Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/sHbDJWeTUa2g1UNirtAtkJnvnCc.roa
File: sHbDJWeTUa2g1UNirtAtkJnvnCc.roa (raw, json)
Hash identifier: 0/5eLcoxtVFcRHWL8hnAVRyOiMWOLAcY/uyT23s3EUI=
Subject key identifier: B0:76:C3:25:67:93:51:AD:A0:D5:43:62:AE:D0:2D:90:99:EF:9C:27
Certificate issuer: /CN=3e2742496400d810be5b4096fdedec30a231f9ab
Certificate serial: 0185D5BE4FAA7A6186B1EF96B9FB61B1FB8A
Authority key identifier: 3E:27:42:49:64:00:D8:10:BE:5B:40:96:FD:ED:EC:30:A2:31:F9:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PidCSWQA2BC-W0CW_e3sMKIx-as.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/sHbDJWeTUa2g1UNirtAtkJnvnCc.roa
Signing time: Sat 21 Jan 2023 19:11:37 +0000
ROA not before: Sat 21 Jan 2023 19:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200368
IP address blocks: 2001:67c:b44::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d5:be:4f:aa:7a:61:86:b1:ef:96:b9:fb:61:b1:fb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e2742496400d810be5b4096fdedec30a231f9ab
Validity
Not Before: Jan 21 19:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b076c325679351ada0d54362aed02d9099ef9c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:55:34:f9:76:69:c5:8b:f4:68:6d:4f:e2:
8f:23:a9:83:a4:c5:20:ac:97:d7:7f:bc:05:93:bf:
78:62:7f:d2:dd:1a:2b:1a:37:eb:e2:6b:b6:2f:49:
f4:e8:f4:62:a9:55:1b:cd:6a:d4:3f:43:d1:67:7a:
fa:f4:32:0e:0b:00:c0:20:f5:ea:cc:f8:98:e9:61:
82:45:7d:da:62:25:b9:c4:69:aa:cd:ba:26:75:01:
b3:64:e4:9b:89:2a:45:ff:30:6b:1d:72:42:a9:17:
e6:ae:ae:4b:9a:09:2b:a6:60:6b:e1:6a:3a:68:6e:
a7:44:05:d1:3c:90:8e:94:3a:1a:6f:f9:fa:6b:32:
3c:5e:e9:e9:7e:c0:ef:cb:14:3d:eb:2f:2e:94:2c:
92:2e:80:aa:97:87:49:4c:7b:59:9c:d8:52:b2:0c:
df:09:8d:e1:dc:e9:41:ae:4d:87:29:17:fb:83:d7:
7d:e6:f7:ff:fe:1d:6c:25:24:28:bb:ce:d7:5e:ca:
0c:6b:84:ee:9d:05:83:5c:88:cf:34:54:f3:79:82:
5f:50:6e:6e:43:f7:82:e5:8c:60:a1:fd:8e:27:e7:
6c:5b:5c:4d:05:af:f0:0a:24:a8:0b:2a:91:9b:9b:
b5:31:5c:5e:50:c2:ad:06:12:98:cd:f1:f4:d8:c0:
3f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:76:C3:25:67:93:51:AD:A0:D5:43:62:AE:D0:2D:90:99:EF:9C:27
X509v3 Authority Key Identifier:
keyid:3E:27:42:49:64:00:D8:10:BE:5B:40:96:FD:ED:EC:30:A2:31:F9:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PidCSWQA2BC-W0CW_e3sMKIx-as.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/sHbDJWeTUa2g1UNirtAtkJnvnCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/PidCSWQA2BC-W0CW_e3sMKIx-as.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b44::/48
Signature Algorithm: sha256WithRSAEncryption
88:6e:65:70:e4:d0:be:b1:7a:1b:28:30:e2:9a:77:c9:87:2d:
42:d3:d4:4d:da:5e:85:2c:d7:33:52:37:01:f6:c0:9a:30:4d:
b3:90:1a:90:df:5c:d4:a0:fc:f1:6d:79:cf:a9:e7:7d:9c:bf:
c7:44:c4:c6:f7:cb:55:44:d2:13:87:2e:a7:45:bb:aa:30:c8:
91:9c:60:0f:ed:e3:05:d0:1f:f5:2e:14:c6:2b:2c:39:fa:59:
85:46:8e:53:8a:76:27:6a:2f:ec:c7:c2:d6:95:e8:68:8a:93:
c6:dc:86:fe:da:13:ef:17:ec:5a:c3:3d:cc:8e:6d:81:4e:e4:
eb:60:52:d0:7a:3f:6c:bd:72:10:4b:e6:67:8e:49:75:6a:07:
78:af:48:c2:94:b6:33:f7:5e:d7:c5:6c:c5:d5:25:ae:92:58:
23:52:d8:be:80:da:b4:d5:35:f0:89:d9:fe:83:62:04:ea:9e:
53:61:a0:a3:1a:75:3b:dc:c1:6b:47:11:f7:14:29:ef:d1:2f:
f2:ac:b6:fd:84:6b:5c:20:6f:1f:45:eb:a4:4c:25:97:72:45:
2d:e7:c9:b8:15:dd:a8:cc:ce:74:36:e9:3b:15:db:f0:51:11:
de:8f:44:66:0b:ab:72:ff:ab:1f:c2:dd:47:be:2b:31:8a:2d:
f0:b5:ae:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXVvk+qemGGse+WufthsfuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjc0MjQ5NjQwMGQ4MTBiZTViNDA5NmZkZWRlYzMwYTIz
MWY5YWIwHhcNMjMwMTIxMTkxMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc2YzMyNTY3OTM1MWFkYTBkNTQzNjJhZWQwMmQ5MDk5ZWY5YzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKZVNPl2acWL9GhtT+KPI6mDpMUg
rJfXf7wFk794Yn/S3RorGjfr4mu2L0n06PRiqVUbzWrUP0PRZ3r69DIOCwDAIPXq
zPiY6WGCRX3aYiW5xGmqzbomdQGzZOSbiSpF/zBrHXJCqRfmrq5LmgkrpmBr4Wo6
aG6nRAXRPJCOlDoab/n6azI8XunpfsDvyxQ96y8ulCySLoCql4dJTHtZnNhSsgzf
CY3h3OlBrk2HKRf7g9d95vf//h1sJSQou87XXsoMa4TunQWDXIjPNFTzeYJfUG5u
Q/eC5Yxgof2OJ+dsW1xNBa/wCiSoCyqRm5u1MVxeUMKtBhKYzfH02MA/ZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLB2wyVnk1GtoNVDYq7QLZCZ75wnMB8GA1UdIwQY
MBaAFD4nQklkANgQvltAlv3t7DCiMfmrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlkQ1NXUUEyQkMtVzBDV19lM3NNS0l4LWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85MjJmNmQtN2E3NC00ZmE4LTk0OTUt
MTg0ZGZmMjkyYTMwLzEvc0hiREpXZVRVYTJnMVVOaXJ0QXRrSm52bkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85MjJmNmQtN2E3NC00ZmE4LTk0OTUtMTg0ZGZmMjkyYTMw
LzEvUGlkQ1NXUUEyQkMtVzBDV19lM3NNS0l4LWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAtE
MA0GCSqGSIb3DQEBCwUAA4IBAQCIbmVw5NC+sXobKDDimnfJhy1C09RN2l6FLNcz
UjcB9sCaME2zkBqQ31zUoPzxbXnPqed9nL/HRMTG98tVRNIThy6nRbuqMMiRnGAP
7eMF0B/1LhTGKyw5+lmFRo5TinYnai/sx8LWlehoipPG3Ib+2hPvF+xawz3Mjm2B
TuTrYFLQej9svXIQS+Znjkl1agd4r0jClLYz917XxWzF1SWuklgjUti+gNq01TXw
idn+g2IE6p5TYaCjGnU73MFrRxH3FCnv0S/yrLb9hGtcIG8fReukTCWXckUt58m4
Fd2ozM50Nuk7FdvwURHej0RmC6ty/6sfwt1Hvisxii3wta6l
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:07:56 2025 by rpki-client