Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/hu5oGMQv-itS-EDfLXni-LI-yX8.roa
File: hu5oGMQv-itS-EDfLXni-LI-yX8.roa (raw, json)
Hash identifier: BGbtdQD44FUGR3tt/NszoiMv4bOMOpuW61UOYlUcKNA=
Subject key identifier: 86:EE:68:18:C4:2F:FA:2B:52:F8:40:DF:2D:79:E2:F8:B2:3E:C9:7F
Certificate issuer: /CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Certificate serial: 0BA12079
Authority key identifier: 41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/hu5oGMQv-itS-EDfLXni-LI-yX8.roa
Signing time: Sat 01 Jan 2022 11:58:32 +0000
ROA not before: Sat 01 Jan 2022 11:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200924
IP address blocks: 2001:67c:2a10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195108985 (0xba12079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Validity
Not Before: Jan 1 11:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86ee6818c42ffa2b52f840df2d79e2f8b23ec97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7a:d1:0d:23:db:c8:dd:f1:02:96:23:7d:3d:
3a:a1:6d:85:32:ac:bb:03:b9:1c:e9:f2:5e:14:bf:
ee:43:44:47:eb:f1:60:8a:56:f8:02:2b:3c:3f:c0:
42:b8:20:00:ef:ad:4c:86:62:46:7e:51:38:3f:57:
62:97:f4:28:03:0c:41:a5:15:8e:e3:bd:2c:07:b2:
29:a3:6c:5a:6d:10:c8:91:48:00:74:58:7b:67:05:
80:ef:e3:7c:81:07:2f:ba:f3:bc:31:5d:cb:9f:1c:
48:74:fe:4c:1c:33:0b:80:9e:cb:4e:9a:61:ac:1a:
f7:7f:1a:78:d4:d2:83:ba:90:5a:0b:37:23:f1:63:
50:a5:2c:47:0a:f5:86:59:8b:70:85:24:25:b8:00:
ca:e1:2c:77:0b:d6:c2:bf:85:ab:29:3e:1d:42:2a:
4d:14:17:36:84:54:da:18:d2:bf:6d:46:c7:8a:6e:
d3:34:0d:a8:b0:ba:de:b9:71:20:54:81:83:aa:2a:
55:29:9d:3f:54:d8:65:47:2e:5e:49:46:45:d9:70:
c8:5d:6f:af:ed:77:92:01:b1:8b:54:8c:e4:09:a6:
da:e3:3d:2a:fc:f8:c2:b3:03:ec:6e:a3:95:eb:4c:
29:3f:f9:7c:83:67:68:04:96:1e:ea:ed:65:f8:ae:
6c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EE:68:18:C4:2F:FA:2B:52:F8:40:DF:2D:79:E2:F8:B2:3E:C9:7F
X509v3 Authority Key Identifier:
keyid:41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/hu5oGMQv-itS-EDfLXni-LI-yX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2a10::/48
Signature Algorithm: sha256WithRSAEncryption
56:16:ac:03:56:da:82:00:a2:e8:c9:e3:2c:b8:7a:9d:07:b2:
58:f5:77:d1:0e:86:e6:e3:2a:2e:9c:6e:08:19:1e:a0:45:d7:
0a:3b:21:4e:06:f5:90:5c:e8:19:43:7b:ae:65:d4:6e:b8:c6:
10:ed:52:a3:02:32:8b:26:d3:ee:3a:e0:32:11:e0:f1:50:42:
18:56:da:f2:63:3e:07:53:d2:e8:34:b7:ac:9c:1a:3e:be:13:
2a:af:62:98:aa:39:3e:ef:d6:9a:6a:40:1e:f3:4f:57:6f:cb:
df:a7:9c:e9:f0:ef:2a:30:d4:ed:da:20:26:b6:c0:e7:f1:9f:
17:20:cd:c4:e4:ee:2d:1b:d9:98:7f:f3:f1:e4:ee:48:a8:26:
c8:cc:67:68:8b:f2:d9:45:14:12:cc:76:a6:c2:e7:16:ea:a6:
cd:6c:22:95:8d:c0:e6:ab:bd:b9:81:30:af:83:8f:bc:f7:c2:
a0:a6:21:d1:e2:d9:0e:cb:4c:be:92:64:57:64:cb:4f:4e:13:
c2:ba:d3:51:ed:84:6c:a7:bc:d5:1f:82:84:3d:8e:7b:49:6e:
37:26:e7:70:92:5c:a2:18:ee:79:b8:cc:e0:db:40:e1:ac:f9:
45:3e:56:59:81:cc:c5:40:8d:54:fe:3f:c6:0e:12:00:9a:b6:
d0:42:4b:0e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC6EgeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWQxNGYyOGY5OGQzYmRjYzQ1ZTE5MjI2ZjFmNTYxNzBlMzEyYWJmMB4XDTIyMDEw
MTExNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZlZTY4MThjNDJm
ZmEyYjUyZjg0MGRmMmQ3OWUyZjhiMjNlYzk3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMl60Q0j28jd8QKWI309OqFthTKsuwO5HOnyXhS/7kNER+vx
YIpW+AIrPD/AQrggAO+tTIZiRn5ROD9XYpf0KAMMQaUVjuO9LAeyKaNsWm0QyJFI
AHRYe2cFgO/jfIEHL7rzvDFdy58cSHT+TBwzC4Cey06aYawa938aeNTSg7qQWgs3
I/FjUKUsRwr1hlmLcIUkJbgAyuEsdwvWwr+Fqyk+HUIqTRQXNoRU2hjSv21Gx4pu
0zQNqLC63rlxIFSBg6oqVSmdP1TYZUcuXklGRdlwyF1vr+13kgGxi1SM5Amm2uM9
Kvz4wrMD7G6jletMKT/5fINnaASWHurtZfiubP0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSG7mgYxC/6K1L4QN8teeL4sj7JfzAfBgNVHSMEGDAWgBRB0U8o+Y073MRe
GSJvH1YXDjEqvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FkRlBLUG1OTzl6RVhoa2lieDlXRnc0eEtyOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYTA3NGUyLTY2ZWEtNDNjYy05NGE3LWIzODA0NTMyNjdmOS8x
L2h1NW9HTVF2LWl0Uy1FRGZMWG5pLUxJLXlYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YTA3NGUyLTY2ZWEtNDNjYy05NGE3LWIzODA0NTMyNjdmOS8xL1FkRlBLUG1OTzl6
RVhoa2lieDlXRnc0eEtyOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwqEDANBgkqhkiG9w0BAQsF
AAOCAQEAVhasA1baggCi6MnjLLh6nQeyWPV30Q6G5uMqLpxuCBkeoEXXCjshTgb1
kFzoGUN7rmXUbrjGEO1SowIyiybT7jrgMhHg8VBCGFba8mM+B1PS6DS3rJwaPr4T
Kq9imKo5Pu/WmmpAHvNPV2/L36ec6fDvKjDU7dogJrbA5/GfFyDNxOTuLRvZmH/z
8eTuSKgmyMxnaIvy2UUUEsx2psLnFuqmzWwilY3A5qu9uYEwr4OPvPfCoKYh0eLZ
DstMvpJkV2TLT04TwrrTUe2EbKe81R+ChD2Oe0luNybncJJcohjuebjM4NtA4az5
RT5WWYHMxUCNVP4/xg4SAJq20EJLDg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:58 2025 by rpki-client