Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/vFbI_CKdrlVvaBYVoGQxwiwqytM.roa
File: vFbI_CKdrlVvaBYVoGQxwiwqytM.roa (raw, json)
Hash identifier: 1S0EY7BX/g8UNhXSyCE6F62P/ujxDjBbhhB6q2Pe05U=
Subject key identifier: BC:56:C8:FC:22:9D:AE:55:6F:68:16:15:A0:64:31:C2:2C:2A:CA:D3
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 01856F796DAEA1D033C18C95B875AB5A6D27
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/vFbI_CKdrlVvaBYVoGQxwiwqytM.roa
Signing time: Sun 01 Jan 2023 22:35:06 +0000
ROA not before: Sun 01 Jan 2023 22:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396828
IP address blocks: 2a10:eec0:b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:6d:ae:a1:d0:33:c1:8c:95:b8:75:ab:5a:6d:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 22:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc56c8fc229dae556f681615a06431c22c2acad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:30:ed:3f:f9:c0:f8:0c:e3:5d:0a:9e:ac:ad:
13:f4:a4:ce:7c:fc:67:e4:05:76:ac:2a:e6:f6:37:
a7:cd:cc:8a:e7:64:13:e5:7a:78:b3:5e:05:72:fd:
29:fd:e2:16:8e:0d:3d:a1:68:84:ce:d9:d1:d8:12:
aa:1d:7a:0c:1e:50:58:6a:b5:66:40:af:27:27:d1:
3e:38:8c:46:4a:5a:23:1a:02:b8:0f:4d:96:cf:78:
a5:d0:c4:23:fd:f7:9a:6a:26:10:d6:09:63:66:8a:
c6:eb:06:1a:71:16:aa:27:ae:9e:37:09:d0:b1:04:
5f:af:f2:79:a2:43:0c:64:76:d2:57:bd:2f:09:8d:
9c:8a:7e:27:0e:2a:a1:7a:7d:c4:45:64:dd:68:15:
40:77:07:16:56:ee:77:5b:b7:10:78:39:1f:38:37:
68:77:06:eb:76:3d:9a:28:07:be:4d:83:ae:75:e9:
cc:e5:1c:68:c4:b6:ee:c4:7a:0d:9e:cb:c4:e4:ed:
b6:9e:1d:a6:17:49:1a:46:84:9a:86:6d:00:dc:3f:
4d:98:d2:38:a8:ab:90:a4:32:7f:0f:a3:85:fd:fa:
bf:47:04:c2:af:42:2f:e5:38:67:9a:91:af:95:cd:
bc:ba:2a:88:71:00:31:53:37:9e:25:c5:07:55:09:
50:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:56:C8:FC:22:9D:AE:55:6F:68:16:15:A0:64:31:C2:2C:2A:CA:D3
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/vFbI_CKdrlVvaBYVoGQxwiwqytM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:eec0:b::/48
Signature Algorithm: sha256WithRSAEncryption
64:d4:91:d1:45:06:49:35:8e:64:b4:d6:4b:fc:bc:38:af:7f:
17:1d:36:67:8b:a3:e0:dc:76:c1:88:7a:b8:24:1d:84:e2:ce:
d8:57:04:30:fd:5e:99:21:92:86:db:f6:e8:d7:02:d5:86:30:
24:91:c5:0f:69:0c:bf:4c:13:d7:b6:43:8c:74:98:71:bb:57:
0b:38:06:ef:b3:de:3b:94:35:47:19:ce:a2:1a:40:d7:0e:e5:
96:f6:ce:9c:a3:e2:58:50:92:e6:22:1b:ed:15:87:d0:55:d2:
7d:ce:de:43:48:d0:56:5c:9a:a0:1c:f7:e6:d9:94:d5:33:9a:
bb:f1:f2:b2:3b:6a:21:98:e7:1b:94:2b:a0:be:47:92:af:4b:
33:2f:2c:3a:bc:2d:8a:68:f5:62:10:fb:28:f9:a5:a5:fb:4f:
bc:9c:7e:9d:04:19:2e:05:f1:88:8e:f9:2b:fe:2b:3b:6b:d8:
a5:8e:a3:55:3a:8d:25:90:da:33:3f:dd:92:3a:4c:13:73:d6:
0c:9a:1f:da:7c:ff:0f:09:f9:5e:76:46:1d:7c:87:57:53:fc:
49:3a:9c:dc:55:da:b8:29:b3:21:8c:4d:68:c9:14:ac:62:33:
ad:d4:6b:df:82:95:20:82:c1:00:1c:da:a4:e9:1f:74:7f:46:
1d:72:9c:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVveW2uodAzwYyVuHWrWm0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjMwMTAxMjIzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU2YzhmYzIyOWRhZTU1NmY2ODE2MTVhMDY0MzFjMjJjMmFjYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjDtP/nA+AzjXQqerK0T9KTOfPxn
5AV2rCrm9jenzcyK52QT5Xp4s14Fcv0p/eIWjg09oWiEztnR2BKqHXoMHlBYarVm
QK8nJ9E+OIxGSlojGgK4D02Wz3il0MQj/feaaiYQ1gljZorG6wYacRaqJ66eNwnQ
sQRfr/J5okMMZHbSV70vCY2cin4nDiqhen3ERWTdaBVAdwcWVu53W7cQeDkfODdo
dwbrdj2aKAe+TYOudenM5RxoxLbuxHoNnsvE5O22nh2mF0kaRoSahm0A3D9NmNI4
qKuQpDJ/D6OF/fq/RwTCr0Iv5ThnmpGvlc28uiqIcQAxUzeeJcUHVQlQQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLxWyPwina5Vb2gWFaBkMcIsKsrTMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvdkZiSV9DS2RybFZ2YUJZVm9HUXh3aXdxeXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDuwAAL
MA0GCSqGSIb3DQEBCwUAA4IBAQBk1JHRRQZJNY5ktNZL/Lw4r38XHTZni6Pg3HbB
iHq4JB2E4s7YVwQw/V6ZIZKG2/bo1wLVhjAkkcUPaQy/TBPXtkOMdJhxu1cLOAbv
s947lDVHGc6iGkDXDuWW9s6co+JYUJLmIhvtFYfQVdJ9zt5DSNBWXJqgHPfm2ZTV
M5q78fKyO2ohmOcblCugvkeSr0szLyw6vC2KaPViEPso+aWl+0+8nH6dBBkuBfGI
jvkr/is7a9iljqNVOo0lkNozP92SOkwTc9YMmh/afP8PCfledkYdfIdXU/xJOpzc
Vdq4KbMhjE1oyRSsYjOt1GvfgpUggsEAHNqk6R90f0Ydcpyt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:26 2025 by rpki-client