Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/FnLm5lZ7XYlY6E_P5k5sSH5Qkg4.roa
File: FnLm5lZ7XYlY6E_P5k5sSH5Qkg4.roa (raw, json)
Hash identifier: R22q3xw17iD0alOxm7gpHJ0Kh5G4iWKz2rK+EjOl4L4=
Subject key identifier: 16:72:E6:E6:56:7B:5D:89:58:E8:4F:CF:E6:4E:6C:48:7E:50:92:0E
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 34465216
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/FnLm5lZ7XYlY6E_P5k5sSH5Qkg4.roa
Signing time: Sat 01 Jan 2022 09:57:30 +0000
ROA not before: Sat 01 Jan 2022 09:57:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42925
IP address blocks: 2a02:ed5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 877023766 (0x34465216)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Jan 1 09:57:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1672e6e6567b5d8958e84fcfe64e6c487e50920e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:63:35:8d:cd:ef:98:fb:94:cd:c7:de:f4:63:
d4:37:c3:d1:02:48:9c:e2:d3:f9:fd:14:02:b8:86:
6a:70:bf:21:29:1f:22:2e:3e:ba:be:0f:b5:42:18:
3d:10:ac:fb:7f:3e:e1:94:9a:af:5a:97:89:c9:24:
aa:97:48:8d:6d:be:88:c5:06:3b:06:1c:56:fd:e8:
5b:df:2d:76:85:93:e1:0d:e2:9a:0f:43:c9:73:ad:
2e:48:93:a6:fe:25:46:93:28:77:64:e7:e1:27:36:
38:dc:4d:41:d7:6a:00:36:fb:08:3b:e0:08:0e:ae:
ad:0c:f0:02:78:c3:14:04:9f:54:29:a8:10:26:f7:
36:14:21:df:ec:07:56:a0:fc:1e:a0:02:43:eb:33:
94:9f:23:15:c1:d5:c8:64:f7:f9:03:b5:f6:0f:a9:
36:9f:45:ee:6c:34:b8:c6:0f:d1:ec:c9:45:4f:80:
52:ce:b5:41:fd:74:c1:ce:84:4b:48:5e:af:8d:37:
db:b1:24:48:f0:fc:c8:27:6a:41:46:2e:3d:a2:fa:
8b:f6:80:9d:40:fd:c8:02:4e:0f:e1:07:7e:bc:ca:
59:cb:87:d2:a1:2b:46:f6:28:70:bb:2c:8a:e1:4e:
dc:f0:f9:c1:0c:11:d0:c0:23:27:73:96:8d:16:9d:
55:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:72:E6:E6:56:7B:5D:89:58:E8:4F:CF:E6:4E:6C:48:7E:50:92:0E
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/FnLm5lZ7XYlY6E_P5k5sSH5Qkg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ed5::/32
Signature Algorithm: sha256WithRSAEncryption
23:66:84:e6:8f:99:2c:f2:56:b5:5d:59:3e:3e:be:66:65:9f:
40:0f:4e:04:08:9b:16:0d:a0:63:fc:8c:66:81:6c:8b:75:15:
f9:4a:8e:bf:7b:db:f1:48:06:78:4d:f4:bc:10:4c:14:83:c9:
49:33:c7:63:9b:f0:2c:51:1a:dd:54:2f:49:68:e6:63:df:30:
29:cd:a1:c9:f5:ea:ca:38:a3:be:40:b6:97:ca:30:82:b1:2a:
a2:a3:56:6f:4e:78:f6:75:e5:4c:c9:0d:ef:fc:79:77:3b:1a:
de:73:7e:21:82:e8:51:cb:be:11:33:bd:f1:26:c1:f4:cd:79:
24:79:6b:55:38:39:02:3d:de:68:1d:73:10:ca:ce:ac:40:71:
99:ac:49:19:0c:47:f3:5d:9d:53:e8:fe:c3:6f:46:b5:a8:8a:
36:49:e2:2a:30:9b:c6:25:da:5e:ff:5d:68:2b:88:9f:45:af:
7b:65:74:23:ac:86:d9:cf:8a:23:d7:a0:dc:a2:61:05:0d:51:
2a:62:89:78:6d:6b:2b:ba:96:f7:55:30:92:01:7e:b3:2b:1a:
fc:59:11:e4:79:37:e4:2e:81:39:79:0d:ba:2b:92:2d:1d:9b:
97:13:40:df:83:15:37:69:97:f3:e9:37:87:20:5f:e6:e9:6c:
a7:94:de:7b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIENEZSFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGMwYWE3YjNlM2NiZmY4ODI2MmFkZDkyYjMzOWUzNTA1MWNlMWEwMB4XDTIyMDEw
MTA5NTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY3MmU2ZTY1Njdi
NWQ4OTU4ZTg0ZmNmZTY0ZTZjNDg3ZTUwOTIwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO5jNY3N75j7lM3H3vRj1DfD0QJInOLT+f0UAriGanC/ISkf
Ii4+ur4PtUIYPRCs+38+4ZSar1qXickkqpdIjW2+iMUGOwYcVv3oW98tdoWT4Q3i
mg9DyXOtLkiTpv4lRpMod2Tn4Sc2ONxNQddqADb7CDvgCA6urQzwAnjDFASfVCmo
ECb3NhQh3+wHVqD8HqACQ+szlJ8jFcHVyGT3+QO19g+pNp9F7mw0uMYP0ezJRU+A
Us61Qf10wc6ES0her40327EkSPD8yCdqQUYuPaL6i/aAnUD9yAJOD+EHfrzKWcuH
0qErRvYocLssiuFO3PD5wQwR0MAjJ3OWjRadVTUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQWcubmVntdiVjoT8/mTmxIflCSDjAfBgNVHSMEGDAWgBT0wKp7Pjy/+IJi
rdkrM541BRzhoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlNQ3FlejQ4dl9pQ1lxM1pLek9lTlFVYzRhQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvOWUyYjFhLTE2M2ItNDg1NC05NjFhLWVhNzVkZGY0N2I0YS8x
L0ZuTG01bFo3WFlsWTZFX1A1azVzU0g1UWtnNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
OWUyYjFhLTE2M2ItNDg1NC05NjFhLWVhNzVkZGY0N2I0YS8xLzlNQ3FlejQ4dl9p
Q1lxM1pLek9lTlFVYzRhQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoCDtUwDQYJKoZIhvcNAQELBQAD
ggEBACNmhOaPmSzyVrVdWT4+vmZln0APTgQImxYNoGP8jGaBbIt1FflKjr972/FI
BnhN9LwQTBSDyUkzx2Ob8CxRGt1UL0lo5mPfMCnNocn16so4o75AtpfKMIKxKqKj
Vm9OePZ15UzJDe/8eXc7Gt5zfiGC6FHLvhEzvfEmwfTNeSR5a1U4OQI93mgdcxDK
zqxAcZmsSRkMR/NdnVPo/sNvRrWoijZJ4iowm8Yl2l7/XWgriJ9Fr3tldCOshtnP
iiPXoNyiYQUNUSpiiXhtayu6lvdVMJIBfrMrGvxZEeR5N+QugTl5Dborki0dm5cT
QN+DFTdpl/PpN4cgX+bpbKeU3ns=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:50 2023 by rpki-client on console-fra.rpki-client.org