Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/LsTD_ePaVfxEAk80_9Df_wJdlN8.roa
File: LsTD_ePaVfxEAk80_9Df_wJdlN8.roa (raw, json)
Hash identifier: s5WXVNI08z15hM7py4fUDktwTOsihZAcjWdufG/xHgc=
Subject key identifier: 2E:C4:C3:FD:E3:DA:55:FC:44:02:4F:34:FF:D0:DF:FF:02:5D:94:DF
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 01887CFEC7987696D793ECA3014769DA88A4
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/LsTD_ePaVfxEAk80_9Df_wJdlN8.roa
Signing time: Fri 02 Jun 2023 16:44:12 +0000
ROA not before: Fri 02 Jun 2023 16:44:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202
IP address blocks: 2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:fe:c7:98:76:96:d7:93:ec:a3:01:47:69:da:88:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Jun 2 16:44:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ec4c3fde3da55fc44024f34ffd0dfff025d94df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:77:03:82:19:1a:96:48:3e:0c:a1:bf:19:38:
7a:2b:e2:e4:6c:a7:6e:83:65:38:f4:c2:20:2e:dc:
d3:26:8e:c5:37:96:3e:89:e3:5c:1c:ec:bb:ce:c7:
0f:3b:32:3c:ea:fe:63:86:b7:cb:9f:95:3e:67:4f:
6a:52:da:fd:c4:39:55:6b:a5:b4:2b:69:5e:41:46:
71:45:74:32:4f:9b:3a:da:09:a7:3d:a9:8c:99:d4:
e9:ae:bc:77:34:a6:d7:85:43:cc:d9:b9:72:0d:5a:
a1:1a:f8:45:d4:54:c9:01:c4:80:ad:9d:ee:4d:de:
14:c2:12:f4:48:1e:39:e7:09:dc:41:07:ee:4a:c3:
df:43:ad:52:13:8a:ca:1b:75:80:4f:81:b0:81:83:
72:1c:41:7e:2c:f0:29:45:5d:ae:0b:08:52:a3:cd:
5a:16:0d:73:c0:59:56:af:23:65:cf:e6:50:c0:e6:
11:36:d7:28:9c:27:86:c8:66:9e:d6:5a:79:c9:bc:
19:5a:26:5c:66:a0:10:bd:9c:9c:9d:6c:ba:a1:f7:
7a:24:9f:43:14:5b:d0:d1:dc:10:4f:f8:f8:76:19:
cd:76:f8:a6:d6:63:a4:93:4f:76:0b:0d:33:bc:dd:
26:7f:49:f4:72:08:79:49:c9:7c:03:01:f0:da:3b:
27:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C4:C3:FD:E3:DA:55:FC:44:02:4F:34:FF:D0:DF:FF:02:5D:94:DF
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/LsTD_ePaVfxEAk80_9Df_wJdlN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5000:21::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:e8:2c:43:0f:b3:4d:88:71:ae:6c:48:41:02:58:00:d2:d7:
41:aa:b6:98:8d:e6:32:40:30:96:70:ed:5f:a3:6b:c2:4a:4a:
eb:f6:a4:f0:e2:90:2f:78:1d:0b:7c:19:1b:34:6b:91:92:76:
d7:c3:7f:6f:ef:17:07:cb:a0:cd:eb:6b:a7:a0:49:e8:af:8b:
89:99:4d:36:bd:60:73:38:bb:82:57:94:0f:3c:8b:0e:c5:7b:
b6:95:17:f3:70:f5:1a:22:b2:98:77:60:0b:e2:3c:ed:e5:c2:
cb:73:b1:cc:c6:a2:a3:46:48:88:c7:0c:5f:ef:0e:3d:e0:97:
c5:db:d4:7e:3c:78:6c:13:2b:7c:f8:e9:a4:06:bc:5e:b5:93:
ed:9b:c5:f2:d9:89:a5:f4:a9:79:f6:df:47:2a:fa:cc:86:9e:
35:14:f7:88:7f:32:1a:ab:ab:0c:4d:fa:64:84:e5:50:dd:59:
90:01:fa:be:c1:09:49:8e:0a:e2:b2:92:ca:6a:0d:ea:e5:8d:
9d:45:5e:29:01:b4:a0:f2:13:80:c9:d3:46:42:05:e4:48:f9:
0f:42:b0:ed:f5:60:bb:7d:37:40:f1:a0:9b:d9:a2:37:94:84:
a0:2a:38:35:2e:02:88:12:2f:9b:a9:ab:3b:85:4f:95:1f:d7:
5f:a6:08:ad
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYh8/seYdpbXk+yjAUdp2oikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjMwNjAyMTY0NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM0YzNmZGUzZGE1NWZjNDQwMjRmMzRmZmQwZGZmZjAyNWQ5NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXcDghkalkg+DKG/GTh6K+LkbKdu
g2U49MIgLtzTJo7FN5Y+ieNcHOy7zscPOzI86v5jhrfLn5U+Z09qUtr9xDlVa6W0
K2leQUZxRXQyT5s62gmnPamMmdTprrx3NKbXhUPM2blyDVqhGvhF1FTJAcSArZ3u
Td4UwhL0SB455wncQQfuSsPfQ61SE4rKG3WAT4GwgYNyHEF+LPApRV2uCwhSo81a
Fg1zwFlWryNlz+ZQwOYRNtconCeGyGae1lp5ybwZWiZcZqAQvZycnWy6ofd6JJ9D
FFvQ0dwQT/j4dhnNdvim1mOkk092Cw0zvN0mf0n0cgh5Scl8AwHw2jsnhQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC7Ew/3j2lX8RAJPNP/Q3/8CXZTfMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvTHNURF9lUGFWZnhFQWs4MF85RGZfd0pkbE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqA1AA
ACEDBwAqA1AAACIwDQYJKoZIhvcNAQELBQADggEBAAToLEMPs02Ica5sSEECWADS
10GqtpiN5jJAMJZw7V+ja8JKSuv2pPDikC94HQt8GRs0a5GSdtfDf2/vFwfLoM3r
a6egSeivi4mZTTa9YHM4u4JXlA88iw7Fe7aVF/Nw9Roisph3YAviPO3lwstzsczG
oqNGSIjHDF/vDj3gl8Xb1H48eGwTK3z46aQGvF61k+2bxfLZiaX0qXn230cq+syG
njUU94h/MhqrqwxN+mSE5VDdWZAB+r7BCUmOCuKykspqDerljZ1FXikBtKDyE4DJ
00ZCBeRI+Q9CsO31YLt9N0DxoJvZojeUhKAqODUuAogSL5upqzuFT5Uf11+mCK0=
-----END CERTIFICATE-----
Generated at Mon May 12 18:44:23 2025 by rpki-client