Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/0HUnrVHrOchNR7_p621kdJDacL4.roa
File: 0HUnrVHrOchNR7_p621kdJDacL4.roa (raw, json)
Hash identifier: tLv/HQNMFiKnsRRJ8uUV3nrNipwPW7LtzCKPh1QwRfw=
Subject key identifier: D0:75:27:AD:51:EB:39:C8:4D:47:BF:E9:EB:6D:64:74:90:DA:70:BE
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 03EE1D9C
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/0HUnrVHrOchNR7_p621kdJDacL4.roa
Signing time: Sat 01 Jan 2022 12:54:20 +0000
ROA not before: Sat 01 Jan 2022 12:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208136
IP address blocks: 2a01:b960:230d::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65936796 (0x3ee1d9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 12:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d07527ad51eb39c84d47bfe9eb6d647490da70be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9c:96:05:aa:7c:d5:dc:1c:e8:e4:9f:c5:f8:
21:b9:08:38:2b:22:45:79:ad:40:50:db:d4:ff:36:
f7:44:12:97:85:55:77:fc:4a:01:0f:b7:44:82:e2:
07:6e:48:1c:23:94:62:3a:2b:12:24:7e:89:80:ac:
d5:01:4f:2f:a5:0c:66:a4:ed:13:d4:21:89:73:dc:
a9:0d:fe:28:fe:ce:5f:6b:d8:2e:5a:a8:af:60:b4:
5d:d1:7c:ce:69:c8:8c:97:0b:6b:ec:16:a2:ff:f2:
15:4f:17:9c:61:f7:a9:bb:a0:5c:46:85:94:56:37:
c5:1d:72:f2:dc:96:60:05:4d:88:f2:5b:71:ef:55:
40:49:e3:c4:97:77:10:1a:bc:2e:4e:49:77:5e:9b:
08:a4:f6:14:8d:cd:29:f7:c9:ce:4e:d2:e7:3a:6d:
70:fc:47:9f:5e:20:b2:e4:04:95:09:ef:e5:93:ee:
96:82:45:23:11:e6:5a:c2:a8:3c:fc:c6:02:7a:ab:
c2:44:a9:5e:89:0d:e8:9c:35:9f:f2:71:11:9e:05:
72:ec:01:ec:22:bc:a7:c3:83:a4:45:24:57:3a:a5:
45:b5:63:de:54:a9:a0:a5:c8:a7:ab:5e:61:56:b1:
35:ff:c0:84:83:ce:ac:6b:f3:60:3d:11:4a:75:9b:
c7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:75:27:AD:51:EB:39:C8:4D:47:BF:E9:EB:6D:64:74:90:DA:70:BE
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/0HUnrVHrOchNR7_p621kdJDacL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:230d::/48
Signature Algorithm: sha256WithRSAEncryption
8f:32:0c:01:5a:cf:b4:17:fb:8d:e4:a0:25:7f:09:b5:6f:4a:
90:4d:37:c0:c0:e3:30:e7:6a:a6:e3:02:77:96:5d:01:d2:c9:
9a:95:95:dd:a8:31:8b:4f:ee:94:9f:f7:e7:e0:33:5a:16:fb:
a6:f1:e4:53:6c:c0:a5:38:f3:78:42:51:1f:44:8b:07:71:71:
4a:d2:7b:45:62:8a:cd:65:bd:a3:f6:f7:49:fb:af:35:2d:63:
34:0e:4d:85:3f:66:f1:4b:68:17:91:dc:ca:6e:9a:38:f6:46:
95:48:f4:e9:45:e0:50:fb:7e:cf:93:c3:ac:c4:0f:4d:3b:24:
c8:fd:b3:84:96:7f:d2:23:a4:02:61:bc:a1:ef:f7:3d:9f:a1:
c9:b8:91:21:f0:15:a6:fb:7e:e8:2b:f2:ba:f2:61:fb:71:af:
ab:34:ab:11:d6:51:c5:cc:3e:04:df:9b:36:6e:89:36:a0:ce:
00:00:72:a5:06:e3:b7:d7:c7:c1:a1:2f:eb:e4:ae:3c:5a:7b:
cc:14:13:c8:39:3a:b0:5a:de:03:79:aa:01:db:c6:05:13:96:
35:1b:59:78:68:6e:89:ec:bd:da:12:87:63:3c:32:41:dd:71:
34:f8:b6:c4:f2:f0:f4:d4:5a:f2:0d:08:83:48:84:40:17:a5:
00:da:77:89
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA+4dnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGYxNzI2ZWE0YmQ2ZDNjODA5MWFlMGM4YWQxYTAzZTkxZTM1OWEyMB4XDTIyMDEw
MTEyNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA3NTI3YWQ1MWVi
MzljODRkNDdiZmU5ZWI2ZDY0NzQ5MGRhNzBiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaclgWqfNXcHOjkn8X4IbkIOCsiRXmtQFDb1P8290QSl4VV
d/xKAQ+3RILiB25IHCOUYjorEiR+iYCs1QFPL6UMZqTtE9QhiXPcqQ3+KP7OX2vY
Llqor2C0XdF8zmnIjJcLa+wWov/yFU8XnGH3qbugXEaFlFY3xR1y8tyWYAVNiPJb
ce9VQEnjxJd3EBq8Lk5Jd16bCKT2FI3NKffJzk7S5zptcPxHn14gsuQElQnv5ZPu
loJFIxHmWsKoPPzGAnqrwkSpXokN6Jw1n/JxEZ4FcuwB7CK8p8ODpEUkVzqlRbVj
3lSpoKXIp6teYVaxNf/AhIPOrGvzYD0RSnWbx9sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTQdSetUes5yE1Hv+nrbWR0kNpwvjAfBgNVHSMEGDAWgBQ08XJupL1tPICR
rgyK0aA+keNZojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QRnlicVM5YlR5QWthNE1pdEdnUHBIaldhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBmZS8x
LzBIVW5yVkhyT2NoTlI3X3A2MjFrZEpEYWNMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
ZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBmZS8xL05QRnlicVM5YlR5
QWthNE1pdEdnUHBIaldhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBuWAjDTANBgkqhkiG9w0BAQsF
AAOCAQEAjzIMAVrPtBf7jeSgJX8JtW9KkE03wMDjMOdqpuMCd5ZdAdLJmpWV3agx
i0/ulJ/35+AzWhb7pvHkU2zApTjzeEJRH0SLB3FxStJ7RWKKzWW9o/b3SfuvNS1j
NA5NhT9m8UtoF5Hcym6aOPZGlUj06UXgUPt+z5PDrMQPTTskyP2zhJZ/0iOkAmG8
oe/3PZ+hybiRIfAVpvt+6CvyuvJh+3GvqzSrEdZRxcw+BN+bNm6JNqDOAABypQbj
t9fHwaEv6+SuPFp7zBQTyDk6sFreA3mqAdvGBROWNRtZeGhuiey92hKHYzwyQd1x
NPi2xPLw9NRa8g0Ig0iEQBelANp3iQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:10 2025 by rpki-client