Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/bDevHhknHwnh3HsoHtQcVU7K318.roa
File: bDevHhknHwnh3HsoHtQcVU7K318.roa (raw, json)
Hash identifier: a2YISKw1ZkkB3zZgXPIKOM2oYzsme1x3xOFhL7EqIvw=
Subject key identifier: 6C:37:AF:1E:19:27:1F:09:E1:DC:7B:28:1E:D4:1C:55:4E:CA:DF:5F
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01865F1415CD9BFDA40E2B5CD2EF70A0AA3C
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/bDevHhknHwnh3HsoHtQcVU7K318.roa
Signing time: Fri 17 Feb 2023 11:13:17 +0000
ROA not before: Fri 17 Feb 2023 11:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 2001:678:20::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:14:15:cd:9b:fd:a4:0e:2b:5c:d2:ef:70:a0:aa:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 17 11:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c37af1e19271f09e1dc7b281ed41c554ecadf5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:31:12:4f:35:20:09:31:ee:87:0c:34:fc:40:
1f:81:c2:ca:31:f7:b1:c5:24:39:9e:d7:c9:74:4d:
10:6e:84:e6:96:68:3a:b9:c2:06:bc:af:cb:40:1d:
64:75:80:3f:eb:b2:4d:61:95:ab:07:aa:b9:95:92:
64:27:53:29:5f:0e:92:2f:c4:5b:7e:b6:4f:1f:69:
fb:cf:e6:61:33:76:8b:b0:5b:34:c4:86:1a:11:02:
87:43:62:8d:87:fb:e3:ac:a3:6b:42:3c:12:4a:2e:
fb:8b:1e:67:42:20:cd:38:c7:07:95:30:71:be:9a:
1b:ce:ed:55:1c:71:81:04:c9:6f:38:76:ca:b3:a2:
2d:d8:96:d8:5e:63:1f:96:d2:44:7a:1c:70:75:ff:
a1:d6:2c:fe:17:c9:1c:ea:9c:9a:4b:c7:2d:e8:02:
1a:49:47:3f:f9:f5:a2:67:a5:a6:fb:3d:44:91:9e:
eb:bb:c6:84:d0:bc:6d:16:30:da:34:1c:c1:20:13:
de:4f:46:42:94:7e:16:6a:bf:26:76:1d:58:4b:fe:
ed:d7:1a:86:89:b0:53:73:4f:d6:f6:d7:83:27:e5:
76:45:fc:35:6f:99:c2:0e:6c:f2:3f:ad:da:d0:b4:
90:bc:09:02:6a:be:87:fb:e0:e6:4b:57:bd:41:78:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:37:AF:1E:19:27:1F:09:E1:DC:7B:28:1E:D4:1C:55:4E:CA:DF:5F
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/bDevHhknHwnh3HsoHtQcVU7K318.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2001:67c:1bc::/48
2a02:850:ffe0::/48
Signature Algorithm: sha256WithRSAEncryption
01:db:c5:01:df:8d:51:f3:7e:7c:7a:dd:f5:18:81:e6:d5:ad:
59:ea:cb:29:f1:98:68:3a:7c:e6:a1:ab:17:7b:a8:e5:5b:af:
cb:42:dc:61:bc:be:4f:69:37:39:3c:0a:33:7a:6a:e8:28:81:
5a:3f:82:14:c7:22:c6:c4:43:b0:d6:84:4e:02:fa:2d:cb:b6:
f3:d9:cb:99:52:bd:59:83:2a:69:eb:70:a3:45:c4:ae:3e:21:
58:e0:90:50:36:6b:50:cb:9e:da:5e:af:2a:ad:f6:44:ef:cd:
24:1e:a6:e6:7c:fe:54:c3:bb:1c:27:cd:c9:11:50:65:ac:d0:
68:58:84:7b:e4:f5:9b:a7:c3:28:8a:a8:cf:65:6e:fe:86:aa:
1f:af:7b:8d:67:8b:57:2b:59:de:15:27:45:be:24:23:a5:90:
41:7f:b9:a6:f1:77:27:8d:48:d0:95:9d:ae:31:e9:f2:40:e9:
22:df:4d:71:f8:1d:20:1a:31:cc:01:f0:16:5a:07:76:38:dc:
ba:02:83:a7:d7:9a:9f:28:de:8c:1f:ba:0b:e9:46:0d:68:51:
a7:c7:c0:55:a1:96:7b:55:0d:41:13:b0:7a:ef:f3:1b:5b:ff:
09:a8:6c:a0:2a:63:79:14:01:65:3d:05:fd:a4:37:78:92:b3:
3e:bb:3e:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZfFBXNm/2kDitc0u9woKo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjE3MTExMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM3YWYxZTE5MjcxZjA5ZTFkYzdiMjgxZWQ0MWM1NTRlY2FkZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTESTzUgCTHuhww0/EAfgcLKMfex
xSQ5ntfJdE0QboTmlmg6ucIGvK/LQB1kdYA/67JNYZWrB6q5lZJkJ1MpXw6SL8Rb
frZPH2n7z+ZhM3aLsFs0xIYaEQKHQ2KNh/vjrKNrQjwSSi77ix5nQiDNOMcHlTBx
vpobzu1VHHGBBMlvOHbKs6It2JbYXmMfltJEehxwdf+h1iz+F8kc6pyaS8ct6AIa
SUc/+fWiZ6Wm+z1EkZ7ru8aE0LxtFjDaNBzBIBPeT0ZClH4War8mdh1YS/7t1xqG
ibBTc0/W9teDJ+V2Rfw1b5nCDmzyP63a0LSQvAkCar6H++DmS1e9QXhQKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGw3rx4ZJx8J4dx7KB7UHFVOyt9fMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvYkRldkhoa25Id25oM0hzb0h0UWNWVTdLMzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeAAg
AwcAIAEGfAG8AwcAKgIIUP/gMA0GCSqGSIb3DQEBCwUAA4IBAQAB28UB341R8358
et31GIHm1a1Z6ssp8ZhoOnzmoasXe6jlW6/LQtxhvL5PaTc5PAozemroKIFaP4IU
xyLGxEOw1oROAvoty7bz2cuZUr1Zgypp63CjRcSuPiFY4JBQNmtQy57aXq8qrfZE
780kHqbmfP5Uw7scJ83JEVBlrNBoWIR75PWbp8MoiqjPZW7+hqofr3uNZ4tXK1ne
FSdFviQjpZBBf7mm8XcnjUjQlZ2uMenyQOki301x+B0gGjHMAfAWWgd2ONy6AoOn
15qfKN6MH7oL6UYNaFGnx8BVoZZ7VQ1BE7B67/MbW/8JqGygKmN5FAFlPQX9pDd4
krM+uz42
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:09:40 2025 by rpki-client