Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/798623-6dbe-4688-a465-cec265ddac47/1/FlN-PRbYtssql0HKg1NnDSLjJB4.roa
File: FlN-PRbYtssql0HKg1NnDSLjJB4.roa (raw, json)
Hash identifier: I+kupkDYkJjFy0GhKd6VNrV+8dUJH/rgwAU1XoROv0w=
Subject key identifier: 16:53:7E:3D:16:D8:B6:CB:2A:97:41:CA:83:53:67:0D:22:E3:24:1E
Certificate issuer: /CN=eb5e28c2eff3cf35c3c1cc3d67baa3df05055f99
Certificate serial: 08E3860B
Authority key identifier: EB:5E:28:C2:EF:F3:CF:35:C3:C1:CC:3D:67:BA:A3:DF:05:05:5F:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/614owu_zzzXDwcw9Z7qj3wUFX5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/798623-6dbe-4688-a465-cec265ddac47/1/FlN-PRbYtssql0HKg1NnDSLjJB4.roa
Signing time: Sat 01 Jan 2022 04:58:51 +0000
ROA not before: Sat 01 Jan 2022 04:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209220
IP address blocks: 2001:678:a38::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149128715 (0x8e3860b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb5e28c2eff3cf35c3c1cc3d67baa3df05055f99
Validity
Not Before: Jan 1 04:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16537e3d16d8b6cb2a9741ca8353670d22e3241e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:3c:2a:df:dc:8d:e0:31:ed:71:97:c5:1a:
3a:2e:22:f3:9c:aa:e8:8d:b1:26:f8:1c:67:f4:47:
16:c3:b4:33:40:45:30:c2:33:4c:bf:e9:b3:3a:8e:
c9:41:a8:58:d0:28:40:1e:09:24:d3:55:fe:33:c0:
f9:5e:1c:d6:7d:e0:53:4e:0c:37:a9:13:25:42:70:
a4:ff:3f:c0:10:fb:38:6b:a4:c0:9d:87:49:d0:f3:
82:af:9b:19:91:4f:a2:ff:75:ee:b0:ba:54:06:f1:
b8:fb:ef:ec:22:e4:9a:13:42:2e:28:bc:aa:54:ca:
5b:bf:9e:42:9f:b2:10:ac:9c:6c:2a:a8:44:7b:88:
6d:ce:d6:2e:54:eb:15:b9:46:be:b0:8e:ce:a5:6c:
3d:da:33:b9:d2:24:f7:7b:eb:38:5c:96:60:19:90:
79:a1:b9:f4:45:e3:82:e3:11:ef:1d:de:18:1c:3d:
07:25:ee:23:44:89:a3:1f:ba:8b:c1:32:4e:89:28:
1b:70:45:58:37:95:5f:6f:06:85:58:8f:05:c7:ca:
24:1f:67:41:7d:df:83:f4:6f:01:af:e0:cf:24:0a:
d9:d9:6f:72:b7:c2:0c:84:af:4b:7a:36:6b:07:2f:
fd:15:be:27:6d:93:94:3c:1f:70:81:46:4b:9f:ed:
73:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:53:7E:3D:16:D8:B6:CB:2A:97:41:CA:83:53:67:0D:22:E3:24:1E
X509v3 Authority Key Identifier:
keyid:EB:5E:28:C2:EF:F3:CF:35:C3:C1:CC:3D:67:BA:A3:DF:05:05:5F:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/614owu_zzzXDwcw9Z7qj3wUFX5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/798623-6dbe-4688-a465-cec265ddac47/1/FlN-PRbYtssql0HKg1NnDSLjJB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/798623-6dbe-4688-a465-cec265ddac47/1/614owu_zzzXDwcw9Z7qj3wUFX5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a38::/48
Signature Algorithm: sha256WithRSAEncryption
80:ed:40:bf:68:c4:76:85:8c:29:84:e0:f3:63:d5:1c:b4:45:
00:5d:f8:81:ca:6e:a4:12:e6:db:96:fb:d4:b8:77:74:2c:7e:
23:09:8c:dc:97:4c:f5:3a:ae:c4:b9:d3:78:db:03:63:98:ff:
b5:a3:12:af:c4:62:31:d6:b9:0f:f8:6e:ab:ee:e5:2f:d0:e9:
0b:bd:b4:5e:ea:ab:2c:c8:34:16:10:bd:73:c7:db:2c:9f:9b:
00:e2:ec:06:11:f9:9f:3a:29:3d:d0:d6:57:0b:5c:46:df:43:
f2:82:a8:b3:d2:cf:5f:18:7c:66:90:d6:6c:50:38:23:bc:b0:
85:c2:dc:c8:31:a8:b5:26:cf:53:af:30:64:62:40:a4:8b:6f:
f1:e7:e5:88:9b:0c:2c:6b:ae:40:3b:57:c2:1a:7d:37:bf:42:
11:a8:6d:dd:c1:ef:29:a4:39:0f:02:f1:4f:f4:d8:b3:4a:68:
df:6e:e7:99:c3:fc:4d:ea:6c:d2:2e:29:4b:3a:21:07:ab:5c:
9a:bf:ac:cb:13:75:c6:49:b7:b9:4f:cd:db:99:31:03:3d:7b:
8d:fa:8d:f9:d5:b0:c4:bf:4e:4d:04:2e:4a:15:e1:ad:10:90:
75:fb:6a:4c:64:09:15:d4:31:c1:c0:bf:bd:0b:8a:48:15:4f:
82:c4:e0:50
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECOOGCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjVlMjhjMmVmZjNjZjM1YzNjMWNjM2Q2N2JhYTNkZjA1MDU1Zjk5MB4XDTIyMDEw
MTA0NTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY1MzdlM2QxNmQ4
YjZjYjJhOTc0MWNhODM1MzY3MGQyMmUzMjQxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDHPCrf3I3gMe1xl8UaOi4i85yq6I2xJvgcZ/RHFsO0M0BF
MMIzTL/pszqOyUGoWNAoQB4JJNNV/jPA+V4c1n3gU04MN6kTJUJwpP8/wBD7OGuk
wJ2HSdDzgq+bGZFPov917rC6VAbxuPvv7CLkmhNCLii8qlTKW7+eQp+yEKycbCqo
RHuIbc7WLlTrFblGvrCOzqVsPdozudIk93vrOFyWYBmQeaG59EXjguMR7x3eGBw9
ByXuI0SJox+6i8EyTokoG3BFWDeVX28GhViPBcfKJB9nQX3fg/RvAa/gzyQK2dlv
crfCDISvS3o2awcv/RW+J22TlDwfcIFGS5/tc1kCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQWU349Fti2yyqXQcqDU2cNIuMkHjAfBgNVHSMEGDAWgBTrXijC7/PPNcPB
zD1nuqPfBQVfmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYxNG93dV96enpYRHdjdzlaN3FqM3dVRlg1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvNzk4NjIzLTZkYmUtNDY4OC1hNDY1LWNlYzI2NWRkYWM0Ny8x
L0ZsTi1QUmJZdHNzcWwwSEtnMU5uRFNMakpCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
Nzk4NjIzLTZkYmUtNDY4OC1hNDY1LWNlYzI2NWRkYWM0Ny8xLzYxNG93dV96enpY
RHdjdzlaN3FqM3dVRlg1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngKODANBgkqhkiG9w0BAQsF
AAOCAQEAgO1Av2jEdoWMKYTg82PVHLRFAF34gcpupBLm25b71Lh3dCx+IwmM3JdM
9TquxLnTeNsDY5j/taMSr8RiMda5D/huq+7lL9DpC720XuqrLMg0FhC9c8fbLJ+b
AOLsBhH5nzopPdDWVwtcRt9D8oKos9LPXxh8ZpDWbFA4I7ywhcLcyDGotSbPU68w
ZGJApItv8efliJsMLGuuQDtXwhp9N79CEaht3cHvKaQ5DwLxT/TYs0po327nmcP8
Teps0i4pSzohB6tcmr+syxN1xkm3uU/N25kxAz17jfqN+dWwxL9OTQQuShXhrRCQ
dftqTGQJFdQxwcC/vQuKSBVPgsTgUA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:16:04 2025 by rpki-client