Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/varfAU6Pgmg9_3xx2PiGwVnDsGA.roa
File: varfAU6Pgmg9_3xx2PiGwVnDsGA.roa (raw, json)
Hash identifier: wyhyHtp87l0gPnvutf9UAUPB3p/JI0a6Z/D8bk56ybc=
Subject key identifier: BD:AA:DF:01:4E:8F:82:68:3D:FF:7C:71:D8:F8:86:C1:59:C3:B0:60
Certificate issuer: /CN=fa7eb1115130fac94091061e31462a565226885a
Certificate serial: 018517FADEDEC94C13FFABBF18B8EFE392CC
Authority key identifier: FA:7E:B1:11:51:30:FA:C9:40:91:06:1E:31:46:2A:56:52:26:88:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-n6xEVEw-slAkQYeMUYqVlImiFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/varfAU6Pgmg9_3xx2PiGwVnDsGA.roa
Signing time: Thu 15 Dec 2022 22:49:54 +0000
ROA not before: Thu 15 Dec 2022 22:49:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57521
IP address blocks: 2a13:bc2:3::/48 maxlen: 48
2a13:bc2:2::/48 maxlen: 48
2a13:bc2:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:17:fa:de:de:c9:4c:13:ff:ab:bf:18:b8:ef:e3:92:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa7eb1115130fac94091061e31462a565226885a
Validity
Not Before: Dec 15 22:49:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdaadf014e8f82683dff7c71d8f886c159c3b060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:33:50:19:b2:86:70:bf:8c:22:ad:b5:da:
e7:24:7c:36:fe:12:d5:5c:84:03:16:8f:be:da:66:
5d:50:9f:7d:7b:c9:78:d0:4b:98:27:74:0e:09:2b:
40:b1:fa:ea:41:8c:e9:6c:5b:b4:7b:f5:55:e1:5a:
31:10:48:0b:ec:cb:ad:36:d9:7b:77:f9:20:b8:78:
e9:36:aa:94:1e:64:96:79:6a:ea:2d:9b:52:69:cf:
40:8c:37:16:e1:9a:a6:bf:f0:00:18:1d:33:0a:a6:
7a:e1:2f:1d:2b:19:53:fc:7a:7b:91:b8:91:a3:9b:
67:4b:1b:0b:f7:7b:f8:a0:fa:9e:b4:44:cc:2c:13:
13:4e:76:13:06:4f:ae:84:df:3c:f7:0e:61:63:8f:
27:59:b5:46:42:15:d6:0c:14:eb:6a:fd:28:06:4f:
d7:e8:6d:7a:df:27:37:bc:c2:d9:8e:fa:e7:3f:28:
ac:69:95:6b:c4:8b:40:be:51:ad:f0:6c:41:84:6b:
0d:91:98:64:8a:53:a2:32:a3:2e:a5:8d:e7:bc:c3:
6e:6c:36:8c:ba:be:f7:77:7e:ef:df:15:14:22:2c:
39:92:6a:b7:0d:4a:d6:77:51:11:b1:7a:db:bd:d3:
58:83:b3:0b:f0:05:71:56:09:b1:b2:7a:0f:64:3c:
52:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AA:DF:01:4E:8F:82:68:3D:FF:7C:71:D8:F8:86:C1:59:C3:B0:60
X509v3 Authority Key Identifier:
keyid:FA:7E:B1:11:51:30:FA:C9:40:91:06:1E:31:46:2A:56:52:26:88:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-n6xEVEw-slAkQYeMUYqVlImiFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/varfAU6Pgmg9_3xx2PiGwVnDsGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/1-n6xEVEw-slAkQYeMUYqVlImiFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bc2:2::-2a13:bc2:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:9d:d6:9a:c5:b1:bb:82:f1:88:c4:6f:7a:97:6d:36:5c:99:
de:7a:64:3a:bd:4a:eb:00:8a:a6:0e:df:64:7b:d4:23:8a:32:
58:ce:5a:fa:bc:73:a3:20:fc:76:96:3a:76:90:47:70:a7:51:
60:75:91:04:1b:2a:88:a2:fa:45:fe:1a:c6:31:8b:c4:66:2f:
d4:29:ce:e2:70:5c:14:e8:a6:1c:a4:7a:8c:0d:92:b2:e2:a3:
de:a0:39:97:8d:b8:b8:0b:b5:af:92:64:7c:ee:b1:cd:89:d9:
32:8d:67:97:48:22:65:03:2a:31:c1:fc:ab:1b:06:b0:ee:ee:
d7:cc:20:d4:db:40:16:81:cb:09:e6:76:b1:cf:6b:03:85:06:
68:d1:a3:7b:69:01:eb:dc:09:b7:b8:81:2c:d7:88:cc:4a:7a:
d3:17:c9:e5:8b:b4:15:09:48:fa:1f:f7:ce:8f:5d:99:76:52:
d9:80:5c:3e:44:59:d4:42:35:be:4e:c1:6a:eb:ab:33:ab:c4:
0a:7e:35:ae:ea:dd:8c:62:b4:46:c2:d3:e8:15:e3:60:27:d5:
d9:29:94:df:27:4f:de:48:03:ef:ff:fe:db:e4:2a:2b:4a:f7:
d8:88:65:a6:b0:69:5b:81:a9:ce:7f:9c:3f:77:0b:15:32:3f:
ec:03:a5:3e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYUX+t7eyUwT/6u/GLjv45LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhN2ViMTExNTEzMGZhYzk0MDkxMDYxZTMxNDYyYTU2NTIy
Njg4NWEwHhcNMjIxMjE1MjI0OTU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFhZGYwMTRlOGY4MjY4M2RmZjdjNzFkOGY4ODZjMTU5YzNiMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzgzUBmyhnC/jCKttdrnJHw2/hLV
XIQDFo++2mZdUJ99e8l40EuYJ3QOCStAsfrqQYzpbFu0e/VV4VoxEEgL7MutNtl7
d/kguHjpNqqUHmSWeWrqLZtSac9AjDcW4Zqmv/AAGB0zCqZ64S8dKxlT/Hp7kbiR
o5tnSxsL93v4oPqetETMLBMTTnYTBk+uhN889w5hY48nWbVGQhXWDBTrav0oBk/X
6G163yc3vMLZjvrnPyisaZVrxItAvlGt8GxBhGsNkZhkilOiMqMupY3nvMNubDaM
ur73d37v3xUUIiw5kmq3DUrWd1ERsXrbvdNYg7ML8AVxVgmxsnoPZDxSZwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFL2q3wFOj4JoPf98cdj4hsFZw7BgMB8GA1UdIwQY
MBaAFPp+sRFRMPrJQJEGHjFGKlZSJohaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uNnhFVkV3LXNsQWtRWWVNVVlxVmxJbWlGby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvYzE1ZTk5LTI5NjUtNDc2Zi05YWVm
LThhMjczZjRhZDE1ZC8xL3ZhcmZBVTZQZ21nOV8zeHgyUGlHd1ZuRHNHQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvYzE1ZTk5LTI5NjUtNDc2Zi05YWVmLThhMjczZjRhZDE1
ZC8xLzEtbjZ4RVZFdy1zbEFrUVllTVVZcVZsSW1pRm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMHASoT
C8IAAgMHACoTC8IABDANBgkqhkiG9w0BAQsFAAOCAQEAq53WmsWxu4LxiMRvepdt
NlyZ3npkOr1K6wCKpg7fZHvUI4oyWM5a+rxzoyD8dpY6dpBHcKdRYHWRBBsqiKL6
Rf4axjGLxGYv1CnO4nBcFOimHKR6jA2SsuKj3qA5l424uAu1r5JkfO6xzYnZMo1n
l0giZQMqMcH8qxsGsO7u18wg1NtAFoHLCeZ2sc9rA4UGaNGje2kB69wJt7iBLNeI
zEp60xfJ5Yu0FQlI+h/3zo9dmXZS2YBcPkRZ1EI1vk7BauurM6vECn41rurdjGK0
RsLT6BXjYCfV2SmU3ydP3kgD7//+2+QqK0r32IhlprBpW4Gpzn+cP3cLFTI/7AOl
Pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:17 2024 by rpki-client on console-ams.rpki-client.org