Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HdQItBS814o6w-GZ9myNOIKsELI.roa
File: HdQItBS814o6w-GZ9myNOIKsELI.roa (raw, json)
Hash identifier: 06ucgO8w+Di45YkP9827TLQJkReF4oNx16WHgE6r2U8=
Subject key identifier: 1D:D4:08:B4:14:BC:D7:8A:3A:C3:E1:99:F6:6C:8D:38:82:AC:10:B2
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 013A1EB2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HdQItBS814o6w-GZ9myNOIKsELI.roa
Signing time: Sat 01 Jan 2022 00:59:58 +0000
ROA not before: Sat 01 Jan 2022 00:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210361
IP address blocks: 2a0c:b641:1b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20586162 (0x13a1eb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dd408b414bcd78a3ac3e199f66c8d3882ac10b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:f7:8b:1c:4a:43:9d:a1:a3:02:6c:df:7d:
a1:76:ba:cf:99:91:60:5d:2c:15:61:5b:5e:ab:f9:
89:c6:a4:44:7b:39:18:a5:37:93:93:69:75:7c:aa:
1c:2e:dd:e6:4d:1c:7d:67:38:91:05:17:61:7f:b6:
c8:e5:f8:7d:ec:41:92:63:7b:1c:fd:7c:b9:fe:b3:
66:3d:72:d7:87:8f:00:76:f2:1a:47:98:a3:e7:61:
63:2a:ff:7c:ad:e8:dd:1f:65:01:60:65:ed:11:3a:
4e:21:32:cb:55:ae:ce:a8:b5:8a:87:5e:b9:cd:b5:
e3:96:21:f4:86:87:1f:60:fc:a1:c7:11:5d:43:a7:
6c:a0:ca:8f:a9:c6:f0:3f:a3:90:f7:9f:53:1e:da:
bb:19:f9:8b:49:8d:6b:08:66:b7:d1:d2:7b:4b:76:
28:fd:03:8c:99:8d:d8:9e:72:04:66:03:b2:53:32:
2c:4b:24:d2:49:ca:4f:91:65:4b:0f:64:a8:d2:07:
19:b2:9f:d5:9f:5b:7c:31:82:cb:fc:08:38:f3:c0:
37:8c:16:5e:33:94:42:cf:e5:5b:64:26:ba:f8:79:
e0:4c:a4:7d:2d:f7:7b:79:c2:20:f6:ae:bb:28:5f:
10:97:5b:12:bc:d9:2d:ea:b3:b4:ee:a1:02:b3:29:
80:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D4:08:B4:14:BC:D7:8A:3A:C3:E1:99:F6:6C:8D:38:82:AC:10:B2
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HdQItBS814o6w-GZ9myNOIKsELI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
0a:00:11:d7:62:7b:68:9f:96:0a:9d:07:f8:3b:5b:34:fd:82:
0d:7d:67:90:fa:51:76:8b:a6:75:a7:ac:fa:97:03:8d:a3:c8:
b1:41:b7:9f:70:7d:c5:ba:af:f6:13:6b:9a:6e:60:33:c5:9b:
e3:40:a0:31:ab:74:09:a1:3a:c5:dd:38:a7:b5:6d:f8:ed:38:
32:60:e0:34:ae:03:f5:1e:4e:bc:52:9b:e2:96:8c:5a:92:c5:
f1:4f:fa:8e:cb:07:10:26:11:59:04:04:cd:cd:80:70:fd:fe:
bc:bf:dd:17:b4:08:98:40:75:c6:74:b4:4b:52:42:50:67:c5:
e6:e3:5e:cf:f0:5f:cb:ac:38:c8:f2:60:de:70:31:cd:d6:2a:
53:c1:46:d4:59:18:72:a8:2e:d6:d0:e0:9e:9e:0e:53:5d:d6:
04:09:5b:39:56:e1:e3:77:af:aa:ca:db:cf:15:f2:14:b1:88:
46:6c:2e:9e:44:24:da:f0:d4:08:5d:7a:08:0e:2b:23:c5:b9:
d4:12:52:af:30:e6:c4:0d:da:5d:27:fa:65:a8:9c:48:13:fb:
10:1b:59:02:36:2e:01:7b:67:f7:05:d4:02:40:2f:ea:98:f0:
ce:59:4d:8e:2e:c6:92:0d:24:d4:33:7e:be:d2:a4:a5:49:b1:
bd:63:41:a2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAToesjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRkNDA4YjQxNGJj
ZDc4YTNhYzNlMTk5ZjY2YzhkMzg4MmFjMTBiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMF194scSkOdoaMCbN99oXa6z5mRYF0sFWFbXqv5icakRHs5
GKU3k5NpdXyqHC7d5k0cfWc4kQUXYX+2yOX4fexBkmN7HP18uf6zZj1y14ePAHby
GkeYo+dhYyr/fK3o3R9lAWBl7RE6TiEyy1Wuzqi1iodeuc2145Yh9IaHH2D8occR
XUOnbKDKj6nG8D+jkPefUx7auxn5i0mNawhmt9HSe0t2KP0DjJmN2J5yBGYDslMy
LEsk0knKT5FlSw9kqNIHGbKf1Z9bfDGCy/wIOPPAN4wWXjOUQs/lW2Qmuvh54Eyk
fS33e3nCIPauuyhfEJdbErzZLeqztO6hArMpgD0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQd1Ai0FLzXijrD4Zn2bI04gqwQsjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0hkUUl0QlM4MTRvNnctR1o5bXlOT0lLc0VMSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEBsDANBgkqhkiG9w0BAQsF
AAOCAQEACgAR12J7aJ+WCp0H+DtbNP2CDX1nkPpRdoumdaes+pcDjaPIsUG3n3B9
xbqv9hNrmm5gM8Wb40CgMat0CaE6xd04p7Vt+O04MmDgNK4D9R5OvFKb4paMWpLF
8U/6jssHECYRWQQEzc2AcP3+vL/dF7QImEB1xnS0S1JCUGfF5uNez/Bfy6w4yPJg
3nAxzdYqU8FG1FkYcqgu1tDgnp4OU13WBAlbOVbh43evqsrbzxXyFLGIRmwunkQk
2vDUCF16CA4rI8W51BJSrzDmxA3aXSf6ZaicSBP7EBtZAjYuAXtn9wXUAkAv6pjw
zllNji7Gkg0k1DN+vtKkpUmxvWNBog==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:19:51 2025 by rpki-client