Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/fNX8cP8udKnZVN721mSlQ77HGtE.roa
File: fNX8cP8udKnZVN721mSlQ77HGtE.roa (raw, json)
Hash identifier: t0EOgYr4RonGX6tyiHEdM8MdA8iQn7tk/IetHixoPko=
Subject key identifier: 7C:D5:FC:70:FF:2E:74:A9:D9:54:DE:F6:D6:64:A5:43:BE:C7:1A:D1
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 01856D81999125CD3F331C0DEB1966795176
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/fNX8cP8udKnZVN721mSlQ77HGtE.roa
Signing time: Sun 01 Jan 2023 13:24:48 +0000
ROA not before: Sun 01 Jan 2023 13:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 2a0f:6580:106::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:99:91:25:cd:3f:33:1c:0d:eb:19:66:79:51:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Jan 1 13:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cd5fc70ff2e74a9d954def6d664a543bec71ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d2:07:8a:d6:20:37:38:6e:07:f6:ad:6c:16:
43:5b:65:ee:6c:3e:f5:65:c0:b7:83:69:0c:51:dc:
34:7a:c7:23:58:3a:af:26:25:3d:89:d8:90:c6:32:
84:be:24:47:6f:07:68:1c:75:b8:92:ce:ec:16:e8:
cf:a6:ce:15:d5:9f:b6:58:d3:2f:35:8a:16:fd:75:
2e:19:9b:05:7a:3c:c2:b7:80:ad:f4:4b:e4:82:53:
91:75:61:8c:3b:cd:7b:bc:a5:60:1b:0f:0b:66:fa:
e6:db:ba:4e:ed:75:fb:bb:d4:4f:18:f0:72:8d:e9:
ad:5a:9b:ac:3e:da:88:e5:02:67:da:55:7b:06:f5:
62:4c:e5:7f:b3:c4:41:8b:0f:42:7c:06:ca:1b:d2:
71:95:c3:c1:4c:5c:e1:79:ed:82:14:6b:0b:da:56:
ff:cb:e9:d7:43:2b:ae:50:a7:0e:df:c8:c2:bb:d9:
3b:53:7f:46:0f:05:ff:49:c8:b6:59:2d:ba:48:2f:
3f:4c:3e:6c:d4:22:94:80:9d:83:7f:ba:1a:d1:84:
e1:14:d5:5a:05:fa:53:af:55:d5:fa:c7:77:ce:98:
0d:9d:85:93:e8:0a:40:74:35:8a:99:14:20:bc:ec:
8f:ab:bd:68:0d:ca:06:c6:c0:6f:ee:0c:87:ed:0f:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D5:FC:70:FF:2E:74:A9:D9:54:DE:F6:D6:64:A5:43:BE:C7:1A:D1
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/fNX8cP8udKnZVN721mSlQ77HGtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6580:106::/48
Signature Algorithm: sha256WithRSAEncryption
53:5f:52:e1:ef:2e:32:fb:28:d7:88:67:fd:ac:5c:fc:73:cc:
ec:ea:3f:50:b5:d2:50:75:fd:07:88:e6:8c:8d:89:75:b5:c6:
c6:99:d7:a6:60:32:f1:e8:ab:b2:0e:80:29:3d:cd:ca:c0:c8:
01:4d:9e:a7:1f:98:59:6d:0a:73:ff:35:93:3c:08:58:91:ca:
06:eb:36:2e:c2:04:ed:73:52:1d:43:c3:56:67:ba:91:68:83:
b3:9b:bd:5a:ed:28:1b:51:ff:c0:2c:7b:f2:a8:6a:89:c8:55:
51:04:13:6b:0c:f1:52:6f:db:70:4c:8f:45:b0:99:e0:a0:ff:
a1:3c:f4:e7:a5:fa:2d:0a:55:23:ac:70:55:70:b4:bf:cf:1f:
5d:21:47:69:9c:9a:37:1e:81:82:84:c8:69:f7:72:9c:8a:bb:
64:71:70:28:1e:60:81:73:d2:32:8e:d2:5c:22:95:de:8b:bc:
bc:15:25:10:f6:f3:a9:2d:1e:ca:a5:bb:e9:a3:06:5e:72:b3:
e3:99:c6:63:a4:b3:e8:19:5b:fb:54:81:0b:c5:2c:69:d8:9e:
7e:55:5d:df:e2:c2:4d:2c:00:a4:3e:9d:80:2d:d0:99:30:54:
de:59:71:3a:20:7c:bb:4a:ac:b8:0e:0c:64:db:13:98:f7:44:
e4:d5:71:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtgZmRJc0/MxwN6xlmeVF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjMwMTAxMTMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q1ZmM3MGZmMmU3NGE5ZDk1NGRlZjZkNjY0YTU0M2JlYzcxYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdIHitYgNzhuB/atbBZDW2XubD71
ZcC3g2kMUdw0escjWDqvJiU9idiQxjKEviRHbwdoHHW4ks7sFujPps4V1Z+2WNMv
NYoW/XUuGZsFejzCt4Ct9EvkglORdWGMO817vKVgGw8LZvrm27pO7XX7u9RPGPBy
jemtWpusPtqI5QJn2lV7BvViTOV/s8RBiw9CfAbKG9JxlcPBTFzhee2CFGsL2lb/
y+nXQyuuUKcO38jCu9k7U39GDwX/Sci2WS26SC8/TD5s1CKUgJ2Df7oa0YThFNVa
BfpTr1XV+sd3zpgNnYWT6ApAdDWKmRQgvOyPq71oDcoGxsBv7gyH7Q/DOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHzV/HD/LnSp2VTe9tZkpUO+xxrRMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvZk5YOGNQOHVkS25aVk43MjFtU2xRNzdIR3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9lgAEG
MA0GCSqGSIb3DQEBCwUAA4IBAQBTX1Lh7y4y+yjXiGf9rFz8c8zs6j9QtdJQdf0H
iOaMjYl1tcbGmdemYDLx6KuyDoApPc3KwMgBTZ6nH5hZbQpz/zWTPAhYkcoG6zYu
wgTtc1IdQ8NWZ7qRaIOzm71a7SgbUf/ALHvyqGqJyFVRBBNrDPFSb9twTI9FsJng
oP+hPPTnpfotClUjrHBVcLS/zx9dIUdpnJo3HoGChMhp93KcirtkcXAoHmCBc9Iy
jtJcIpXei7y8FSUQ9vOpLR7KpbvpowZecrPjmcZjpLPoGVv7VIELxSxp2J5+VV3f
4sJNLACkPp2ALdCZMFTeWXE6IHy7Sqy4Dgxk2xOY90Tk1XHY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:38 2025 by rpki-client