Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/FQb-C9LL74JhxOy06U9Zylc1K-k.roa
File: FQb-C9LL74JhxOy06U9Zylc1K-k.roa (raw, json)
Hash identifier: DMsESKFA4Fyre4mqx9qseRBGGooWV8KnFfu1Z8bkyGE=
Subject key identifier: 15:06:FE:0B:D2:CB:EF:82:61:C4:EC:B4:E9:4F:59:CA:57:35:2B:E9
Certificate issuer: /CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Certificate serial: 018C9B471D8340320E3F3ECF0E3C436BDBD6
Authority key identifier: 44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/FQb-C9LL74JhxOy06U9Zylc1K-k.roa
Signing time: Sun 24 Dec 2023 10:02:58 +0000
ROA not before: Sun 24 Dec 2023 10:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202693
IP address blocks: 2a06:c647::/32 maxlen: 32
2a06:c642::/32 maxlen: 32
2a06:c641::/32 maxlen: 32
2a06:c645::/32 maxlen: 32
2a06:c646::/32 maxlen: 32
2a06:c644::/32 maxlen: 32
2a06:c640::/32 maxlen: 32
2a06:c643::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:47:1d:83:40:32:0e:3f:3e:cf:0e:3c:43:6b:db:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Validity
Not Before: Dec 24 10:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1506fe0bd2cbef8261c4ecb4e94f59ca57352be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7e:87:f7:36:1f:3c:37:f4:92:aa:48:6b:bd:
01:89:ae:ba:34:fc:02:d7:e0:92:fc:ed:d6:c2:69:
e6:ef:a9:be:d0:08:6b:a6:59:51:11:23:ac:8b:74:
9d:02:cf:1b:78:88:dc:32:62:30:cd:d2:10:4c:6c:
ad:50:a5:05:c2:af:f9:99:60:50:d5:77:d7:58:fb:
5d:0a:f5:67:d8:8d:b4:22:67:74:55:a6:0c:05:a8:
34:87:b9:37:7e:7e:6b:b1:31:15:af:12:39:5e:aa:
ba:f9:f8:6e:86:2c:33:d4:5c:5c:e0:41:a1:09:a3:
34:78:59:1b:71:db:46:8b:b4:34:da:33:d4:0d:31:
be:70:3e:48:dc:bf:0d:5e:56:e3:b1:0c:72:b6:08:
a1:ed:01:54:5d:77:c3:a0:86:e0:49:b5:2b:9f:c0:
f9:7d:2b:64:53:9d:b8:00:08:77:f3:f4:db:d6:67:
3d:6a:eb:c6:eb:15:80:3d:ed:02:ff:39:ec:ba:db:
a6:ed:7d:6a:4e:55:c2:09:66:39:14:2f:64:10:75:
97:44:6e:a4:7d:14:b0:86:c2:bf:ee:40:5a:ed:d9:
fd:19:2c:af:b1:d0:d6:88:db:56:55:5e:f7:d5:a0:
d4:8b:8f:7a:c7:00:38:ca:58:d8:ea:2c:2b:bb:1d:
e0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:06:FE:0B:D2:CB:EF:82:61:C4:EC:B4:E9:4F:59:CA:57:35:2B:E9
X509v3 Authority Key Identifier:
keyid:44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/FQb-C9LL74JhxOy06U9Zylc1K-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:c640::/29
Signature Algorithm: sha256WithRSAEncryption
44:c5:9b:aa:0c:9e:87:27:c0:ec:36:bc:86:81:1f:08:1a:bf:
20:30:1b:d9:ab:30:bc:96:62:47:af:c9:b2:56:37:a0:f7:64:
b9:59:c8:08:28:b6:4e:40:5b:02:3a:b0:9f:8b:96:af:9d:3f:
8e:0c:66:59:d8:7d:9d:2a:c2:95:58:7d:1b:1a:4b:a7:bb:28:
92:a3:28:f9:60:2f:47:e9:9e:fc:ef:4e:50:da:bc:62:cf:9b:
dd:4d:8e:54:1f:26:e9:8b:95:10:0d:af:a0:9b:00:88:b8:26:
7f:d1:3b:82:62:c6:2b:23:15:fb:31:eb:f7:9f:de:c3:11:b1:
bc:68:0d:90:f4:28:3a:78:01:21:fd:07:00:f1:5a:e6:ba:be:
c9:f3:28:43:92:11:73:2f:cc:c1:81:18:3a:85:0f:2d:9c:b0:
3a:a7:6c:3a:40:16:60:ec:ff:25:bd:95:2e:c0:1b:08:95:b1:
ec:9b:fd:f5:cb:20:03:c6:8e:18:17:17:0f:85:4d:42:27:80:
97:ff:5f:ac:90:72:49:5b:ad:55:33:0a:68:9c:69:7a:95:85:
16:4d:74:8e:86:d2:0c:c0:0c:14:d4:7c:e3:9f:36:1b:d9:3f:
dc:fe:db:f4:07:58:86:d3:b0:07:f1:1d:c2:0e:d7:81:3e:57:
af:a8:2b:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYybRx2DQDIOPz7PDjxDa9vWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWE4MTMxMzljMDZiMWRjZjFiZmU4MzMyYjliODAxYWIz
ZWIzMDIwHhcNMjMxMjI0MTAwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA2ZmUwYmQyY2JlZjgyNjFjNGVjYjRlOTRmNTljYTU3MzUyYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH6H9zYfPDf0kqpIa70Bia66NPwC
1+CS/O3Wwmnm76m+0AhrpllRESOsi3SdAs8beIjcMmIwzdIQTGytUKUFwq/5mWBQ
1XfXWPtdCvVn2I20Imd0VaYMBag0h7k3fn5rsTEVrxI5Xqq6+fhuhiwz1Fxc4EGh
CaM0eFkbcdtGi7Q02jPUDTG+cD5I3L8NXlbjsQxytgih7QFUXXfDoIbgSbUrn8D5
fStkU524AAh38/Tb1mc9auvG6xWAPe0C/znsutum7X1qTlXCCWY5FC9kEHWXRG6k
fRSwhsK/7kBa7dn9GSyvsdDWiNtWVV731aDUi496xwA4yljY6iwrux3gkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBUG/gvSy++CYcTstOlPWcpXNSvpMB8GA1UdIwQY
MBaAFESqgTE5wGsdzxv+gzK5uAGrPrMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUt
NDFkZDdmM2VhN2E0LzEvRlFiLUM5TEw3NEpoeE95MDZVOVp5bGMxSy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUtNDFkZDdmM2VhN2E0
LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgbGQDAN
BgkqhkiG9w0BAQsFAAOCAQEARMWbqgyehyfA7Da8hoEfCBq/IDAb2aswvJZiR6/J
slY3oPdkuVnICCi2TkBbAjqwn4uWr50/jgxmWdh9nSrClVh9GxpLp7sokqMo+WAv
R+me/O9OUNq8Ys+b3U2OVB8m6YuVEA2voJsAiLgmf9E7gmLGKyMV+zHr95/ewxGx
vGgNkPQoOngBIf0HAPFa5rq+yfMoQ5IRcy/MwYEYOoUPLZywOqdsOkAWYOz/Jb2V
LsAbCJWx7Jv99csgA8aOGBcXD4VNQieAl/9frJBySVutVTMKaJxpepWFFk10jobS
DMAMFNR84582G9k/3P7b9AdYhtOwB/Edwg7XgT5Xr6grzg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:12 2025 by rpki-client