Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/hpgxmhO0GhdSuHYPb18gSkHJM48.roa
File: hpgxmhO0GhdSuHYPb18gSkHJM48.roa (raw, json)
Hash identifier: sVy1arPNqeMssrCViUPFxRb27KVCjhxreEUjIJ8OYLA=
Subject key identifier: 86:98:31:9A:13:B4:1A:17:52:B8:76:0F:6F:5F:20:4A:41:C9:33:8F
Certificate issuer: /CN=230aa160a6e886c103dadbe44b23c27776057391
Certificate serial: 0185706737EB2839DF24088A5F6A9A037A1B
Authority key identifier: 23:0A:A1:60:A6:E8:86:C1:03:DA:DB:E4:4B:23:C2:77:76:05:73:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwqhYKbohsED2tvkSyPCd3YFc5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/hpgxmhO0GhdSuHYPb18gSkHJM48.roa
Signing time: Mon 02 Jan 2023 02:54:50 +0000
ROA not before: Mon 02 Jan 2023 02:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56662
IP address blocks: 2001:67c:21ec::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:37:eb:28:39:df:24:08:8a:5f:6a:9a:03:7a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230aa160a6e886c103dadbe44b23c27776057391
Validity
Not Before: Jan 2 02:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8698319a13b41a1752b8760f6f5f204a41c9338f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:11:dc:8d:97:d5:c2:3a:85:bf:a7:94:fc:81:
67:1a:4d:ca:8c:8a:5c:9d:67:3d:c6:27:3f:74:f6:
92:39:47:d0:04:c6:1c:81:35:3e:69:f7:82:55:45:
b5:51:8e:6d:ed:ec:df:df:51:b1:93:b3:26:de:73:
30:be:9c:6e:a2:9c:fc:ff:4f:66:f6:0e:40:f3:02:
f1:9b:7f:db:22:53:15:b5:08:a6:b5:f6:14:04:7d:
9f:91:2a:e7:92:a5:f4:fd:62:f7:12:4a:28:1a:ad:
e4:1e:f3:0a:3d:b1:9a:42:25:93:00:07:af:f0:eb:
7b:da:c1:22:5e:10:07:b2:ec:7b:6c:ef:9a:84:99:
64:42:4f:a2:c9:34:7e:4c:f7:ec:94:47:00:3e:cd:
6c:e6:2d:c8:bd:ea:52:6d:20:a7:d2:63:6e:86:29:
87:49:7c:3b:02:fd:84:02:18:37:d4:9e:b1:99:75:
13:d3:5e:21:6a:bd:46:7d:cf:3d:34:7c:53:d4:90:
36:83:fe:78:2c:53:85:f5:b2:d8:53:f4:cd:ff:a3:
2a:b7:ef:10:21:b1:8f:be:62:7e:4f:c9:7b:5a:b1:
a1:c4:f5:27:5f:98:7a:97:d2:92:4f:09:50:49:cc:
bd:0e:c8:24:05:b7:91:f0:6e:f7:9d:7a:e0:30:9a:
18:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:98:31:9A:13:B4:1A:17:52:B8:76:0F:6F:5F:20:4A:41:C9:33:8F
X509v3 Authority Key Identifier:
keyid:23:0A:A1:60:A6:E8:86:C1:03:DA:DB:E4:4B:23:C2:77:76:05:73:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwqhYKbohsED2tvkSyPCd3YFc5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/hpgxmhO0GhdSuHYPb18gSkHJM48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:21ec::/48
Signature Algorithm: sha256WithRSAEncryption
42:11:a4:f3:ed:cf:2c:88:a6:9d:58:bd:0e:8f:0e:c4:d3:bf:
53:e1:83:8f:70:57:e7:01:8b:66:81:ef:ce:8b:e7:8c:9d:6c:
c4:4d:f6:d5:43:0e:92:5e:8f:44:0e:cf:68:39:2e:0a:d3:16:
96:78:76:15:6e:e0:c1:af:6f:38:99:3c:23:49:f0:5a:3f:f2:
db:b3:0f:dc:51:00:24:f7:bc:68:5a:b6:76:49:ca:66:43:b1:
10:6c:4b:08:75:d5:14:b2:43:f7:be:8c:b4:cf:fc:07:53:31:
f5:12:d3:8f:7c:4f:0c:c3:72:d1:1a:f4:8f:4c:35:4f:ee:d7:
31:66:7b:31:e9:03:e4:fa:b4:b6:43:3e:63:71:1d:57:8d:16:
64:d8:c7:8f:33:fa:24:18:f9:e9:ed:d7:10:72:62:0d:56:d9:
f2:07:f4:94:d9:f0:65:3c:9c:4e:cb:68:90:63:d9:d0:fa:88:
03:29:98:16:80:14:2c:f9:8f:5f:7c:f5:b0:18:0b:7c:26:03:
e1:28:4a:05:ad:42:bb:37:ae:45:00:0c:62:62:33:9e:13:47:
a8:1b:12:7c:7e:0e:e7:32:d2:1b:bd:4c:99:ba:ab:d7:ed:55:
96:57:0a:34:26:47:b1:e4:4a:9e:f6:55:55:4a:a0:e2:52:19:
27:79:60:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwZzfrKDnfJAiKX2qaA3obMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMGFhMTYwYTZlODg2YzEwM2RhZGJlNDRiMjNjMjc3NzYw
NTczOTEwHhcNMjMwMTAyMDI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk4MzE5YTEzYjQxYTE3NTJiODc2MGY2ZjVmMjA0YTQxYzkzMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxHcjZfVwjqFv6eU/IFnGk3KjIpc
nWc9xic/dPaSOUfQBMYcgTU+afeCVUW1UY5t7ezf31Gxk7Mm3nMwvpxuopz8/09m
9g5A8wLxm3/bIlMVtQimtfYUBH2fkSrnkqX0/WL3EkooGq3kHvMKPbGaQiWTAAev
8Ot72sEiXhAHsux7bO+ahJlkQk+iyTR+TPfslEcAPs1s5i3IvepSbSCn0mNuhimH
SXw7Av2EAhg31J6xmXUT014har1Gfc89NHxT1JA2g/54LFOF9bLYU/TN/6Mqt+8Q
IbGPvmJ+T8l7WrGhxPUnX5h6l9KSTwlQScy9DsgkBbeR8G73nXrgMJoY2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIaYMZoTtBoXUrh2D29fIEpByTOPMB8GA1UdIwQY
MBaAFCMKoWCm6IbBA9rb5Esjwnd2BXORMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdxaFlLYm9oc0VEMnR2a1N5UENkM1lGYzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82ZWI1NGUtZTcwOS00YjdhLWFkZTkt
YTlhZWI0ODVkNTkyLzEvaHBneG1oTzBHaGRTdUhZUGIxOGdTa0hKTTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82ZWI1NGUtZTcwOS00YjdhLWFkZTktYTlhZWI0ODVkNTky
LzEvSXdxaFlLYm9oc0VEMnR2a1N5UENkM1lGYzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCHs
MA0GCSqGSIb3DQEBCwUAA4IBAQBCEaTz7c8siKadWL0Ojw7E079T4YOPcFfnAYtm
ge/Oi+eMnWzETfbVQw6SXo9EDs9oOS4K0xaWeHYVbuDBr284mTwjSfBaP/Lbsw/c
UQAk97xoWrZ2ScpmQ7EQbEsIddUUskP3voy0z/wHUzH1EtOPfE8Mw3LRGvSPTDVP
7tcxZnsx6QPk+rS2Qz5jcR1XjRZk2MePM/okGPnp7dcQcmINVtnyB/SU2fBlPJxO
y2iQY9nQ+ogDKZgWgBQs+Y9ffPWwGAt8JgPhKEoFrUK7N65FAAxiYjOeE0eoGxJ8
fg7nMtIbvUyZuqvX7VWWVwo0Jkex5Eqe9lVVSqDiUhkneWC8
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:11:24 2025 by rpki-client