Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HSYo-kSwtPr1MMHqX1-8ZNCmXfs.roa
File: HSYo-kSwtPr1MMHqX1-8ZNCmXfs.roa (raw, json)
Hash identifier: riBNUyn854BolSd1NK1vZ6Te1rIDxxcHarxGgdQp0Dk=
Subject key identifier: 1D:26:28:FA:44:B0:B4:FA:F5:30:C1:EA:5F:5F:BC:64:D0:A6:5D:FB
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0129E9F4
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HSYo-kSwtPr1MMHqX1-8ZNCmXfs.roa
Signing time: Sat 01 Jan 2022 00:59:47 +0000
ROA not before: Sat 01 Jan 2022 00:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208709
IP address blocks: 2a0c:b641:400::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19524084 (0x129e9f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d2628fa44b0b4faf530c1ea5f5fbc64d0a65dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:be:ff:a0:ed:d1:e8:8b:bd:16:2d:99:33:54:
e3:f9:ab:29:b1:f9:be:1a:42:b2:ce:34:98:d6:9b:
8b:4c:db:18:af:76:5c:7c:f4:47:d7:0d:86:8d:d2:
5a:6c:b1:88:c2:01:09:34:fd:b3:a5:5f:f7:97:1e:
28:72:e8:e0:35:88:04:f7:38:bf:1e:fa:46:4e:18:
8b:51:0b:c5:f5:e6:d7:25:71:f0:90:20:88:7b:82:
a8:75:da:e4:66:c8:c9:2e:f9:83:06:90:4f:11:06:
8f:82:2a:90:d4:73:f8:9c:fb:5a:4e:ea:f9:22:18:
2a:9a:eb:c7:45:0d:e0:11:45:10:79:c1:75:28:47:
6f:5d:f1:f7:22:9b:09:b1:81:dd:77:8c:aa:d4:f8:
83:7a:a6:00:66:0c:eb:49:1b:d7:68:57:5d:ff:b9:
22:34:ea:94:5e:6a:fb:fb:5c:77:9f:3f:e9:ec:2b:
a3:a3:8e:ec:49:d2:11:ca:9c:29:74:1f:01:62:9f:
82:5a:f6:e5:5a:b7:aa:fd:90:55:ad:af:9e:89:05:
1a:34:a8:cd:f1:56:71:82:62:a3:3b:4f:b5:85:01:
7a:2d:b7:d1:42:28:a7:31:e3:c4:42:f2:c6:5b:13:
e7:67:0e:b2:f4:ac:3d:bd:b5:37:55:9f:60:24:e8:
57:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:26:28:FA:44:B0:B4:FA:F5:30:C1:EA:5F:5F:BC:64:D0:A6:5D:FB
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HSYo-kSwtPr1MMHqX1-8ZNCmXfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:400::/44
Signature Algorithm: sha256WithRSAEncryption
07:2a:3f:f8:75:a5:32:d7:0e:3f:b6:d5:c8:7b:f0:16:a7:10:
66:58:33:8d:a0:08:61:1f:33:13:d8:ab:aa:50:b6:ec:e2:2e:
50:2d:ec:04:8b:f2:a1:89:b3:d6:aa:8d:b1:84:56:e3:b6:f5:
7d:7e:e1:64:61:23:16:72:8d:0b:7f:d4:61:59:d5:33:55:85:
ed:3a:89:83:6a:88:66:01:09:60:ca:a7:2d:29:5f:4b:37:1e:
d8:9b:6b:e9:80:3b:1c:bf:13:d4:5f:fc:87:db:14:79:eb:b9:
64:5e:49:50:f5:4a:a9:c3:14:12:9e:9c:84:73:1b:1b:49:c8:
7b:35:17:6d:f7:ad:67:ee:95:93:8c:0f:62:de:7f:a8:02:14:
25:87:2c:36:3a:e7:a2:ed:e3:5b:93:39:3e:0e:98:78:df:72:
20:f4:47:e8:af:28:1c:63:db:dc:4d:e6:dd:0c:53:12:50:3e:
87:c7:6b:fb:29:2d:09:22:f4:b0:71:68:9f:ca:71:e9:c7:42:
a4:da:3b:27:f2:9c:8f:49:b1:db:8b:13:35:cf:20:4c:9f:39:
c5:34:e2:1b:95:06:e7:6e:1b:73:33:70:a4:3b:69:d6:88:27:
05:1c:0e:b1:5a:2c:12:c8:3d:51:5f:83:d2:fa:db:ff:86:f3:
a0:24:8b:5f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEASnp9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQyNjI4ZmE0NGIw
YjRmYWY1MzBjMWVhNWY1ZmJjNjRkMGE2NWRmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO6+/6Dt0eiLvRYtmTNU4/mrKbH5vhpCss40mNabi0zbGK92
XHz0R9cNho3SWmyxiMIBCTT9s6Vf95ceKHLo4DWIBPc4vx76Rk4Yi1ELxfXm1yVx
8JAgiHuCqHXa5GbIyS75gwaQTxEGj4IqkNRz+Jz7Wk7q+SIYKprrx0UN4BFFEHnB
dShHb13x9yKbCbGB3XeMqtT4g3qmAGYM60kb12hXXf+5IjTqlF5q+/tcd58/6ewr
o6OO7EnSEcqcKXQfAWKfglr25Vq3qv2QVa2vnokFGjSozfFWcYJioztPtYUBei23
0UIopzHjxELyxlsT52cOsvSsPb21N1WfYCToVx8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQdJij6RLC0+vUwwepfX7xk0KZd+zAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0hTWW8ta1N3dFByMU1NSHFYMS04Wk5DbVhmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEEADANBgkqhkiG9w0BAQsF
AAOCAQEAByo/+HWlMtcOP7bVyHvwFqcQZlgzjaAIYR8zE9irqlC27OIuUC3sBIvy
oYmz1qqNsYRW47b1fX7hZGEjFnKNC3/UYVnVM1WF7TqJg2qIZgEJYMqnLSlfSzce
2Jtr6YA7HL8T1F/8h9sUeeu5ZF5JUPVKqcMUEp6chHMbG0nIezUXbfetZ+6Vk4wP
Yt5/qAIUJYcsNjrnou3jW5M5Pg6YeN9yIPRH6K8oHGPb3E3m3QxTElA+h8dr+ykt
CSL0sHFon8px6cdCpNo7J/Kcj0mx24sTNc8gTJ85xTTiG5UG524bczNwpDtp1ogn
BRwOsVosEsg9UV+D0vrb/4bzoCSLXw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:51 2025 by rpki-client