Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HduLkjD-D-iKXBwj9mXKC3a3coc.roa
File: HduLkjD-D-iKXBwj9mXKC3a3coc.roa (raw, json)
Hash identifier: f1Bkp+O82tNitiGb7rz8uG8hlm8UcMh++BruOP5uTYM=
Subject key identifier: 1D:DB:8B:92:30:FE:0F:E8:8A:5C:1C:23:F6:65:CA:0B:76:B7:72:87
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01898717BF853BC1A1CE766D1B7AA0D8D9E6
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HduLkjD-D-iKXBwj9mXKC3a3coc.roa
Signing time: Mon 24 Jul 2023 08:50:27 +0000
ROA not before: Mon 24 Jul 2023 08:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151338
IP address blocks: 2a0c:9a40:9600::/40 maxlen: 48
2a0c:9a40:9f00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:17:bf:85:3b:c1:a1:ce:76:6d:1b:7a:a0:d8:d9:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jul 24 08:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ddb8b9230fe0fe88a5c1c23f665ca0b76b77287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:53:32:d2:e8:83:47:8b:bd:9a:84:65:55:9c:
d5:42:4f:02:37:1a:5d:f2:52:7f:20:4c:5f:59:b9:
25:02:42:db:d5:3d:7d:58:81:63:de:03:c3:c4:b2:
02:ad:ef:62:1b:85:1f:c5:2a:f2:93:f8:66:64:78:
d5:18:7d:d3:32:35:0e:c0:a8:fc:3f:7f:a8:c7:54:
1a:f2:69:41:13:4d:ae:88:dd:7d:72:5c:43:fc:cf:
3a:e7:e2:26:59:07:f4:95:7b:ea:3d:31:2d:3c:82:
c7:16:bf:9b:da:3f:9c:86:20:d4:a1:38:f5:23:42:
c7:62:73:fc:4c:a3:57:da:fa:f9:1a:c8:e5:29:07:
1d:f5:7d:0d:b7:98:1a:25:aa:06:c7:1a:81:e0:41:
77:da:5d:6a:7e:09:11:29:08:05:d0:95:30:19:e5:
50:41:61:0f:04:1b:ee:87:20:88:74:96:6f:25:b7:
7d:35:47:c4:b5:03:6c:51:54:f9:d1:fa:32:13:56:
41:06:dc:ab:11:eb:e5:01:ca:76:c1:8b:83:fe:0b:
d6:cb:84:46:4f:de:4e:5b:54:8f:dd:58:ff:d0:37:
72:cf:79:0d:5a:36:36:8e:ae:53:f0:25:9d:b0:0d:
fe:ab:05:36:f6:92:01:93:75:da:ed:41:03:67:22:
8a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DB:8B:92:30:FE:0F:E8:8A:5C:1C:23:F6:65:CA:0B:76:B7:72:87
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HduLkjD-D-iKXBwj9mXKC3a3coc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9600::/40
2a0c:9a40:9f00::/40
Signature Algorithm: sha256WithRSAEncryption
5d:5d:0c:7d:d3:56:58:f5:8e:1b:84:e6:66:15:bd:05:91:fc:
63:bf:54:ea:86:69:24:ee:6b:17:d1:08:6d:ed:2b:fc:29:b2:
d9:c9:5c:fb:05:df:6b:2c:0f:f9:cb:a1:a1:6a:73:07:d9:a0:
88:55:ff:4e:0a:8d:84:f3:07:a2:49:a7:aa:99:26:4b:ed:bf:
a8:ae:d2:28:bf:cc:1a:20:82:93:0a:26:48:37:93:e0:10:9f:
fe:cf:a8:94:a5:76:39:39:8a:eb:0b:c9:7c:5a:e9:d1:80:05:
58:44:0c:7a:12:4b:3d:ef:51:87:0d:ac:45:e5:3c:d2:c8:ca:
6d:15:66:bf:2a:cf:e1:8b:7c:d4:a4:ca:a9:f7:46:de:54:e7:
bd:2e:64:9e:ec:d3:b8:72:5e:f6:8f:b2:9b:9a:3d:08:08:75:
06:ab:a5:02:03:68:3e:a9:5c:49:01:b8:24:54:ad:e4:d6:c7:
90:cf:81:8b:3d:60:bf:5e:ce:03:6e:01:bf:e0:06:2f:62:31:
9d:81:13:f1:86:22:34:2c:e7:8a:e3:b7:45:ed:a0:5f:3b:b0:
3c:30:fc:1c:50:ce:ca:6e:cf:ba:5a:50:2e:c6:71:88:9d:18:
a9:50:0a:f0:ca:76:51:c4:ed:40:77:0a:97:83:05:d8:4f:e2:
0a:89:d3:49
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYmHF7+FO8GhznZtG3qg2NnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwNzI0MDg1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRiOGI5MjMwZmUwZmU4OGE1YzFjMjNmNjY1Y2EwYjc2Yjc3Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1My0uiDR4u9moRlVZzVQk8CNxpd
8lJ/IExfWbklAkLb1T19WIFj3gPDxLICre9iG4UfxSryk/hmZHjVGH3TMjUOwKj8
P3+ox1Qa8mlBE02uiN19clxD/M865+ImWQf0lXvqPTEtPILHFr+b2j+chiDUoTj1
I0LHYnP8TKNX2vr5GsjlKQcd9X0Nt5gaJaoGxxqB4EF32l1qfgkRKQgF0JUwGeVQ
QWEPBBvuhyCIdJZvJbd9NUfEtQNsUVT50foyE1ZBBtyrEevlAcp2wYuD/gvWy4RG
T95OW1SP3Vj/0Ddyz3kNWjY2jq5T8CWdsA3+qwU29pIBk3Xa7UEDZyKK9QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFB3bi5Iw/g/oilwcI/Zlygt2t3KHMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvSGR1TGtqRC1ELWlLWEJ3ajltWEtDM2EzY29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgyaQJYD
BgAqDJpAnzANBgkqhkiG9w0BAQsFAAOCAQEAXV0MfdNWWPWOG4TmZhW9BZH8Y79U
6oZpJO5rF9EIbe0r/Cmy2clc+wXfaywP+cuhoWpzB9mgiFX/TgqNhPMHokmnqpkm
S+2/qK7SKL/MGiCCkwomSDeT4BCf/s+olKV2OTmK6wvJfFrp0YAFWEQMehJLPe9R
hw2sReU80sjKbRVmvyrP4Yt81KTKqfdG3lTnvS5knuzTuHJe9o+ym5o9CAh1Bqul
AgNoPqlcSQG4JFSt5NbHkM+Biz1gv17OA24Bv+AGL2IxnYET8YYiNCzniuO3Re2g
XzuwPDD8HFDOym7PulpQLsZxiJ0YqVAK8Mp2UcTtQHcKl4MF2E/iConTSQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:13 2025 by rpki-client