Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/fbxi2-VU5ZvHScHakIIqcBW5rzg.roa
File: fbxi2-VU5ZvHScHakIIqcBW5rzg.roa (raw, json)
Hash identifier: ZN0e4uK8hbqWKTmHrpR2N5otFZtl7sLZNJORX+pRt0I=
Subject key identifier: 7D:BC:62:DB:E5:54:E5:9B:C7:49:C1:DA:90:82:2A:70:15:B9:AF:38
Certificate issuer: /CN=be4943f5203d43460a13ad4ea9d7d5b950c613cd
Certificate serial: 01856CAF202CA8A48C0F435CF72C9B460A17
Authority key identifier: BE:49:43:F5:20:3D:43:46:0A:13:AD:4E:A9:D7:D5:B9:50:C6:13:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/fbxi2-VU5ZvHScHakIIqcBW5rzg.roa
Signing time: Sun 01 Jan 2023 09:34:54 +0000
ROA not before: Sun 01 Jan 2023 09:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61077
IP address blocks: 77.81.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:20:2c:a8:a4:8c:0f:43:5c:f7:2c:9b:46:0a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be4943f5203d43460a13ad4ea9d7d5b950c613cd
Validity
Not Before: Jan 1 09:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dbc62dbe554e59bc749c1da90822a7015b9af38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:ea:10:50:39:9f:9e:bf:5f:3b:49:de:c3:
50:49:89:95:35:d6:bf:10:dc:7e:40:d7:18:22:46:
8a:90:0b:c5:f5:c4:f7:93:15:a1:ba:44:58:13:a5:
23:54:31:22:ba:ea:8f:57:fe:0d:a3:de:cd:58:c7:
c6:16:e8:51:14:b2:20:df:37:d8:a2:7b:4b:e4:10:
d3:f9:65:2c:a0:dc:b5:78:33:4a:c6:de:f3:a5:33:
5b:57:56:f7:2f:e0:a8:c7:09:ad:53:81:6c:cb:93:
99:55:d7:20:cc:e5:41:60:b6:5e:c1:3f:9c:38:df:
02:b1:45:41:86:36:cd:10:8c:aa:97:82:70:23:6b:
82:d8:69:d0:c4:40:5f:82:59:c7:e4:aa:5d:35:05:
4c:8b:d0:5a:e3:da:27:cf:5a:b5:71:b7:53:42:c3:
30:a6:b8:a2:98:5a:2e:54:c3:38:fa:d6:ed:af:fa:
92:cd:cc:1b:49:f3:3e:21:90:22:31:a6:1d:c7:b3:
4d:86:61:bd:98:69:9c:48:48:ec:ce:95:38:96:71:
62:ab:a0:f2:d1:df:c9:f4:3a:ea:1f:d6:c6:1a:28:
6b:f0:a1:e7:2f:23:42:5b:41:af:a3:69:ce:b3:68:
60:4e:46:c8:a4:3a:29:07:dc:14:33:63:68:d0:a7:
d4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BC:62:DB:E5:54:E5:9B:C7:49:C1:DA:90:82:2A:70:15:B9:AF:38
X509v3 Authority Key Identifier:
keyid:BE:49:43:F5:20:3D:43:46:0A:13:AD:4E:A9:D7:D5:B9:50:C6:13:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/fbxi2-VU5ZvHScHakIIqcBW5rzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/vklD9SA9Q0YKE61OqdfVuVDGE80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.96.0/24
Signature Algorithm: sha256WithRSAEncryption
60:59:49:db:62:79:25:a4:db:d2:e4:90:59:5a:6a:ec:7b:e1:
d8:04:3b:9f:a2:c7:01:f7:60:7f:78:da:50:dd:e5:a2:59:53:
0a:56:0b:c0:7c:31:45:5d:b0:4a:cd:4c:47:23:68:b4:f4:8e:
86:70:cb:1e:05:04:f4:b1:0b:48:aa:26:5f:e7:6f:08:cb:99:
0d:f8:e4:41:f9:65:6e:45:23:2e:a2:a6:70:76:49:1a:d1:f3:
61:4a:ef:46:5b:16:ca:01:d0:e2:9b:c7:ed:d0:ae:8a:99:96:
05:dc:01:7d:f4:e4:ce:b2:79:a6:b9:a5:29:16:1f:0d:66:cc:
c4:a7:3a:6c:40:2b:02:6e:22:b4:73:98:dd:50:ae:2c:bd:ab:
a1:b2:b5:b4:0e:1e:8e:5d:ff:a2:3f:81:d2:67:38:a4:7f:e7:
a4:fb:3b:07:fe:ae:dc:fc:69:ce:3b:9d:f7:f2:10:db:e9:40:
82:3e:04:f3:16:75:29:cf:98:c7:f6:97:e2:b3:60:83:19:3b:
ef:d8:8d:7f:96:03:aa:44:0a:ad:65:36:d4:cc:4f:60:62:8d:
c7:99:18:0d:16:d4:40:51:47:26:bb:0b:79:d4:eb:20:c0:0e:
8b:14:06:3c:d5:92:7a:8d:75:7b:fb:cd:92:d2:8e:d3:01:31:
3f:c1:9e:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsryAsqKSMD0Nc9yybRgoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDk0M2Y1MjAzZDQzNDYwYTEzYWQ0ZWE5ZDdkNWI5NTBj
NjEzY2QwHhcNMjMwMTAxMDkzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGJjNjJkYmU1NTRlNTliYzc0OWMxZGE5MDgyMmE3MDE1YjlhZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9XqEFA5n56/XztJ3sNQSYmVNda/
ENx+QNcYIkaKkAvF9cT3kxWhukRYE6UjVDEiuuqPV/4No97NWMfGFuhRFLIg3zfY
ontL5BDT+WUsoNy1eDNKxt7zpTNbV1b3L+CoxwmtU4Fsy5OZVdcgzOVBYLZewT+c
ON8CsUVBhjbNEIyql4JwI2uC2GnQxEBfglnH5KpdNQVMi9Ba49onz1q1cbdTQsMw
priimFouVMM4+tbtr/qSzcwbSfM+IZAiMaYdx7NNhmG9mGmcSEjszpU4lnFiq6Dy
0d/J9DrqH9bGGihr8KHnLyNCW0Gvo2nOs2hgTkbIpDopB9wUM2No0KfUzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH28YtvlVOWbx0nB2pCCKnAVua84MB8GA1UdIwQY
MBaAFL5JQ/UgPUNGChOtTqnX1blQxhPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtsRDlTQTlRMFlLRTYxT3FkZlZ1VkRHRTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMzE0ZWMtOGZmMC00OTUwLTg1OGYt
YTA1MWFlNjNkYmExLzEvZmJ4aTItVlU1WnZIU2NIYWtJSXFjQlc1cnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zMzE0ZWMtOGZmMC00OTUwLTg1OGYtYTA1MWFlNjNkYmEx
LzEvdmtsRDlTQTlRMFlLRTYxT3FkZlZ1VkRHRTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFgMA0G
CSqGSIb3DQEBCwUAA4IBAQBgWUnbYnklpNvS5JBZWmrse+HYBDufoscB92B/eNpQ
3eWiWVMKVgvAfDFFXbBKzUxHI2i09I6GcMseBQT0sQtIqiZf528Iy5kN+ORB+WVu
RSMuoqZwdkka0fNhSu9GWxbKAdDim8ft0K6KmZYF3AF99OTOsnmmuaUpFh8NZszE
pzpsQCsCbiK0c5jdUK4svauhsrW0Dh6OXf+iP4HSZzikf+ek+zsH/q7c/GnOO533
8hDb6UCCPgTzFnUpz5jH9pfis2CDGTvv2I1/lgOqRAqtZTbUzE9gYo3HmRgNFtRA
UUcmuwt51OsgwA6LFAY81ZJ6jXV7+82S0o7TATE/wZ78
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:32:30 2025 by rpki-client