Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/EH-Lj4dDPyfsvp8-9CVah6LOaPE.roa
File: EH-Lj4dDPyfsvp8-9CVah6LOaPE.roa (raw, json)
Hash identifier: 4RDCab2017VvimKQqRGc1qq6FvNBWdJEvk/gMUCL2o0=
Subject key identifier: 10:7F:8B:8F:87:43:3F:27:EC:BE:9F:3E:F4:25:5A:87:A2:CE:68:F1
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E59C361254E22163CA392B134A843
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/EH-Lj4dDPyfsvp8-9CVah6LOaPE.roa
Signing time: Mon 02 Jan 2023 06:14:52 +0000
ROA not before: Mon 02 Jan 2023 06:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206499
IP address blocks: 2a0c:b642::/36 maxlen: 48
2a0c:b642:a00::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:59:c3:61:25:4e:22:16:3c:a3:92:b1:34:a8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=107f8b8f87433f27ecbe9f3ef4255a87a2ce68f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:13:59:52:cd:bf:83:db:45:e3:1e:db:55:71:
96:2f:d0:6b:f4:b8:1d:b9:ca:f8:44:43:bb:e4:d7:
c9:bf:dc:55:8c:cd:e0:a9:46:ff:ad:45:63:11:1e:
57:f8:21:b1:2e:43:42:87:6e:1a:f3:7b:ae:ec:8e:
28:bd:c0:4e:d0:f0:c3:ee:40:68:20:d6:de:a3:6b:
1a:be:3b:cb:71:77:e9:6b:31:8e:8b:9a:8e:58:8b:
81:f7:5b:27:4e:31:8d:76:bd:cf:33:4b:b4:04:7b:
bc:18:c9:82:bd:ab:2f:c4:04:da:04:f3:5a:67:47:
0e:7b:a8:03:ba:24:4b:df:53:11:2e:47:8d:cc:9c:
20:ea:da:7c:de:94:c7:36:cf:84:30:e1:13:57:04:
3f:04:a4:db:48:3f:99:00:db:b5:f5:7f:28:9c:1d:
2d:62:e4:cf:f0:d7:e5:bc:23:0c:81:af:1a:e5:33:
c1:a9:5c:82:49:36:e8:ea:69:29:b6:4c:d5:c9:79:
0a:80:a5:8f:7e:18:8f:92:26:46:f0:e0:89:ae:55:
34:d9:07:98:90:7e:29:ff:3d:5d:d9:49:f9:73:80:
c7:fc:eb:8d:d7:3b:39:07:94:e3:81:c4:79:ca:3a:
ff:20:10:d1:12:b6:ba:48:53:c6:8d:e1:af:32:61:
7e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7F:8B:8F:87:43:3F:27:EC:BE:9F:3E:F4:25:5A:87:A2:CE:68:F1
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/EH-Lj4dDPyfsvp8-9CVah6LOaPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642::/36
Signature Algorithm: sha256WithRSAEncryption
5a:bf:67:65:df:56:15:65:7d:1e:0c:27:ec:40:80:99:01:e1:
44:d3:a7:9c:5b:1a:78:b4:cd:2c:d5:ba:57:d7:3d:40:49:be:
69:ef:66:fc:ec:7b:8b:68:13:7b:dd:43:1d:27:83:eb:43:ec:
ce:c4:b6:6f:d6:52:be:38:d6:57:92:08:6f:96:4b:ce:fa:f6:
2d:1d:68:96:37:5c:2a:81:2b:81:fb:73:8a:2b:ed:a9:35:0a:
db:a5:14:1c:70:60:7c:20:0e:1c:0c:b4:43:6a:11:f4:29:45:
79:77:2b:e7:8a:c6:e1:c0:95:bd:bc:27:73:93:cd:8d:a2:84:
c6:72:ff:1b:e5:b5:d7:b7:9d:62:87:e0:79:04:9e:31:d3:6e:
1b:7e:4e:c6:d6:54:e6:5a:7e:06:68:9f:81:5b:df:9d:6e:f9:
6a:0b:3d:dc:18:52:4a:83:91:17:88:38:2c:c1:88:38:d5:89:
c1:33:82:98:b7:f5:2c:57:2a:92:e9:34:de:0f:f0:03:51:6d:
73:83:41:2c:16:76:ea:16:0b:bb:b9:a5:53:8d:23:3b:d2:1d:
a5:0e:79:51:6b:18:39:f3:01:5c:72:8f:7d:af:9d:34:37:5a:
87:97:2a:19:60:db:4c:75:48:0d:8e:56:25:1e:27:ef:93:1a:
8a:0b:16:27
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxHlnDYSVOIhY8o5KxNKhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdmOGI4Zjg3NDMzZjI3ZWNiZTlmM2VmNDI1NWE4N2EyY2U2OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRNZUs2/g9tF4x7bVXGWL9Br9Lgd
ucr4REO75NfJv9xVjM3gqUb/rUVjER5X+CGxLkNCh24a83uu7I4ovcBO0PDD7kBo
INbeo2savjvLcXfpazGOi5qOWIuB91snTjGNdr3PM0u0BHu8GMmCvasvxATaBPNa
Z0cOe6gDuiRL31MRLkeNzJwg6tp83pTHNs+EMOETVwQ/BKTbSD+ZANu19X8onB0t
YuTP8NflvCMMga8a5TPBqVyCSTbo6mkptkzVyXkKgKWPfhiPkiZG8OCJrlU02QeY
kH4p/z1d2Un5c4DH/OuN1zs5B5TjgcR5yjr/IBDREra6SFPGjeGvMmF+uQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBB/i4+HQz8n7L6fPvQlWoeizmjxMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvRUgtTGo0ZERQeWZzdnA4LTlDVmFoNkxPYVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgy2QgAw
DQYJKoZIhvcNAQELBQADggEBAFq/Z2XfVhVlfR4MJ+xAgJkB4UTTp5xbGni0zSzV
ulfXPUBJvmnvZvzse4toE3vdQx0ng+tD7M7Etm/WUr441leSCG+WS8769i0daJY3
XCqBK4H7c4or7ak1CtulFBxwYHwgDhwMtENqEfQpRXl3K+eKxuHAlb28J3OTzY2i
hMZy/xvltde3nWKH4HkEnjHTbht+TsbWVOZafgZon4Fb351u+WoLPdwYUkqDkReI
OCzBiDjVicEzgpi39SxXKpLpNN4P8ANRbXODQSwWduoWC7u5pVONIzvSHaUOeVFr
GDnzAVxyj32vnTQ3WoeXKhlg20x1SA2OViUeJ++TGooLFic=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:38:59 2025 by rpki-client