Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/FULMLQIRzEGBZkGGSiZdvKUn8Aw.roa
File: FULMLQIRzEGBZkGGSiZdvKUn8Aw.roa (raw, json)
Hash identifier: RMxRjp6nb40h/Yijatitj/siCiidM23L8PGAZu2ES6Q=
Subject key identifier: 15:42:CC:2D:02:11:CC:41:81:66:41:86:4A:26:5D:BC:A5:27:F0:0C
Certificate issuer: /CN=bfad08ac862db6ae0bb0b880aec055edbcbb82fc
Certificate serial: 0BA6F0
Authority key identifier: BF:AD:08:AC:86:2D:B6:AE:0B:B0:B8:80:AE:C0:55:ED:BC:BB:82:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v60IrIYttq4LsLiArsBV7by7gvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/FULMLQIRzEGBZkGGSiZdvKUn8Aw.roa
Signing time: Tue 08 Feb 2022 07:27:39 +0000
ROA not before: Tue 08 Feb 2022 07:27:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204896
IP address blocks: 2a02:dd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 763632 (0xba6f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfad08ac862db6ae0bb0b880aec055edbcbb82fc
Validity
Not Before: Feb 8 07:27:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1542cc2d0211cc41816641864a265dbca527f00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:0b:0b:47:57:29:43:3a:03:82:59:cb:5e:
9b:b0:ce:4c:22:01:60:ff:4a:83:d1:1e:66:76:e5:
81:d2:03:ef:2b:cc:df:f0:50:9f:d7:3d:91:c7:f6:
54:f5:f5:98:ee:79:50:c0:6b:a5:71:38:dc:f5:e9:
53:31:6d:64:7a:63:39:4a:f9:10:f5:19:c1:f7:da:
10:a2:ae:27:83:05:3d:9a:76:b3:91:21:ad:87:28:
32:7d:46:ce:46:fb:93:4b:92:86:4f:4d:e5:e6:b7:
37:ff:77:7b:19:d8:20:37:e0:48:c8:d0:5b:01:f8:
f1:94:c4:d6:8f:10:5f:a3:c9:f1:d0:d8:70:34:0e:
e4:5d:9b:92:79:c6:c1:ae:b1:b1:06:15:db:a7:86:
4e:a6:89:16:dd:ed:ed:4e:b8:11:3c:9b:f7:70:bb:
f7:31:98:88:45:0d:88:4c:64:bc:89:1d:bf:71:d6:
f2:1f:f2:7c:5f:28:3d:63:08:50:de:c9:59:20:c8:
11:0a:15:c8:88:a0:65:9d:53:d5:c6:cf:de:fa:f1:
38:77:67:d1:b5:12:3b:5a:46:9e:6d:71:8d:1a:4c:
56:73:a0:d4:bb:d0:a8:09:22:d1:5b:98:d9:d9:1e:
15:1d:d8:0e:48:81:dc:a2:b0:7e:dc:8e:b8:76:60:
05:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:42:CC:2D:02:11:CC:41:81:66:41:86:4A:26:5D:BC:A5:27:F0:0C
X509v3 Authority Key Identifier:
keyid:BF:AD:08:AC:86:2D:B6:AE:0B:B0:B8:80:AE:C0:55:ED:BC:BB:82:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v60IrIYttq4LsLiArsBV7by7gvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/FULMLQIRzEGBZkGGSiZdvKUn8Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/v60IrIYttq4LsLiArsBV7by7gvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
51:ee:c6:e1:90:c1:3b:0c:71:15:ba:a0:47:9c:03:e7:1b:02:
2a:8c:fa:c3:a9:72:3d:23:5b:81:da:82:df:e8:71:7d:df:96:
5f:4e:95:cc:2e:7a:1b:8f:aa:5c:c4:1b:8c:e1:50:78:ae:5b:
a7:cc:d8:93:ac:72:fd:c3:90:06:70:a7:3c:c8:cf:b8:a4:91:
d9:01:62:35:3e:e2:22:03:cd:ae:f0:8c:34:70:0e:04:1f:40:
61:34:c6:0f:64:be:be:04:19:fa:66:f5:ef:e6:28:2f:28:0d:
24:38:69:87:d8:7f:84:d7:d8:b7:61:0f:cf:60:a0:43:7a:e1:
dc:6f:53:23:f2:f2:82:98:b2:fc:87:6e:e7:2b:05:56:49:88:
fb:22:6e:21:a3:a1:87:98:75:b1:e4:ce:9f:c2:b9:69:68:83:
2c:ea:8c:7c:6d:cc:32:87:e1:7a:ec:a2:24:75:2c:56:eb:5d:
86:66:55:e0:91:fb:d6:3c:49:41:4c:89:37:82:98:ea:b6:02:
86:00:ea:b6:3e:8f:a2:ab:cc:f7:49:54:4a:a3:83:cd:53:a4:
9f:bc:85:b7:e1:74:02:a7:02:b5:83:67:0c:fb:c0:c0:f7:8b:
d1:95:38:86:0c:cf:92:af:5f:59:28:52:ac:93:65:d6:a9:96:
2c:44:ec:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDC6bwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YWQwOGFjODYyZGI2YWUwYmIwYjg4MGFlYzA1NWVkYmNiYjgyZmMwHhcNMjIwMjA4
MDcyNzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxNTQyY2MyZDAyMTFj
YzQxODE2NjQxODY0YTI2NWRiY2E1MjdmMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo4ELC0dXKUM6A4JZy16bsM5MIgFg/0qD0R5mduWB0gPvK8zf
8FCf1z2Rx/ZU9fWY7nlQwGulcTjc9elTMW1kemM5SvkQ9RnB99oQoq4ngwU9mnaz
kSGthygyfUbORvuTS5KGT03l5rc3/3d7GdggN+BIyNBbAfjxlMTWjxBfo8nx0Nhw
NA7kXZuSecbBrrGxBhXbp4ZOpokW3e3tTrgRPJv3cLv3MZiIRQ2ITGS8iR2/cdby
H/J8Xyg9YwhQ3slZIMgRChXIiKBlnVPVxs/e+vE4d2fRtRI7WkaebXGNGkxWc6DU
u9CoCSLRW5jZ2R4VHdgOSIHcorB+3I64dmAFmQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFBVCzC0CEcxBgWZBhkomXbylJ/AMMB8GA1UdIwQYMBaAFL+tCKyGLbauC7C4
gK7AVe28u4L8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
djYwSXJJWXR0cTRMc0xpQXJzQlY3Ynk3Z3Z3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMS9kNWRjNjEtODgyYi00NjM2LWFmZjEtMWZiM2Y4MTc2MDhmLzEv
RlVMTUxRSVJ6RUdCWmtHR1NpWmR2S1VuOEF3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9k
NWRjNjEtODgyYi00NjM2LWFmZjEtMWZiM2Y4MTc2MDhmLzEvdjYwSXJJWXR0cTRM
c0xpQXJzQlY3Ynk3Z3Z3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLdgDANBgkqhkiG9w0BAQsFAAOC
AQEAUe7G4ZDBOwxxFbqgR5wD5xsCKoz6w6lyPSNbgdqC3+hxfd+WX06VzC56G4+q
XMQbjOFQeK5bp8zYk6xy/cOQBnCnPMjPuKSR2QFiNT7iIgPNrvCMNHAOBB9AYTTG
D2S+vgQZ+mb17+YoLygNJDhph9h/hNfYt2EPz2CgQ3rh3G9TI/Lygpiy/Idu5ysF
VkmI+yJuIaOhh5h1seTOn8K5aWiDLOqMfG3MMofheuyiJHUsVutdhmZV4JH71jxJ
QUyJN4KY6rYChgDqtj6PoqvM90lUSqODzVOkn7yFt+F0AqcCtYNnDPvAwPeL0ZU4
hgzPkq9fWShSrJNl1qmWLETsqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:13 2023 by rpki-client on console-fra.rpki-client.org