Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/1-HM_oLR6cQeFvAEOJQvT7DoG1C8.roa
File: 1-HM_oLR6cQeFvAEOJQvT7DoG1C8.roa (raw, json)
Hash identifier: ghDc7wlDspANvpq9MBQ88EkzWDCTwYbJ/72lfjJ3T/I=
Subject key identifier: F8:73:3F:A0:B4:7A:71:07:85:BC:01:0E:25:0B:D3:EC:3A:06:D4:2F
Certificate issuer: /CN=5aa67ff34f94aefc3a54d5487c0b48b4dfba0c82
Certificate serial: 0127A682
Authority key identifier: 5A:A6:7F:F3:4F:94:AE:FC:3A:54:D5:48:7C:0B:48:B4:DF:BA:0C:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/1-HM_oLR6cQeFvAEOJQvT7DoG1C8.roa
Signing time: Sat 01 Jan 2022 11:02:00 +0000
ROA not before: Sat 01 Jan 2022 11:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210833
IP address blocks: 2001:67c:828::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19375746 (0x127a682)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa67ff34f94aefc3a54d5487c0b48b4dfba0c82
Validity
Not Before: Jan 1 11:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8733fa0b47a710785bc010e250bd3ec3a06d42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b1:00:a5:ad:0f:6d:2f:b2:7c:90:12:c7:61:
f4:c2:5a:12:f8:53:bd:7d:3c:31:7b:e4:5d:de:7a:
fb:23:73:64:c4:16:96:c9:1d:4f:96:63:0c:42:44:
89:86:5b:28:f8:5b:d1:fb:3e:37:9e:c1:88:93:84:
c3:8b:dc:81:41:8b:03:30:eb:73:c5:15:6a:81:b8:
11:17:dd:ee:ec:cc:af:e8:ad:06:3a:5f:af:d3:ce:
c2:1a:02:d6:73:fb:40:8e:ac:0c:d0:21:b5:1b:be:
29:56:22:23:51:e3:28:bb:33:74:9e:3a:05:85:f0:
ba:26:12:a4:56:f9:17:5a:fa:17:e7:4e:6b:29:aa:
95:58:1f:dc:d6:f0:5a:72:77:83:8b:c7:0a:e4:eb:
13:2f:df:80:ef:ab:fd:df:68:a2:e0:cc:90:92:b2:
5d:5f:c8:9a:eb:b9:2f:a3:3e:5e:37:1e:25:02:da:
af:6e:ec:d0:97:dc:33:ce:0a:53:34:62:d4:66:e4:
f3:d1:6a:6b:e7:9a:65:b5:56:e7:7d:5b:d2:9c:45:
2f:0b:bd:db:bd:a5:e1:8d:60:63:a4:2a:f8:b6:16:
5e:7c:f5:f9:a2:df:7c:3b:fc:b3:14:68:cb:2b:70:
97:55:bb:4a:7b:9a:93:b0:0c:ad:11:14:60:9a:c2:
82:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:73:3F:A0:B4:7A:71:07:85:BC:01:0E:25:0B:D3:EC:3A:06:D4:2F
X509v3 Authority Key Identifier:
keyid:5A:A6:7F:F3:4F:94:AE:FC:3A:54:D5:48:7C:0B:48:B4:DF:BA:0C:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/1-HM_oLR6cQeFvAEOJQvT7DoG1C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/WqZ_80-Urvw6VNVIfAtItN-6DII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:828::/48
Signature Algorithm: sha256WithRSAEncryption
80:c4:21:c7:17:ae:5d:c5:2c:5b:7f:fd:d3:ad:f9:3d:3a:16:
1b:82:8b:39:7c:29:5d:59:d1:da:16:d6:99:b4:6e:e7:47:12:
53:27:03:6a:8b:63:5d:fc:98:83:b9:00:5d:92:f4:8a:1f:65:
49:dc:bc:2d:b3:6b:f4:d3:7b:c9:06:15:02:41:c6:87:8c:78:
00:c0:de:97:de:70:93:c8:e6:df:fd:6e:c4:e7:00:e5:41:ae:
63:b4:e9:d0:e9:58:be:de:fc:a9:ef:80:9a:5c:50:5e:0f:06:
5c:95:a4:09:df:57:fd:a3:56:83:7c:90:f1:a4:58:d6:82:7c:
ef:33:26:4b:42:29:6a:36:fe:24:56:a5:70:13:76:bc:5f:55:
94:86:b3:4f:38:24:93:f6:91:f1:9b:70:d4:9c:b0:56:76:a0:
19:fd:73:c1:f4:dc:d3:7e:c4:35:09:b2:48:ec:5f:c1:5b:0d:
05:ee:e9:94:90:b4:92:fb:ab:15:c4:2e:f1:12:27:48:a4:07:
b7:76:d7:37:67:74:9f:0e:95:2d:04:af:a7:a5:49:50:3c:03:
1e:1f:0f:5c:2a:fc:ac:a6:60:e3:e0:d8:69:46:59:51:2a:e6:
e2:37:f5:47:50:b7:71:0b:b5:62:b5:02:dd:3c:c6:40:e5:fb:
68:e7:50:e1
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEASemgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWE2N2ZmMzRmOTRhZWZjM2E1NGQ1NDg3YzBiNDhiNGRmYmEwYzgyMB4XDTIyMDEw
MTExMDIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg3MzNmYTBiNDdh
NzEwNzg1YmMwMTBlMjUwYmQzZWMzYTA2ZDQyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMixAKWtD20vsnyQEsdh9MJaEvhTvX08MXvkXd56+yNzZMQW
lskdT5ZjDEJEiYZbKPhb0fs+N57BiJOEw4vcgUGLAzDrc8UVaoG4ERfd7uzMr+it
Bjpfr9POwhoC1nP7QI6sDNAhtRu+KVYiI1HjKLszdJ46BYXwuiYSpFb5F1r6F+dO
aymqlVgf3NbwWnJ3g4vHCuTrEy/fgO+r/d9oouDMkJKyXV/Imuu5L6M+XjceJQLa
r27s0JfcM84KUzRi1Gbk89Fqa+eaZbVW531b0pxFLwu9272l4Y1gY6Qq+LYWXnz1
+aLffDv8sxRoyytwl1W7Snuak7AMrREUYJrCgikCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT4cz+gtHpxB4W8AQ4lC9PsOgbULzAfBgNVHSMEGDAWgBRapn/zT5Su/DpU
1Uh8C0i037oMgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dxWl84MC1VcnZ3NlZOVklmQXRJdE4tNkRJSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvZmFiYmE5LWVlYWEtNDJlMy04Nzc2LTg1MWExZjhiZjE4MC8x
LzEtSE1fb0xSNmNRZUZ2QUVPSlF2VDdEb0cxQzgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAz
L2ZhYmJhOS1lZWFhLTQyZTMtODc3Ni04NTFhMWY4YmYxODAvMS9XcVpfODAtVXJ2
dzZWTlZJZkF0SXROLTZESUkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ8CCgwDQYJKoZIhvcNAQEL
BQADggEBAIDEIccXrl3FLFt//dOt+T06FhuCizl8KV1Z0doW1pm0budHElMnA2qL
Y138mIO5AF2S9IofZUncvC2za/TTe8kGFQJBxoeMeADA3pfecJPI5t/9bsTnAOVB
rmO06dDpWL7e/KnvgJpcUF4PBlyVpAnfV/2jVoN8kPGkWNaCfO8zJktCKWo2/iRW
pXATdrxfVZSGs084JJP2kfGbcNScsFZ2oBn9c8H03NN+xDUJskjsX8FbDQXu6ZSQ
tJL7qxXELvESJ0ikB7d21zdndJ8OlS0Er6elSVA8Ax4fD1wq/KymYOPg2GlGWVEq
5uI39UdQt3ELtWK1At08xkDl+2jnUOE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:33 2025 by rpki-client