Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/hv9pqibiJd8cmNuICTmvWGg8lhk.roa
File: hv9pqibiJd8cmNuICTmvWGg8lhk.roa (raw, json)
Hash identifier: mNNvKF3EQ3yOk3zjpmnI2rEjFaPjS+unpzTQT98xB3A=
Subject key identifier: 86:FF:69:AA:26:E2:25:DF:1C:98:DB:88:09:39:AF:58:68:3C:96:19
Certificate issuer: /CN=f8a4850c7ab30bbb8af80dcf9aabc6b951aa65a4
Certificate serial: 018A9FD5E67BB0BA7E5A9555BDA7843E77DB
Authority key identifier: F8:A4:85:0C:7A:B3:0B:BB:8A:F8:0D:CF:9A:AB:C6:B9:51:AA:65:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KSFDHqzC7uK-A3PmqvGuVGqZaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/hv9pqibiJd8cmNuICTmvWGg8lhk.roa
Signing time: Sat 16 Sep 2023 21:11:50 +0000
ROA not before: Sat 16 Sep 2023 21:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216313
IP address blocks: 2a13:cd80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9f:d5:e6:7b:b0:ba:7e:5a:95:55:bd:a7:84:3e:77:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a4850c7ab30bbb8af80dcf9aabc6b951aa65a4
Validity
Not Before: Sep 16 21:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86ff69aa26e225df1c98db880939af58683c9619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:6b:0e:99:73:7c:08:d0:7e:07:98:0f:da:
79:df:30:b3:66:f6:13:da:52:84:6e:6e:80:21:dc:
46:78:a0:96:09:d4:4a:5a:cd:7c:6d:6d:44:d7:45:
ca:2d:32:3f:78:15:c2:74:21:cc:18:a2:07:c1:03:
37:8b:42:6e:0e:0b:1c:fd:63:05:7d:3f:2e:64:9f:
fc:d5:f2:1c:f8:55:62:17:8a:74:6e:ec:7f:68:81:
6b:42:77:a1:ee:66:16:3f:19:c0:67:a2:94:6a:96:
f8:ed:66:b5:f0:80:91:62:9a:96:6b:a6:1b:f3:d7:
17:ee:15:ba:9b:f8:11:8f:0e:e9:b0:3f:a3:a8:a4:
ad:87:b7:f4:bd:dc:dc:b9:54:ca:7c:09:f7:c9:b4:
c7:00:a8:a3:73:1b:a1:9d:4b:8b:f4:9e:56:d4:d6:
d0:e4:30:bd:89:cd:03:d9:31:23:fd:37:be:85:ec:
01:aa:db:39:50:26:9e:53:bc:0b:34:58:39:8a:30:
42:b5:e1:d8:85:71:3b:1b:bc:71:fa:81:26:fc:2a:
c4:ed:cb:5a:0c:c6:8d:79:bf:c0:a6:b1:d1:48:0f:
51:6c:43:8b:b6:f2:4b:81:ab:84:3f:d1:0e:6f:01:
90:45:1d:1d:6d:6c:1b:a7:ed:56:6d:0e:ca:42:ec:
70:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FF:69:AA:26:E2:25:DF:1C:98:DB:88:09:39:AF:58:68:3C:96:19
X509v3 Authority Key Identifier:
keyid:F8:A4:85:0C:7A:B3:0B:BB:8A:F8:0D:CF:9A:AB:C6:B9:51:AA:65:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KSFDHqzC7uK-A3PmqvGuVGqZaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/hv9pqibiJd8cmNuICTmvWGg8lhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/38969d-7276-4f27-9e1c-7286ac0a907b/1/1-KSFDHqzC7uK-A3PmqvGuVGqZaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cd80::/32
Signature Algorithm: sha256WithRSAEncryption
94:05:91:54:77:fb:f2:70:f9:f2:d7:06:56:a5:0b:d0:9f:ac:
98:80:a4:4d:d0:af:fe:c7:af:13:5c:44:72:4c:16:f4:fc:42:
eb:9a:36:94:b4:dc:9c:43:e3:b7:93:03:76:f2:64:fa:a7:19:
03:9a:02:18:27:07:b3:99:34:63:65:ae:f1:e5:59:ba:5d:01:
5c:13:33:b9:99:ab:ce:aa:13:f2:d9:14:7e:68:bd:9d:d5:40:
3b:d2:86:93:1a:37:fe:e7:14:3b:99:d0:06:d3:1b:cc:a5:2d:
bb:4a:86:f0:a6:26:2a:ce:f7:e4:30:be:b5:60:bd:69:51:9c:
49:34:cf:a3:33:c2:9b:ee:40:7f:3f:b3:4b:86:0a:2c:43:2d:
c5:2e:72:7a:18:15:e4:9f:29:d2:b8:34:7e:a8:83:c4:0b:48:
e9:97:61:66:c5:b8:d1:fe:0d:d0:5f:14:57:4d:73:18:ca:4a:
ae:93:5d:08:f4:ba:76:ac:86:84:ed:0e:d5:79:74:04:65:db:
05:c2:f5:16:48:13:1e:08:9a:71:94:1f:76:25:a4:f3:5f:3a:
b8:89:7f:8f:71:6d:d7:4f:57:17:39:90:6c:4b:f9:c5:8a:8a:
e7:fd:c5:aa:cd:3c:3a:aa:a1:75:cc:42:82:51:d2:b8:79:36:
c6:cb:d8:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqf1eZ7sLp+WpVVvaeEPnfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTQ4NTBjN2FiMzBiYmI4YWY4MGRjZjlhYWJjNmI5NTFh
YTY1YTQwHhcNMjMwOTE2MjExMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZmNjlhYTI2ZTIyNWRmMWM5OGRiODgwOTM5YWY1ODY4M2M5NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtZrDplzfAjQfgeYD9p53zCzZvYT
2lKEbm6AIdxGeKCWCdRKWs18bW1E10XKLTI/eBXCdCHMGKIHwQM3i0JuDgsc/WMF
fT8uZJ/81fIc+FViF4p0bux/aIFrQneh7mYWPxnAZ6KUapb47Wa18ICRYpqWa6Yb
89cX7hW6m/gRjw7psD+jqKSth7f0vdzcuVTKfAn3ybTHAKijcxuhnUuL9J5W1NbQ
5DC9ic0D2TEj/Te+hewBqts5UCaeU7wLNFg5ijBCteHYhXE7G7xx+oEm/CrE7cta
DMaNeb/AprHRSA9RbEOLtvJLgauEP9EObwGQRR0dbWwbp+1WbQ7KQuxw4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIb/aaom4iXfHJjbiAk5r1hoPJYZMB8GA1UdIwQY
MBaAFPikhQx6swu7ivgNz5qrxrlRqmWkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LU0ZESHF6Qzd1Sy1BM1BtcXZHdVZHcVphUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEvMzg5NjlkLTcyNzYtNGYyNy05ZTFj
LTcyODZhYzBhOTA3Yi8xL2h2OXBxaWJpSmQ4Y21OdUlDVG12V0dnOGxoay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzEvMzg5NjlkLTcyNzYtNGYyNy05ZTFjLTcyODZhYzBhOTA3
Yi8xLzEtS1NGREhxekM3dUstQTNQbXF2R3VWR3FaYVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqE82A
MA0GCSqGSIb3DQEBCwUAA4IBAQCUBZFUd/vycPny1wZWpQvQn6yYgKRN0K/+x68T
XERyTBb0/ELrmjaUtNycQ+O3kwN28mT6pxkDmgIYJwezmTRjZa7x5Vm6XQFcEzO5
mavOqhPy2RR+aL2d1UA70oaTGjf+5xQ7mdAG0xvMpS27SobwpiYqzvfkML61YL1p
UZxJNM+jM8Kb7kB/P7NLhgosQy3FLnJ6GBXknynSuDR+qIPEC0jpl2FmxbjR/g3Q
XxRXTXMYykquk10I9Lp2rIaE7Q7VeXQEZdsFwvUWSBMeCJpxlB92JaTzXzq4iX+P
cW3XT1cXOZBsS/nFiorn/cWqzTw6qqF1zEKCUdK4eTbGy9hl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:40 2025 by rpki-client