Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/HJFy5IFYrr-a7OvgPf8mZ3Lk-9w.roa
File: HJFy5IFYrr-a7OvgPf8mZ3Lk-9w.roa (raw, json)
Hash identifier: ha7cAIKF7NV/4bF8Wx1tonP57KwQWitN4WsF9d6miR0=
Subject key identifier: 1C:91:72:E4:81:58:AE:BF:9A:EC:EB:E0:3D:FF:26:67:72:E4:FB:DC
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 2C970E95
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/HJFy5IFYrr-a7OvgPf8mZ3Lk-9w.roa
Signing time: Sat 01 Jan 2022 04:59:30 +0000
ROA not before: Sat 01 Jan 2022 04:59:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20555
IP address blocks: 2001:1a68:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 748097173 (0x2c970e95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 1 04:59:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c9172e48158aebf9aecebe03dff266772e4fbdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1d:7b:f5:62:b4:5e:69:5a:2a:e6:1a:ee:a6:
07:d4:43:71:0f:91:78:3e:ab:f7:42:19:f1:f2:7a:
ae:8b:3c:f5:93:2f:75:24:0a:1a:df:fc:24:84:4d:
e4:04:7f:bb:e5:49:76:91:f3:56:64:6a:d8:79:17:
9c:b8:52:e7:7b:3b:15:da:4c:05:37:83:7d:68:2e:
a4:e8:88:8d:54:02:c7:63:88:58:06:e1:06:14:d5:
0a:cf:d9:e1:39:a3:4d:3f:43:18:3c:27:e3:59:d2:
87:da:20:34:d2:df:70:a2:8a:ec:4a:c1:26:83:02:
2e:89:b5:6d:7c:20:ae:8a:e3:3a:8c:5e:f5:5c:7d:
c6:71:7a:59:b1:be:8d:38:59:4e:b3:f6:c9:d2:ac:
0a:5d:0f:d2:cd:c2:2e:bb:30:a3:c1:65:1b:50:34:
27:7c:21:91:7a:5f:ad:4a:42:04:19:7e:43:c8:9d:
a2:76:e1:cb:ee:13:bc:21:33:e7:a7:26:00:a7:1b:
b8:44:67:7f:a7:70:85:93:a5:67:0f:e7:86:7d:5c:
7c:68:79:b7:fa:e9:f5:4f:12:78:22:af:42:07:32:
9b:30:78:8a:f3:b5:cf:e8:cc:37:fb:26:6c:b8:13:
ed:9b:83:35:bc:40:96:4b:05:8d:34:1b:ac:46:33:
8b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:91:72:E4:81:58:AE:BF:9A:EC:EB:E0:3D:FF:26:67:72:E4:FB:DC
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/HJFy5IFYrr-a7OvgPf8mZ3Lk-9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1a68:a::/48
Signature Algorithm: sha256WithRSAEncryption
16:43:7d:98:51:c1:10:6a:bc:06:7a:b9:ec:d0:c8:f7:0d:09:
1c:ed:60:31:6a:31:e5:9a:ab:81:fc:be:9c:71:ec:e4:f0:07:
94:af:a1:a7:c1:3b:5f:84:fe:eb:0a:17:eb:27:d3:e7:37:dc:
c2:19:4b:cb:2d:8b:20:50:d7:21:be:49:fe:ab:95:fc:fe:a2:
71:12:84:8f:29:35:39:aa:69:3a:96:7e:20:ec:3a:eb:bb:3f:
64:f4:c6:5e:dc:1b:c4:30:90:5a:2e:58:90:82:35:4e:f9:0b:
3a:f2:ee:1c:98:6e:66:59:f6:3d:2f:8a:36:96:1e:fa:71:a6:
20:9b:c6:38:e0:60:18:3b:77:c1:ff:2e:86:29:94:c5:40:ae:
43:53:a2:33:03:9e:bd:ec:4e:04:05:8c:cb:cf:22:fa:68:70:
d0:a5:14:b5:d3:5d:70:0e:9a:0d:1f:3c:c0:e2:b1:0d:c0:e2:
af:af:83:7b:d3:07:4e:08:62:af:25:4e:6c:01:58:f9:c9:17:
73:0a:2c:f2:84:6c:da:63:f3:0b:56:26:f8:03:74:ba:9c:a9:
ad:47:6c:a7:30:d5:47:c6:77:e5:2a:3a:38:c1:52:65:39:ce:
de:fb:ff:5d:e2:b1:20:1a:78:4d:6e:9d:3e:f7:51:dc:77:90:
0d:91:a8:b1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIELJcOlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM5MTcyZTQ4MTU4
YWViZjlhZWNlYmUwM2RmZjI2Njc3MmU0ZmJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgde/VitF5pWirmGu6mB9RDcQ+ReD6r90IZ8fJ6ros89ZMv
dSQKGt/8JIRN5AR/u+VJdpHzVmRq2HkXnLhS53s7FdpMBTeDfWgupOiIjVQCx2OI
WAbhBhTVCs/Z4TmjTT9DGDwn41nSh9ogNNLfcKKK7ErBJoMCLom1bXwgrorjOoxe
9Vx9xnF6WbG+jThZTrP2ydKsCl0P0s3CLrswo8FlG1A0J3whkXpfrUpCBBl+Q8id
onbhy+4TvCEz56cmAKcbuERnf6dwhZOlZw/nhn1cfGh5t/rp9U8SeCKvQgcymzB4
ivO1z+jMN/smbLgT7ZuDNbxAlksFjTQbrEYzixUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQckXLkgViuv5rs6+A9/yZncuT73DAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L0hKRnk1SUZZcnItYTdPdmdQZjhtWjNMay05dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABGmgACjANBgkqhkiG9w0BAQsF
AAOCAQEAFkN9mFHBEGq8Bnq57NDI9w0JHO1gMWox5Zqrgfy+nHHs5PAHlK+hp8E7
X4T+6woX6yfT5zfcwhlLyy2LIFDXIb5J/quV/P6icRKEjyk1OappOpZ+IOw667s/
ZPTGXtwbxDCQWi5YkII1TvkLOvLuHJhuZln2PS+KNpYe+nGmIJvGOOBgGDt3wf8u
himUxUCuQ1OiMwOevexOBAWMy88i+mhw0KUUtdNdcA6aDR88wOKxDcDir6+De9MH
TghiryVObAFY+ckXcwos8oRs2mPzC1Ym+AN0upyprUdspzDVR8Z35So6OMFSZTnO
3vv/XeKxIBp4TW6dPvdR3HeQDZGosQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:08 2025 by rpki-client