Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/AmBbLMQx6_0QtH8FoQZbkeGJCuQ.roa
File: AmBbLMQx6_0QtH8FoQZbkeGJCuQ.roa (raw, json)
Hash identifier: EM0b3qC/fcJxMTsE4y7vWIbNto8CtMRERJ553dPHVMs=
Subject key identifier: 02:60:5B:2C:C4:31:EB:FD:10:B4:7F:05:A1:06:5B:91:E1:89:0A:E4
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018C2DFB1F7C58F33EEDD6C8CC5769B8071E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/AmBbLMQx6_0QtH8FoQZbkeGJCuQ.roa
Signing time: Sun 03 Dec 2023 04:41:21 +0000
ROA not before: Sun 03 Dec 2023 04:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3175
IP address blocks: 2a11:4b42::/32 maxlen: 32
2a11:4b41::/32 maxlen: 32
2a0e:c380::/29 maxlen: 29
2a11:4b43::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2d:fb:1f:7c:58:f3:3e:ed:d6:c8:cc:57:69:b8:07:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Dec 3 04:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02605b2cc431ebfd10b47f05a1065b91e1890ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3c:99:52:53:42:bb:3c:2e:6d:c1:86:73:d1:
75:15:e0:51:9c:63:90:a4:e4:a4:ca:6d:ea:b6:95:
33:83:45:cd:d5:6b:a6:ec:82:3d:c9:54:c4:ab:28:
8a:9a:9e:f6:9b:2e:ba:5b:b0:6d:88:bb:d9:47:73:
53:25:1a:23:66:2b:cb:2a:a1:c2:49:bc:ff:2a:6a:
60:bc:86:fd:0f:d0:79:ae:59:1f:0a:89:31:5f:d8:
24:3b:63:a0:ba:15:1b:d1:74:b7:af:e6:13:ab:d6:
77:65:78:c9:66:c5:64:04:3b:8b:82:0b:69:b2:09:
2a:3d:42:b4:5c:67:56:a4:3d:77:f7:38:05:67:93:
c3:09:4f:a2:f1:99:d3:90:0e:df:c9:7a:9a:bf:97:
41:d4:12:2a:83:f8:65:5d:70:e5:73:d5:6b:ae:fa:
a1:76:89:d1:85:eb:31:86:07:b0:1d:db:20:45:76:
46:38:18:1f:59:2f:c5:7b:8a:df:41:b9:fd:e4:51:
83:7c:af:2a:05:5d:27:d7:37:38:39:74:69:de:e9:
bc:64:c9:5c:83:a8:f4:89:7f:39:3d:c0:97:75:11:
50:d2:a0:db:c6:41:ac:5c:81:be:2f:44:00:2a:c2:
6d:bc:9f:7d:3f:13:74:dc:f4:58:0d:42:aa:27:b1:
0a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:60:5B:2C:C4:31:EB:FD:10:B4:7F:05:A1:06:5B:91:E1:89:0A:E4
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/AmBbLMQx6_0QtH8FoQZbkeGJCuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c380::/29
2a11:4b41::-2a11:4b43:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:7e:a1:97:ae:4e:c7:ce:0c:74:32:a1:8f:9e:05:34:16:81:
3c:75:62:91:97:99:7f:7a:bc:50:af:14:82:6a:21:c6:0e:23:
39:0a:16:72:97:5d:d6:af:43:bb:c4:3a:09:66:7b:4c:a7:10:
53:a6:55:af:a1:b9:33:03:76:3d:8b:f1:f9:34:b6:80:a9:9d:
39:af:04:b6:2b:5d:49:a2:42:7e:6d:d7:8a:ad:c6:55:b4:38:
97:54:7d:dc:21:ec:b6:eb:dc:e3:12:a2:e4:19:79:9e:a3:11:
8f:88:36:16:0d:71:92:e0:0c:7d:a1:fc:81:79:e6:d2:aa:56:
e2:c7:2e:a5:07:44:96:76:4e:e0:fe:d9:df:94:02:70:f1:52:
ec:1a:1f:78:08:c9:e4:27:48:7f:59:cf:d0:73:fb:7d:69:21:
15:61:78:96:20:8b:66:cc:2b:09:fa:8c:a1:69:21:58:1c:40:
c8:e9:22:49:91:d3:55:ec:32:2f:1c:47:d3:dd:a3:24:a9:eb:
ae:74:a9:db:56:fb:eb:db:ca:b0:b5:c8:be:3f:c9:8d:b6:f3:
cf:4b:f7:f6:7b:60:bf:75:88:2e:55:45:75:28:97:38:3c:75:
d7:1e:11:12:9e:ee:4e:d0:a7:d9:2a:2f:c0:22:b6:ed:68:a7:
2a:77:d3:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwt+x98WPM+7dbIzFdpuAceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMjAzMDQ0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYwNWIyY2M0MzFlYmZkMTBiNDdmMDVhMTA2NWI5MWUxODkwYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDyZUlNCuzwubcGGc9F1FeBRnGOQ
pOSkym3qtpUzg0XN1Wum7II9yVTEqyiKmp72my66W7BtiLvZR3NTJRojZivLKqHC
Sbz/KmpgvIb9D9B5rlkfCokxX9gkO2OguhUb0XS3r+YTq9Z3ZXjJZsVkBDuLggtp
sgkqPUK0XGdWpD139zgFZ5PDCU+i8ZnTkA7fyXqav5dB1BIqg/hlXXDlc9Vrrvqh
donRhesxhgewHdsgRXZGOBgfWS/Fe4rfQbn95FGDfK8qBV0n1zc4OXRp3um8ZMlc
g6j0iX85PcCXdRFQ0qDbxkGsXIG+L0QAKsJtvJ99PxN03PRYDUKqJ7EKNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAJgWyzEMev9ELR/BaEGW5HhiQrkMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQW1CYkxNUXg2XzBRdEg4Rm9RWmJrZUdKQ3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKg7DgDAO
AwUAKhFLQQMFAioRS0AwDQYJKoZIhvcNAQELBQADggEBAJB+oZeuTsfODHQyoY+e
BTQWgTx1YpGXmX96vFCvFIJqIcYOIzkKFnKXXdavQ7vEOglme0ynEFOmVa+huTMD
dj2L8fk0toCpnTmvBLYrXUmiQn5t14qtxlW0OJdUfdwh7Lbr3OMSouQZeZ6jEY+I
NhYNcZLgDH2h/IF55tKqVuLHLqUHRJZ2TuD+2d+UAnDxUuwaH3gIyeQnSH9Zz9Bz
+31pIRVheJYgi2bMKwn6jKFpIVgcQMjpIkmR01XsMi8cR9PdoySp6650qdtW++vb
yrC1yL4/yY22889L9/Z7YL91iC5VRXUolzg8ddceERKe7k7Qp9kqL8Aitu1opyp3
03s=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:17 2025 by rpki-client