Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/lSMm5OHQaDV5Lqi24p_nvLeWZA4.roa
File: lSMm5OHQaDV5Lqi24p_nvLeWZA4.roa (raw, json)
Hash identifier: LDpKuQIBupt1B0P0f1PKfCn9R486N6A8tNvloAdAyR4=
Subject key identifier: 95:23:26:E4:E1:D0:68:35:79:2E:A8:B6:E2:9F:E7:BC:B7:96:64:0E
Certificate issuer: /CN=e23494e0cc12c75aed1d01deb15be4e2662b485a
Certificate serial: 018CBA7599895289644C90AB06C8228846A7
Authority key identifier: E2:34:94:E0:CC:12:C7:5A:ED:1D:01:DE:B1:5B:E4:E2:66:2B:48:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/lSMm5OHQaDV5Lqi24p_nvLeWZA4.roa
Signing time: Sat 30 Dec 2023 11:21:58 +0000
ROA not before: Sat 30 Dec 2023 11:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51500
IP address blocks: 2a07:f3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:75:99:89:52:89:64:4c:90:ab:06:c8:22:88:46:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23494e0cc12c75aed1d01deb15be4e2662b485a
Validity
Not Before: Dec 30 11:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=952326e4e1d06835792ea8b6e29fe7bcb796640e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b6:e2:33:ef:90:23:4e:2b:42:65:52:5d:a1:
3e:d1:60:8f:87:27:ae:f6:fd:63:f7:43:26:e9:28:
36:1f:a9:c9:3e:73:74:85:b5:20:be:32:94:a7:06:
24:f7:92:92:7e:f5:c3:11:df:8e:75:88:5b:94:13:
5c:6a:66:3a:73:f6:71:71:ae:ef:73:c2:83:a8:21:
9a:fc:fd:52:a3:63:d7:a0:7c:fa:57:88:70:e2:70:
36:a7:06:cf:78:46:c9:eb:ea:2b:00:fd:16:c9:7a:
4b:f7:8f:08:bd:45:d3:5c:16:54:b8:ca:7d:54:48:
8a:a3:7c:ea:b7:8e:05:35:b9:3b:59:61:6b:a4:6c:
ed:7b:da:c9:1d:5e:5e:60:68:2f:c3:3c:83:02:55:
da:0e:0a:13:42:5a:50:5d:31:0a:db:45:05:bf:6c:
84:ad:25:3b:42:64:cd:98:e0:2e:5d:4c:05:3a:ee:
c1:48:88:a4:2b:9f:e3:cd:ed:71:f5:e3:de:9b:b4:
d4:45:b4:46:15:79:c3:97:2d:c6:76:32:5c:73:d2:
66:a7:31:82:70:71:c0:9f:4f:78:b3:e7:cd:4c:24:
18:24:f7:04:d4:39:45:62:29:97:17:61:8d:3d:41:
4f:96:71:c4:3b:7c:d9:73:c7:12:b3:18:af:fe:de:
ca:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:23:26:E4:E1:D0:68:35:79:2E:A8:B6:E2:9F:E7:BC:B7:96:64:0E
X509v3 Authority Key Identifier:
keyid:E2:34:94:E0:CC:12:C7:5A:ED:1D:01:DE:B1:5B:E4:E2:66:2B:48:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/lSMm5OHQaDV5Lqi24p_nvLeWZA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/4jSU4MwSx1rtHQHesVvk4mYrSFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:ac:62:b5:04:27:41:77:d2:21:de:bb:33:ff:cd:ad:ac:fd:
dc:21:8a:12:8a:a0:42:01:ec:e1:b7:bc:16:63:ec:2a:20:21:
0c:31:f6:bd:9e:88:93:99:c0:53:d4:54:f2:7b:d7:e7:9c:fd:
20:85:87:13:3e:67:68:1a:f2:17:30:d2:4c:8b:71:64:65:44:
0f:8a:30:ee:75:c2:23:49:77:e3:e2:56:61:31:52:8a:4a:c0:
2b:db:99:bc:58:e3:d3:6b:a0:cf:3a:10:8d:e3:17:85:f8:1f:
00:63:36:cb:c5:c4:e3:4a:db:58:b1:7a:82:dd:e0:e4:c1:8f:
47:ff:0f:d4:c4:93:56:14:10:46:ae:0d:cb:b7:a7:65:89:e9:
30:a4:15:ac:0a:08:90:0c:22:b8:62:da:6e:54:42:28:1f:2f:
87:41:c3:26:d4:89:56:1c:33:c9:03:32:39:9d:c9:e8:40:05:
73:e3:06:d5:d1:08:8e:95:a6:e1:15:50:1f:45:33:4d:91:ab:
cc:3f:4e:dc:96:ae:e6:bb:e1:56:24:f9:85:f7:35:3c:18:72:
b5:97:74:67:78:9d:ba:c4:fd:f0:99:29:ec:79:f5:18:2b:16:
94:f1:7a:35:26:ba:f7:e0:d1:1f:bd:b5:b3:f0:21:96:8a:af:
7e:2a:00:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYy6dZmJUolkTJCrBsgiiEanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzQ5NGUwY2MxMmM3NWFlZDFkMDFkZWIxNWJlNGUyNjYy
YjQ4NWEwHhcNMjMxMjMwMTEyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIzMjZlNGUxZDA2ODM1NzkyZWE4YjZlMjlmZTdiY2I3OTY2NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbbiM++QI04rQmVSXaE+0WCPhyeu
9v1j90Mm6Sg2H6nJPnN0hbUgvjKUpwYk95KSfvXDEd+OdYhblBNcamY6c/Zxca7v
c8KDqCGa/P1So2PXoHz6V4hw4nA2pwbPeEbJ6+orAP0WyXpL948IvUXTXBZUuMp9
VEiKo3zqt44FNbk7WWFrpGzte9rJHV5eYGgvwzyDAlXaDgoTQlpQXTEK20UFv2yE
rSU7QmTNmOAuXUwFOu7BSIikK5/jze1x9ePem7TURbRGFXnDly3GdjJcc9JmpzGC
cHHAn094s+fNTCQYJPcE1DlFYimXF2GNPUFPlnHEO3zZc8cSsxiv/t7KGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJUjJuTh0Gg1eS6otuKf57y3lmQOMB8GA1UdIwQY
MBaAFOI0lODMEsda7R0B3rFb5OJmK0haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpTVTRNd1N4MXJ0SFFIZXNWdms0bVlyU0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wZGI1ZTYtODY3Yy00YzNjLWJiNGUt
MjI3NDBiZjJkNWVhLzEvbFNNbTVPSFFhRFY1THFpMjRwX252TGVXWkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wZGI1ZTYtODY3Yy00YzNjLWJiNGUtMjI3NDBiZjJkNWVh
LzEvNGpTVTRNd1N4MXJ0SFFIZXNWdms0bVlyU0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgfzwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYKxitQQnQXfSId67M//Nraz93CGKEoqgQgHs4be8
FmPsKiAhDDH2vZ6Ik5nAU9RU8nvX55z9IIWHEz5naBryFzDSTItxZGVED4ow7nXC
I0l34+JWYTFSikrAK9uZvFjj02ugzzoQjeMXhfgfAGM2y8XE40rbWLF6gt3g5MGP
R/8P1MSTVhQQRq4Ny7enZYnpMKQVrAoIkAwiuGLablRCKB8vh0HDJtSJVhwzyQMy
OZ3J6EAFc+MG1dEIjpWm4RVQH0UzTZGrzD9O3Jau5rvhViT5hfc1PBhytZd0Z3id
usT98Jkp7Hn1GCsWlPF6NSa69+DRH721s/AhloqvfioApQ==
-----END CERTIFICATE-----
Generated at Thu May 1 11:10:25 2025 by rpki-client