Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/FmBjAhP_3jBboVYpg3nzm0BrFF0.roa
File: FmBjAhP_3jBboVYpg3nzm0BrFF0.roa (raw, json)
Hash identifier: NagI/uetmNmVNPXjceNuQLDKwgf0/kTRAm5EuPOVNzk=
Subject key identifier: 16:60:63:02:13:FF:DE:30:5B:A1:56:29:83:79:F3:9B:40:6B:14:5D
Certificate issuer: /CN=b2749bc9cd2cf8dffcf2ffed7884fbc13cb3e45d
Certificate serial: 03133C9E
Authority key identifier: B2:74:9B:C9:CD:2C:F8:DF:FC:F2:FF:ED:78:84:FB:C1:3C:B3:E4:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snSbyc0s-N_88v_teIT7wTyz5F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/FmBjAhP_3jBboVYpg3nzm0BrFF0.roa
Signing time: Sat 01 Jan 2022 00:51:55 +0000
ROA not before: Sat 01 Jan 2022 00:51:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50873
IP address blocks: 2001:678:580::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51592350 (0x3133c9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2749bc9cd2cf8dffcf2ffed7884fbc13cb3e45d
Validity
Not Before: Jan 1 00:51:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1660630213ffde305ba156298379f39b406b145d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:76:d9:3b:cd:8c:99:91:8f:17:6b:9b:8c:db:
26:c3:87:18:d7:0d:58:58:0f:38:52:4f:95:56:b3:
bd:87:71:3f:12:4f:d6:58:f3:e5:fc:5e:ba:60:89:
95:66:69:ef:7f:3d:c8:3c:23:04:8c:6c:06:fa:5d:
35:50:5d:7d:9b:a9:11:5b:0b:81:dc:d2:a8:76:b3:
fe:55:e8:4f:b0:20:d2:66:b6:89:34:f0:67:e1:97:
11:6a:b3:5c:6b:c9:b4:7e:46:1d:e3:72:ac:74:81:
fe:ea:6b:3d:da:76:76:15:2e:6e:63:29:78:39:5c:
f1:a4:fc:9f:bd:9e:8c:4d:e5:8f:9a:f1:8f:35:0e:
07:69:1a:b1:25:e3:97:ac:0f:11:de:16:ef:8c:7a:
c5:b0:b1:4e:0a:55:56:60:07:0d:5a:f1:1e:5f:ff:
79:a5:9f:15:b3:12:56:b8:2e:f9:95:d4:38:42:b4:
07:9e:38:1d:b1:4e:97:99:bd:08:e8:86:6a:32:ed:
1d:85:b9:80:e4:2b:69:48:98:c8:c2:90:e6:c0:72:
c3:77:31:9d:20:db:6b:21:26:44:70:ed:cb:95:07:
fa:19:8e:60:51:34:dd:05:77:69:79:42:bd:67:c9:
07:64:a9:90:20:ad:a5:a4:a2:85:0e:c8:32:d0:e5:
c4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:60:63:02:13:FF:DE:30:5B:A1:56:29:83:79:F3:9B:40:6B:14:5D
X509v3 Authority Key Identifier:
keyid:B2:74:9B:C9:CD:2C:F8:DF:FC:F2:FF:ED:78:84:FB:C1:3C:B3:E4:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snSbyc0s-N_88v_teIT7wTyz5F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/FmBjAhP_3jBboVYpg3nzm0BrFF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/snSbyc0s-N_88v_teIT7wTyz5F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:580::/48
Signature Algorithm: sha256WithRSAEncryption
8e:09:82:2d:50:cc:d2:4b:33:1b:32:e4:f1:17:82:33:80:ea:
d9:8c:0c:da:c4:6f:b3:0b:68:7f:99:6e:a7:69:dd:3e:7a:f6:
9b:cc:af:21:2c:42:04:ba:4b:93:dd:b1:f7:ae:55:04:07:b1:
3e:92:25:d9:7f:17:5e:84:25:43:d9:46:a8:71:b3:60:12:3f:
ec:13:ec:d4:4a:07:80:a3:d3:41:03:bc:69:eb:f6:51:41:6a:
ad:e1:77:83:f4:95:3e:36:b5:f8:a4:22:0f:5f:d6:cf:6f:aa:
c4:57:dd:0f:42:e7:54:59:09:c7:0c:d1:53:5c:01:c5:c7:67:
b1:44:a0:f5:2b:06:63:24:09:8c:a7:87:86:e9:6b:de:1c:64:
54:4a:ef:73:c5:81:25:d1:40:9b:6b:8c:61:24:0d:ce:47:26:
3f:4e:df:57:d4:13:bd:c8:15:4a:83:83:04:6e:50:37:df:98:
67:2a:af:fb:9a:98:9e:e4:ac:bf:e2:d5:38:10:e3:21:55:5b:
9b:a8:ac:74:7e:c2:09:87:e7:39:64:b0:7f:ac:05:56:90:9d:
34:c9:6e:b5:0a:3a:c8:c6:35:e1:d8:29:64:bd:5c:42:83:65:
a6:eb:12:91:72:64:1a:3c:96:ca:a9:6f:1c:d6:4a:b2:9c:aa:
f8:5b:0b:fd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAxM8njANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Mjc0OWJjOWNkMmNmOGRmZmNmMmZmZWQ3ODg0ZmJjMTNjYjNlNDVkMB4XDTIyMDEw
MTAwNTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY2MDYzMDIxM2Zm
ZGUzMDViYTE1NjI5ODM3OWYzOWI0MDZiMTQ1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMl22TvNjJmRjxdrm4zbJsOHGNcNWFgPOFJPlVazvYdxPxJP
1ljz5fxeumCJlWZp7389yDwjBIxsBvpdNVBdfZupEVsLgdzSqHaz/lXoT7Ag0ma2
iTTwZ+GXEWqzXGvJtH5GHeNyrHSB/uprPdp2dhUubmMpeDlc8aT8n72ejE3lj5rx
jzUOB2kasSXjl6wPEd4W74x6xbCxTgpVVmAHDVrxHl//eaWfFbMSVrgu+ZXUOEK0
B544HbFOl5m9COiGajLtHYW5gOQraUiYyMKQ5sByw3cxnSDbayEmRHDty5UH+hmO
YFE03QV3aXlCvWfJB2SpkCCtpaSihQ7IMtDlxC8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQWYGMCE//eMFuhVimDefObQGsUXTAfBgNVHSMEGDAWgBSydJvJzSz43/zy
/+14hPvBPLPkXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NuU2J5YzBzLU5fODh2X3RlSVQ3d1R5ejVGMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvYWM4ZmRjLTlkNTUtNDVkYi1hMjQzLWYxNjY5N2Q3MmE3MS8x
L0ZtQmpBaFBfM2pCYm9WWXBnM256bTBCckZGMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
YWM4ZmRjLTlkNTUtNDVkYi1hMjQzLWYxNjY5N2Q3MmE3MS8xL3NuU2J5YzBzLU5f
ODh2X3RlSVQ3d1R5ejVGMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngFgDANBgkqhkiG9w0BAQsF
AAOCAQEAjgmCLVDM0kszGzLk8ReCM4Dq2YwM2sRvswtof5lup2ndPnr2m8yvISxC
BLpLk92x965VBAexPpIl2X8XXoQlQ9lGqHGzYBI/7BPs1EoHgKPTQQO8aev2UUFq
reF3g/SVPja1+KQiD1/Wz2+qxFfdD0LnVFkJxwzRU1wBxcdnsUSg9SsGYyQJjKeH
hulr3hxkVErvc8WBJdFAm2uMYSQNzkcmP07fV9QTvcgVSoODBG5QN9+YZyqv+5qY
nuSsv+LVOBDjIVVbm6isdH7CCYfnOWSwf6wFVpCdNMlutQo6yMY14dgpZL1cQoNl
pusSkXJkGjyWyqlvHNZKspyq+FsL/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:20 2024 by rpki-client on console-ams.rpki-client.org