:88:34:6e:
d0:e3:f8:1c:fc:50:1b:e5:6a:ca:e3:0a:b6:9a:05:0a:14:f7:
1d:33:79:04:38:ba:8b:a0:de:8f:75:4b:09:d8:d3:04:7b:9b:
07:f3:89:9b:7c:d3:ca:7f:75:11:35:a9:69:c2:af:6b:2f:fa:
ac:a7:ba:3d:b8:bf:29:5f:b2:83:da:87:af:5b:9c:1f:28:61:
fd:d4:d8:22:29:40:19:d0:e1:27:5d:2e:6f:08:86:f9:01:dc:
d5:c7:86:2b:1a:bd:28:51:bf:de:66:0c:0a:d7:de:d0:8d:e4:
87:96:60:d0:91:06:a2:f8:be:7c:ab:e3:98:96:5d:93:96:0f:
42:53:d9:45:9e:90:21:e2:b6:51:48:f0:be:df:2e:ca:76:b0:
af:3a:c1:3c:d2:c5:7a:9e:8b:92:2d:28:a9:f6:d9:b3:99:ca:
81:22:ce:60
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECfyxZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTljOTgwZWFhMTYxNDFiNWM0ODE1YzYzODljYTI1YjNmMmVkNzdjMB4XDTIyMDEw
MTAwNTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY5M2ExZTg0NTNm
ZmZkYWQwNGNmYmJmZGYwNTBhYWEzNTFiNDRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJd7RIoyo7apgrmsoGoF0R+eEJtZykHHvOoyNCQBgm5sKHsm
dSAT30QCpR5bP1b3zY5rLnWKrhHRz6P2mfWGLsY0zRd7cHzhD+6oUXoEywcpIoLV
JyOU7p+U4Ymrj7fyx7sR1JT6gXa0ka14IEiy8FDn+qRelvS+FHmfMlDMQnpjcPHM
tVFbJtMLwG+AJtXwAhfVy6rRedd6YFlkvCj1OZ23kIEKCEIl3tc8oj0koU8eaNjH
Gl5Rqg5qP+9pRpI+VMkCjBH6B+WMqMWsouVS4ERzsi1XvhvzuxGvU6V8xrXpOMZE
mAb/o3qPGsOAjWYqWAE++fBcdQZZawFV13wJd6UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSWk6HoRT//2tBM+7/fBQqqNRtEyDAfBgNVHSMEGDAWgBTKnJgOqhYUG1xI
FcY4nKJbPy7XfDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lweVlEcW9XRkJ0Y1NCWEdPSnlpV3o4dTEzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvNWM5ODFjLTY1N2MtNDViZS1iZmY2LWJlNWUwNTBiMDBmMC8x
L2xwT2g2RVVfXzlyUVRQdV8zd1VLcWpVYlJNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
NWM5ODFjLTY1N2MtNDViZS1iZmY2LWJlNWUwNTBiMDBmMC8xL3lweVlEcW9XRkJ0
Y1NCWEdPSnlpV3o4dTEzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAyABBngG4DANBgkqhkiG9w0BAQsF
AAOCAQEAXx7JC7jERMlmNRcQHeDIFFL5tDZdy+rh+MnNvJFH/xL+PtLZ5An1QT+R
SEB38AOd+uQA62NSTna6+beL3Ty1LQuwWOlnpcll3PRL76BSh2UuIMHNqWkniDRu
0OP4HPxQG+VqyuMKtpoFChT3HTN5BDi6i6Dej3VLCdjTBHubB/OJm3zTyn91ETWp
acKvay/6rKe6Pbi/KV+yg9qHr1ucHyhh/dTYIilAGdDhJ10ubwiG+QHc1ceGKxq9
KFG/3mYMCtfe0I3kh5Zg0JEGovi+fKvjmJZdk5YPQlPZRZ6QIeK2UUjwvt8uynaw
rzrBPNLFep6Lki0oqfbZs5nKgSLOYA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:14 2025 by rpki-client