Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/FXNY9dqTvHuAtzMWAWo-40wWKKE.roa
File: FXNY9dqTvHuAtzMWAWo-40wWKKE.roa (raw, json)
Hash identifier: 2prSe9SANAf1uwmHXCCkiuL9N9Wb0hDYLrvbHX25TYE=
Subject key identifier: 15:73:58:F5:DA:93:BC:7B:80:B7:33:16:01:6A:3E:E3:4C:16:28:A1
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01832247F5BF8398F06265C2D7C657F35F16
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/FXNY9dqTvHuAtzMWAWo-40wWKKE.roa
Signing time: Fri 09 Sep 2022 12:44:44 +0000
ROA not before: Fri 09 Sep 2022 12:44:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12859
IP address blocks: 2a0b:8f80:301::/48 maxlen: 48
2a0b:8f80:201::/48 maxlen: 48
2a05:1500:fe00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:47:f5:bf:83:98:f0:62:65:c2:d7:c6:57:f3:5f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 9 12:44:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=157358f5da93bc7b80b73316016a3ee34c1628a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b0:a5:60:52:ce:c0:c2:a2:81:2a:df:6a:ca:
a6:ab:80:90:fa:f1:72:b3:ee:b5:2b:cb:e3:67:f2:
68:e8:0a:4d:a3:da:89:a6:7c:d9:31:00:55:79:f7:
bf:78:a0:47:82:2f:ae:2e:48:e7:01:62:70:62:b2:
b3:7d:b1:4c:ef:f6:33:40:bd:c2:63:6f:41:a9:47:
61:ae:51:3e:6e:af:49:4b:e2:53:fe:22:20:0d:0a:
ec:a7:c6:7e:72:12:5c:48:15:60:9f:dd:25:37:6a:
d3:9a:55:2e:f2:45:0f:1d:d6:1a:c1:42:6f:c7:96:
78:62:c6:f9:b8:b1:7b:dc:d0:45:c2:5e:3c:46:1c:
68:ec:23:84:e9:6e:c3:9d:e4:95:19:ba:ad:a2:c3:
cf:c0:05:19:5a:6c:79:80:6e:c3:50:bc:91:9d:27:
8c:61:a9:bf:60:b6:7b:dd:1d:85:8c:86:e8:70:3e:
99:b5:09:c2:d5:4a:49:b7:e2:22:e5:4b:1d:95:4e:
b1:fa:40:fe:3f:3a:5d:d3:6b:8e:54:a7:48:a4:02:
98:f9:49:89:95:cd:bb:08:e5:06:f7:bb:4e:ca:49:
dd:ad:da:5f:e7:76:c1:a2:df:8c:de:f6:36:e1:16:
fe:5c:22:3f:41:25:19:e8:68:b6:3c:34:d1:b4:98:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:73:58:F5:DA:93:BC:7B:80:B7:33:16:01:6A:3E:E3:4C:16:28:A1
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/FXNY9dqTvHuAtzMWAWo-40wWKKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1500:fe00::/40
2a0b:8f80:201::/48
2a0b:8f80:301::/48
Signature Algorithm: sha256WithRSAEncryption
28:a3:54:7d:8c:ff:9e:3e:3e:d8:f1:e7:5e:a8:eb:06:6b:73:
f8:c3:1e:a5:83:33:9e:02:67:51:78:d5:c3:eb:2d:31:43:02:
81:49:9e:f6:0a:59:5b:82:74:2e:c6:ed:ef:d8:2a:d4:99:57:
79:5e:79:0d:cf:73:27:ae:46:da:45:8e:5d:80:1e:58:66:cd:
3e:4d:d1:52:71:55:a9:a6:74:e2:be:d8:f9:b1:ea:0e:f9:92:
29:ca:b8:d0:68:32:45:d7:7d:99:3f:8d:2b:bb:27:06:ef:8e:
7d:38:15:44:38:36:ea:24:de:a6:23:55:4c:f5:f2:11:4c:c8:
06:e1:ac:b0:15:89:2e:4a:07:66:cc:e2:7d:82:4f:8d:ce:68:
b9:0f:af:e1:08:83:75:aa:46:b1:31:27:0a:08:a9:04:22:6e:
7e:29:43:01:b8:cb:13:52:17:cd:35:02:8e:67:58:da:e0:01:
e9:9a:02:3c:6d:76:fa:21:9e:68:39:2a:f6:ae:74:54:94:1b:
c3:d8:fd:53:56:3d:d6:94:fb:86:60:34:10:98:77:8f:2b:c7:
6f:c7:cf:76:e3:dd:d7:d9:99:57:4b:3e:65:4d:b9:63:7b:99:
87:94:6d:7b:fa:ea:ce:e9:4f:31:57:4d:ef:35:f9:38:67:69:
c5:09:73:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYMiR/W/g5jwYmXC18ZX818WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTA5MTI0NDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTczNThmNWRhOTNiYzdiODBiNzMzMTYwMTZhM2VlMzRjMTYyOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrClYFLOwMKigSrfasqmq4CQ+vFy
s+61K8vjZ/Jo6ApNo9qJpnzZMQBVefe/eKBHgi+uLkjnAWJwYrKzfbFM7/YzQL3C
Y29BqUdhrlE+bq9JS+JT/iIgDQrsp8Z+chJcSBVgn90lN2rTmlUu8kUPHdYawUJv
x5Z4Ysb5uLF73NBFwl48Rhxo7COE6W7DneSVGbqtosPPwAUZWmx5gG7DULyRnSeM
Yam/YLZ73R2FjIbocD6ZtQnC1UpJt+Ii5UsdlU6x+kD+Pzpd02uOVKdIpAKY+UmJ
lc27COUG97tOykndrdpf53bBot+M3vY24Rb+XCI/QSUZ6Gi2PDTRtJg6hwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBVzWPXak7x7gLczFgFqPuNMFiihMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvRlhOWTlkcVR2SHVBdHpNV0FXby00MHdXS0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYAKgUVAP4D
BwAqC4+AAgEDBwAqC4+AAwEwDQYJKoZIhvcNAQELBQADggEBACijVH2M/54+Ptjx
516o6wZrc/jDHqWDM54CZ1F41cPrLTFDAoFJnvYKWVuCdC7G7e/YKtSZV3leeQ3P
cyeuRtpFjl2AHlhmzT5N0VJxVammdOK+2Pmx6g75kinKuNBoMkXXfZk/jSu7Jwbv
jn04FUQ4Nuok3qYjVUz18hFMyAbhrLAViS5KB2bM4n2CT43OaLkPr+EIg3WqRrEx
JwoIqQQibn4pQwG4yxNSF801Ao5nWNrgAemaAjxtdvohnmg5KvaudFSUG8PY/VNW
PdaU+4ZgNBCYd48rx2/Hz3bj3dfZmVdLPmVNuWN7mYeUbXv66s7pTzFXTe81+Thn
acUJczg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org