Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/q6DzQB7XWRZKuqLDyeFdZXGnld0.roa
File: q6DzQB7XWRZKuqLDyeFdZXGnld0.roa (raw, json)
Hash identifier: /V+FtLNls9iP8p+la6+p2pXrgThC828g0F119dfRUpI=
Subject key identifier: AB:A0:F3:40:1E:D7:59:16:4A:BA:A2:C3:C9:E1:5D:65:71:A7:95:DD
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018C2BDEF68FFC581E51494D32FAC02E0283
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/q6DzQB7XWRZKuqLDyeFdZXGnld0.roa
Signing time: Sat 02 Dec 2023 18:51:21 +0000
ROA not before: Sat 02 Dec 2023 18:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 2a14:b87::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2b:de:f6:8f:fc:58:1e:51:49:4d:32:fa:c0:2e:02:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Dec 2 18:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aba0f3401ed759164abaa2c3c9e15d6571a795dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7d:a7:c8:2d:d8:52:22:a0:75:d2:02:ce:09:
67:f8:65:df:52:ff:3d:f7:97:16:d9:35:f4:ca:e7:
e5:80:65:0c:0f:41:a5:79:79:68:9c:23:f2:68:75:
69:69:f9:05:63:c3:d1:cf:b3:ae:e7:b5:44:b3:c5:
c5:64:e9:a7:aa:bf:79:29:2a:ad:8f:c0:d9:31:ce:
c0:f2:67:3b:17:e5:85:b5:df:5b:7a:0e:6c:64:eb:
94:03:74:db:32:22:61:0a:90:43:d8:c9:3f:a7:ee:
65:6c:64:8d:53:14:cd:4d:eb:cf:76:cc:5c:25:19:
43:45:82:86:4b:e6:61:ac:e0:d8:e8:6a:b2:f9:2e:
65:62:30:82:a1:ef:bf:f8:79:9c:6c:45:cc:df:f7:
cf:f6:6b:6f:3d:f9:e7:ca:88:d1:07:04:3f:2a:73:
9f:01:ae:cb:ed:a2:3e:7c:46:8c:63:b8:11:20:20:
a4:e8:98:7b:94:ee:4d:0b:ac:eb:02:5e:32:ee:49:
17:0d:ff:0d:3e:ed:59:74:4a:f5:67:4a:dc:09:54:
58:50:27:10:d5:3e:4c:34:d5:bb:82:0a:92:94:84:
96:17:e8:48:da:8c:08:d7:5a:3e:94:d3:ea:8c:2f:
eb:65:2b:c1:73:2f:c8:26:d1:ac:60:77:ec:85:d5:
e5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A0:F3:40:1E:D7:59:16:4A:BA:A2:C3:C9:E1:5D:65:71:A7:95:DD
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/q6DzQB7XWRZKuqLDyeFdZXGnld0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b87::/32
Signature Algorithm: sha256WithRSAEncryption
76:26:80:1e:c2:f1:d7:db:e8:0b:76:f3:c9:fb:f2:ff:98:cc:
96:15:0d:61:0a:c5:fa:4b:f5:19:5f:fe:ce:61:91:fe:73:c0:
e4:76:e6:03:a2:2c:9f:00:95:b1:5a:14:39:7d:ef:4a:18:ef:
7c:55:90:11:76:a7:df:ff:73:d8:46:6c:52:42:d6:bb:f1:1a:
3b:ba:bc:cb:0c:00:78:e0:bd:78:76:c0:cf:7a:0e:54:6d:17:
d3:dc:80:8a:90:21:a0:94:5c:1e:81:38:62:bd:22:74:52:19:
26:4b:52:f6:27:c6:d6:0c:ef:7d:1d:a8:4b:f8:88:51:ca:b1:
71:68:1f:65:fc:94:13:bc:39:41:71:c9:7c:f2:86:ab:aa:2c:
23:21:6f:2b:27:9c:24:c9:8e:56:3c:5f:3b:5e:06:37:66:f4:
cb:e3:02:00:c1:db:af:e1:03:db:4b:3d:26:a3:8f:70:c7:24:
dc:af:31:7c:61:a9:0d:bd:86:8f:0c:72:63:69:23:7d:1a:5d:
2f:6f:1c:84:17:d0:e5:f1:be:52:37:60:60:c8:4d:40:9d:d5:
66:66:b7:1b:6c:59:fd:ac:9b:c6:df:01:af:24:60:64:5a:3c:
70:4a:c0:4c:37:4a:13:41:ad:07:44:7b:0f:a4:fc:a5:e0:6e:
ef:0d:f8:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwr3vaP/FgeUUlNMvrALgKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjMxMjAyMTg1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmEwZjM0MDFlZDc1OTE2NGFiYWEyYzNjOWUxNWQ2NTcxYTc5NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX2nyC3YUiKgddICzgln+GXfUv89
95cW2TX0yuflgGUMD0GleXlonCPyaHVpafkFY8PRz7Ou57VEs8XFZOmnqr95KSqt
j8DZMc7A8mc7F+WFtd9beg5sZOuUA3TbMiJhCpBD2Mk/p+5lbGSNUxTNTevPdsxc
JRlDRYKGS+ZhrODY6Gqy+S5lYjCCoe+/+HmcbEXM3/fP9mtvPfnnyojRBwQ/KnOf
Aa7L7aI+fEaMY7gRICCk6Jh7lO5NC6zrAl4y7kkXDf8NPu1ZdEr1Z0rcCVRYUCcQ
1T5MNNW7ggqSlISWF+hI2owI11o+lNPqjC/rZSvBcy/IJtGsYHfshdXlfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKug80Ae11kWSrqiw8nhXWVxp5XdMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvcTZEelFCN1hXUlpLdXFMRHllRmRaWEdubGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQLhzAN
BgkqhkiG9w0BAQsFAAOCAQEAdiaAHsLx19voC3bzyfvy/5jMlhUNYQrF+kv1GV/+
zmGR/nPA5HbmA6IsnwCVsVoUOX3vShjvfFWQEXan3/9z2EZsUkLWu/EaO7q8ywwA
eOC9eHbAz3oOVG0X09yAipAhoJRcHoE4Yr0idFIZJktS9ifG1gzvfR2oS/iIUcqx
cWgfZfyUE7w5QXHJfPKGq6osIyFvKyecJMmOVjxfO14GN2b0y+MCAMHbr+ED20s9
JqOPcMck3K8xfGGpDb2GjwxyY2kjfRpdL28chBfQ5fG+UjdgYMhNQJ3VZma3G2xZ
/aybxt8BryRgZFo8cErATDdKE0GtB0R7D6T8peBu7w34Fw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:56 2025 by rpki-client