Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/HjgAQ_s3NMXubfWx_CwyV7RRZ-o.roa
File: HjgAQ_s3NMXubfWx_CwyV7RRZ-o.roa (raw, json)
Hash identifier: U1U0Q9V3TpHnMnGRAFiId1FAMAsd8Xwzid/QD6EdD54=
Subject key identifier: 1E:38:00:43:FB:37:34:C5:EE:6D:F5:B1:FC:2C:32:57:B4:51:67:EA
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 01855D3F11DD40340F2AE0E40691EA3D76F2
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/HjgAQ_s3NMXubfWx_CwyV7RRZ-o.roa
Signing time: Thu 29 Dec 2022 09:38:12 +0000
ROA not before: Thu 29 Dec 2022 09:38:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208796
IP address blocks: 2a10:4646:270::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:3f:11:dd:40:34:0f:2a:e0:e4:06:91:ea:3d:76:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Dec 29 09:38:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e380043fb3734c5ee6df5b1fc2c3257b45167ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:9d:6d:3a:b1:72:12:45:3d:a2:68:21:8b:
c6:f0:3d:62:c2:63:66:e6:e5:0c:cc:fd:72:2d:a3:
b1:d5:d3:76:9f:4e:2d:1c:4f:d1:fe:38:bd:51:fa:
93:19:08:70:b6:79:92:d3:9e:e1:e8:34:7d:bc:64:
9e:3d:dd:91:6d:f3:55:fb:5a:cd:28:d1:01:fb:d8:
63:6e:22:bc:f3:a5:e9:b8:9b:00:cf:1b:21:a8:52:
26:48:2b:7f:f6:63:d0:c5:a3:97:a0:91:6a:3f:8e:
d6:79:33:33:6f:6a:07:59:5a:bd:01:22:ac:dc:52:
45:3e:6d:c6:f8:57:dd:0f:13:0c:6b:7b:84:73:50:
66:57:80:f8:0a:93:c0:f9:51:a9:ce:c0:21:c6:64:
f4:5e:6b:57:f2:83:c5:e2:65:6a:7d:2d:ed:b8:f6:
26:65:65:b2:5f:51:fc:25:dc:60:70:9e:63:7e:3a:
60:78:6e:3a:5a:d2:ae:5b:4d:4c:b9:f5:04:b3:d8:
85:9a:b7:dd:7b:6c:d9:56:6f:5e:48:8e:e4:3b:09:
be:74:73:5e:a0:62:77:ea:5c:61:b5:4f:80:53:3e:
4d:7c:8c:62:2b:b2:a2:66:52:43:80:ca:9d:25:ce:
92:99:b7:39:f7:7a:fd:a9:57:14:d0:8f:0a:ec:36:
4d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:38:00:43:FB:37:34:C5:EE:6D:F5:B1:FC:2C:32:57:B4:51:67:EA
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/HjgAQ_s3NMXubfWx_CwyV7RRZ-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:270::/44
Signature Algorithm: sha256WithRSAEncryption
58:0b:8c:1c:f3:cf:59:d6:0d:04:aa:e3:72:3f:4a:7e:3c:22:
9f:5b:6e:0b:56:46:0f:44:fc:eb:e8:e6:4d:66:09:8f:65:15:
f5:ba:42:96:a0:f7:cb:d6:d0:ff:91:55:f9:b6:8f:18:1c:fd:
a7:f9:bf:51:c5:1e:83:d0:8f:53:8a:73:10:9e:b6:5c:f3:35:
be:9f:44:f4:a0:8a:f9:9b:c0:60:34:4b:23:f4:8e:10:2a:4f:
ed:11:4e:12:8d:06:7d:82:20:db:2d:d5:a4:a5:a1:7b:3b:ba:
08:2e:e5:c3:8d:a9:76:8d:a6:c0:0d:f4:fc:3a:88:46:7b:71:
0a:ce:b7:d0:c7:03:8a:5e:12:c7:88:33:4d:88:66:8f:5d:7e:
9b:7c:4f:81:2e:c2:21:95:22:e3:71:98:b3:5e:4a:dc:48:18:
10:9e:5e:ed:9f:09:b2:11:ba:0a:21:de:b1:50:d5:99:e9:bf:
41:28:b7:af:74:4c:0c:4e:5e:65:2e:9d:58:45:30:c0:c8:97:
1b:74:ba:6f:4c:76:7d:97:d8:c5:33:dc:69:44:e4:b6:75:5a:
13:05:38:3f:95:42:3f:36:f1:5d:08:d7:9d:a3:c1:2c:87:19:
7d:2c:7e:f1:bb:66:69:0e:f9:a7:80:20:b7:f1:a5:0d:c8:f7:
5e:93:4b:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVdPxHdQDQPKuDkBpHqPXbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjIxMjI5MDkzODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTM4MDA0M2ZiMzczNGM1ZWU2ZGY1YjFmYzJjMzI1N2I0NTE2N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVidbTqxchJFPaJoIYvG8D1iwmNm
5uUMzP1yLaOx1dN2n04tHE/R/ji9UfqTGQhwtnmS057h6DR9vGSePd2RbfNV+1rN
KNEB+9hjbiK886XpuJsAzxshqFImSCt/9mPQxaOXoJFqP47WeTMzb2oHWVq9ASKs
3FJFPm3G+FfdDxMMa3uEc1BmV4D4CpPA+VGpzsAhxmT0XmtX8oPF4mVqfS3tuPYm
ZWWyX1H8JdxgcJ5jfjpgeG46WtKuW01MufUEs9iFmrfde2zZVm9eSI7kOwm+dHNe
oGJ36lxhtU+AUz5NfIxiK7KiZlJDgMqdJc6Smbc593r9qVcU0I8K7DZNPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB44AEP7NzTF7m31sfwsMle0UWfqMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvSGpnQVFfczNOTVh1YmZXeF9Dd3lWN1JSWi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgJw
MA0GCSqGSIb3DQEBCwUAA4IBAQBYC4wc889Z1g0EquNyP0p+PCKfW24LVkYPRPzr
6OZNZgmPZRX1ukKWoPfL1tD/kVX5to8YHP2n+b9RxR6D0I9TinMQnrZc8zW+n0T0
oIr5m8BgNEsj9I4QKk/tEU4SjQZ9giDbLdWkpaF7O7oILuXDjal2jabADfT8OohG
e3EKzrfQxwOKXhLHiDNNiGaPXX6bfE+BLsIhlSLjcZizXkrcSBgQnl7tnwmyEboK
Id6xUNWZ6b9BKLevdEwMTl5lLp1YRTDAyJcbdLpvTHZ9l9jFM9xpROS2dVoTBTg/
lUI/NvFdCNedo8Eshxl9LH7xu2ZpDvmngCC38aUNyPdek0tW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org