Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a07e18-2c6a-4930-be17-e5d7f2ddd4c2/1/LXzkrMWAV-Y5VLlOyONl3wC3q9M.roa
File: LXzkrMWAV-Y5VLlOyONl3wC3q9M.roa (raw, json)
Hash identifier: fzlSm3uJQLD73uGXnVEW8pqbESU9SV50bYJzIO4hlaA=
Subject key identifier: 2D:7C:E4:AC:C5:80:57:E6:39:54:B9:4E:C8:E3:65:DF:00:B7:AB:D3
Certificate issuer: /CN=f20c28d19e0dfb534826aa23aa506af68a305b7a
Certificate serial: 14984736
Authority key identifier: F2:0C:28:D1:9E:0D:FB:53:48:26:AA:23:AA:50:6A:F6:8A:30:5B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8gwo0Z4N-1NIJqojqlBq9oowW3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a07e18-2c6a-4930-be17-e5d7f2ddd4c2/1/LXzkrMWAV-Y5VLlOyONl3wC3q9M.roa
Signing time: Sat 01 Jan 2022 16:11:12 +0000
ROA not before: Sat 01 Jan 2022 16:11:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1715
IP address blocks: 138.63.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345524022 (0x14984736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f20c28d19e0dfb534826aa23aa506af68a305b7a
Validity
Not Before: Jan 1 16:11:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d7ce4acc58057e63954b94ec8e365df00b7abd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bd:60:4f:73:8a:33:0a:6c:9d:74:8a:cc:94:
db:4b:12:7a:89:f7:14:f1:9b:2f:fe:62:67:9f:7d:
79:83:d2:c9:ac:88:ed:31:f3:a7:0b:34:4f:70:3f:
cf:90:26:23:a2:ac:64:5d:27:8c:ac:d2:72:9e:61:
af:3a:66:06:a9:dc:c6:56:73:01:95:88:a7:f5:d8:
fc:15:e5:9d:82:66:22:5a:be:bc:d7:a6:38:45:66:
1a:d6:a8:18:5f:72:ec:e3:53:9f:d0:24:69:44:d1:
30:aa:ed:89:52:8b:06:06:89:96:0d:19:c9:30:2d:
a4:26:3a:4c:f3:41:86:7d:b6:c1:42:5c:64:7a:c3:
f7:78:ac:7f:1e:1f:65:71:af:24:a5:29:28:91:8e:
aa:62:4a:c8:a2:34:5c:35:63:7a:44:ca:36:9d:54:
64:92:13:f6:fe:a7:56:fa:b9:e4:32:4a:6e:7d:24:
94:9e:71:96:ee:7a:2b:66:c1:1c:45:8b:f0:f2:1a:
7e:a0:40:53:32:a8:39:93:b0:3f:7c:6d:96:09:1b:
bd:0d:b2:d5:46:c4:e3:ea:ac:44:e2:66:6a:3c:54:
0b:3d:3a:16:bd:c8:e4:a9:27:f4:2e:e5:8b:94:e5:
59:ee:0c:81:97:f7:3b:41:1f:cc:be:86:5d:ef:a3:
20:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7C:E4:AC:C5:80:57:E6:39:54:B9:4E:C8:E3:65:DF:00:B7:AB:D3
X509v3 Authority Key Identifier:
keyid:F2:0C:28:D1:9E:0D:FB:53:48:26:AA:23:AA:50:6A:F6:8A:30:5B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gwo0Z4N-1NIJqojqlBq9oowW3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a07e18-2c6a-4930-be17-e5d7f2ddd4c2/1/LXzkrMWAV-Y5VLlOyONl3wC3q9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a07e18-2c6a-4930-be17-e5d7f2ddd4c2/1/8gwo0Z4N-1NIJqojqlBq9oowW3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.63.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:9f:d7:da:ce:80:4b:65:ef:ae:b4:56:b8:40:5c:b6:3b:3c:
86:a3:f0:ec:41:a9:3a:ce:3e:7c:19:b6:b2:5a:40:1a:80:aa:
35:b6:c8:44:10:7d:d8:c6:bf:c5:9d:e8:5a:a9:1b:ce:b5:1b:
1b:b0:8a:8f:4a:a6:96:e2:0f:fe:8f:df:61:df:27:4a:e0:0b:
a0:31:d0:69:b6:33:2e:d8:1d:78:b2:ac:f3:97:eb:f1:29:fa:
c6:16:8a:fb:ce:34:af:b7:eb:da:16:65:f0:09:6b:bb:ab:e7:
a5:f7:34:b5:29:30:0f:ca:eb:58:fa:8b:9b:0f:48:ec:c0:90:
d3:53:dd:4e:e0:4a:35:65:06:4d:2b:b9:bb:d6:0d:f8:a0:ce:
bc:86:6e:fe:81:2a:47:e0:cc:8d:38:7c:a1:52:82:51:25:c5:
20:ba:1c:5a:44:b7:de:cc:ae:59:31:00:f5:4d:77:ac:77:9d:
da:b3:3a:f1:b3:e7:a0:0f:f3:6a:d1:de:ca:c8:18:3c:14:ff:
75:4f:92:eb:a1:c4:5f:1d:9c:69:1b:4c:f1:cf:59:b2:ed:97:
71:51:9f:c1:e3:c7:93:4c:49:10:d2:b1:a5:10:2e:16:63:82:
bd:f7:c5:78:f1:6d:07:ad:1a:42:27:69:1f:bf:4c:47:ce:b6:
b3:28:35:f2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEFJhHNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjBjMjhkMTllMGRmYjUzNDgyNmFhMjNhYTUwNmFmNjhhMzA1YjdhMB4XDTIyMDEw
MTE2MTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ3Y2U0YWNjNTgw
NTdlNjM5NTRiOTRlYzhlMzY1ZGYwMGI3YWJkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMu9YE9zijMKbJ10isyU20sSeon3FPGbL/5iZ599eYPSyayI
7THzpws0T3A/z5AmI6KsZF0njKzScp5hrzpmBqncxlZzAZWIp/XY/BXlnYJmIlq+
vNemOEVmGtaoGF9y7ONTn9AkaUTRMKrtiVKLBgaJlg0ZyTAtpCY6TPNBhn22wUJc
ZHrD93isfx4fZXGvJKUpKJGOqmJKyKI0XDVjekTKNp1UZJIT9v6nVvq55DJKbn0k
lJ5xlu56K2bBHEWL8PIafqBAUzKoOZOwP3xtlgkbvQ2y1UbE4+qsROJmajxUCz06
Fr3I5Kkn9C7li5TlWe4MgZf3O0EfzL6GXe+jIG0CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQtfOSsxYBX5jlUuU7I42XfALer0zAfBgNVHSMEGDAWgBTyDCjRng37U0gm
qiOqUGr2ijBbejAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzhnd28wWjROLTFOSUpxb2pxbEJxOW9vd1czby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvYTA3ZTE4LTJjNmEtNDkzMC1iZTE3LWU1ZDdmMmRkZDRjMi8x
L0xYemtyTVdBVi1ZNVZMbE95T05sM3dDM3E5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
YTA3ZTE4LTJjNmEtNDkzMC1iZTE3LWU1ZDdmMmRkZDRjMi8xLzhnd28wWjROLTFO
SUpxb2pxbEJxOW9vd1czby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIo/MA0GCSqGSIb3DQEBCwUAA4IB
AQADn9fazoBLZe+utFa4QFy2OzyGo/DsQak6zj58GbayWkAagKo1tshEEH3Yxr/F
nehaqRvOtRsbsIqPSqaW4g/+j99h3ydK4AugMdBptjMu2B14sqzzl+vxKfrGFor7
zjSvt+vaFmXwCWu7q+el9zS1KTAPyutY+oubD0jswJDTU91O4Eo1ZQZNK7m71g34
oM68hm7+gSpH4MyNOHyhUoJRJcUguhxaRLfezK5ZMQD1TXesd53aszrxs+egD/Nq
0d7KyBg8FP91T5LrocRfHZxpG0zxz1my7ZdxUZ/B48eTTEkQ0rGlEC4WY4K998V4
8W0HrRpCJ2kfv0xHzrazKDXy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:35 2025 by rpki-client