Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/fmSu9drvWXRC695nsLgWzkGlyB0.roa
File: fmSu9drvWXRC695nsLgWzkGlyB0.roa (raw, json)
Hash identifier: jxuZogYEDBEzQeUKxSUfOhWK10lXcJvg9MSsNXt5zb0=
Subject key identifier: 7E:64:AE:F5:DA:EF:59:74:42:EB:DE:67:B0:B8:16:CE:41:A5:C8:1D
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 03EA1532
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/fmSu9drvWXRC695nsLgWzkGlyB0.roa
Signing time: Sat 01 Jan 2022 12:54:18 +0000
ROA not before: Sat 01 Jan 2022 12:54:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39239
IP address blocks: 2a01:b960:230b::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65672498 (0x3ea1532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 12:54:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e64aef5daef597442ebde67b0b816ce41a5c81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:8f:14:75:ed:49:1f:1f:c7:a4:27:e4:dc:
a5:f1:09:6b:df:11:3d:4c:75:d0:06:51:0e:d5:2d:
19:2d:68:01:1f:dc:b3:14:35:37:c3:f3:45:2e:c7:
a6:18:ca:0b:75:12:ec:66:19:b0:92:05:f0:52:4f:
4c:e3:58:ca:f9:a1:f4:47:ff:8c:bb:70:bb:7b:e2:
e6:d5:21:dd:13:9b:0d:02:6a:30:c1:48:a7:a1:6e:
1e:77:a3:99:31:a5:bf:86:48:38:29:6a:2b:44:73:
b2:d4:08:16:6f:ef:8c:7c:fd:bc:21:a5:d3:c7:fa:
9c:79:b6:15:56:9b:72:dd:f1:a9:c4:7f:4e:e8:b3:
07:cc:99:dc:c2:0b:64:c8:91:46:4b:41:18:18:b5:
1f:a9:67:a2:44:4d:d6:58:4d:ab:e8:ae:fb:d2:b6:
76:d7:29:e6:5b:b2:43:14:78:02:c7:82:81:e1:ae:
0a:48:21:cc:97:7f:36:3a:fe:24:4b:cc:ad:b1:43:
b6:b5:63:b1:33:3f:36:d8:6d:2c:87:7f:75:79:4b:
ed:12:5d:8e:bf:7a:48:8b:23:d9:9e:69:7a:16:76:
3a:f9:4a:e2:4c:c7:cb:4b:53:49:bc:51:91:0c:5e:
d1:cd:90:8c:e2:88:54:cd:ff:56:68:33:0c:a7:03:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:64:AE:F5:DA:EF:59:74:42:EB:DE:67:B0:B8:16:CE:41:A5:C8:1D
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/fmSu9drvWXRC695nsLgWzkGlyB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:230b::/48
Signature Algorithm: sha256WithRSAEncryption
91:6d:60:0b:86:11:b0:5e:94:78:0f:a2:7a:ad:b6:2e:e9:2a:
60:a0:db:85:3c:20:4d:f7:a2:73:b6:77:08:ee:6c:bf:57:59:
8f:2d:d2:33:21:d2:eb:0c:da:e8:9e:4a:0d:57:b0:c4:cc:86:
e4:ed:14:dd:b3:88:bc:07:94:7a:da:62:bf:cf:ce:73:10:46:
05:29:53:1e:b1:b4:f7:e7:73:5b:28:6f:5c:a3:b4:28:72:2f:
dc:53:4f:82:2c:7a:80:d9:71:70:f0:3d:b3:98:1e:df:ce:f0:
a7:d5:78:0a:5e:01:72:ad:d2:e5:a8:a4:2b:b8:43:34:8b:7f:
db:6b:d0:e7:53:65:e7:9a:41:03:67:36:96:ee:66:cf:11:01:
bf:e9:9b:d6:aa:21:28:47:29:96:fb:a5:f7:a5:a0:83:70:f5:
6c:cb:d7:68:81:13:d9:04:3b:50:d1:fc:13:c6:b8:52:cc:eb:
96:85:80:53:1d:5a:dc:45:01:c1:b8:81:66:2f:c4:71:10:a2:
3e:03:0c:85:ae:93:b7:78:df:0c:01:f0:f9:d9:51:bf:c9:a5:
2b:59:4b:da:3c:1c:bf:88:6d:30:17:40:29:ba:79:4a:83:52:
cc:8c:fa:9f:48:f0:c8:04:ea:98:09:9a:b0:8b:4a:ba:11:11:
bb:6f:be:fd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA+oVMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGYxNzI2ZWE0YmQ2ZDNjODA5MWFlMGM4YWQxYTAzZTkxZTM1OWEyMB4XDTIyMDEw
MTEyNTQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U2NGFlZjVkYWVm
NTk3NDQyZWJkZTY3YjBiODE2Y2U0MWE1YzgxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjAjxR17UkfH8ekJ+TcpfEJa98RPUx10AZRDtUtGS1oAR/c
sxQ1N8PzRS7HphjKC3US7GYZsJIF8FJPTONYyvmh9Ef/jLtwu3vi5tUh3RObDQJq
MMFIp6FuHnejmTGlv4ZIOClqK0RzstQIFm/vjHz9vCGl08f6nHm2FVabct3xqcR/
TuizB8yZ3MILZMiRRktBGBi1H6lnokRN1lhNq+iu+9K2dtcp5luyQxR4AseCgeGu
CkghzJd/Njr+JEvMrbFDtrVjsTM/NthtLId/dXlL7RJdjr96SIsj2Z5pehZ2OvlK
4kzHy0tTSbxRkQxe0c2QjOKIVM3/VmgzDKcDo6ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR+ZK712u9ZdELr3mewuBbOQaXIHTAfBgNVHSMEGDAWgBQ08XJupL1tPICR
rgyK0aA+keNZojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QRnlicVM5YlR5QWthNE1pdEdnUHBIaldhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBmZS8x
L2ZtU3U5ZHJ2V1hSQzY5NW5zTGdXemtHbHlCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
ZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBmZS8xL05QRnlicVM5YlR5
QWthNE1pdEdnUHBIaldhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBuWAjCzANBgkqhkiG9w0BAQsF
AAOCAQEAkW1gC4YRsF6UeA+ieq22LukqYKDbhTwgTfeic7Z3CO5sv1dZjy3SMyHS
6wza6J5KDVewxMyG5O0U3bOIvAeUetpiv8/OcxBGBSlTHrG09+dzWyhvXKO0KHIv
3FNPgix6gNlxcPA9s5ge387wp9V4Cl4Bcq3S5aikK7hDNIt/22vQ51Nl55pBA2c2
lu5mzxEBv+mb1qohKEcplvul96Wgg3D1bMvXaIET2QQ7UNH8E8a4UszrloWAUx1a
3EUBwbiBZi/EcRCiPgMMha6Tt3jfDAHw+dlRv8mlK1lL2jwcv4htMBdAKbp5SoNS
zIz6n0jwyATqmAmasItKuhERu2++/Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:32 2025 by rpki-client