Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/HbEEwqxVyi4MAvIVdsiVgX3elIU.roa
File: HbEEwqxVyi4MAvIVdsiVgX3elIU.roa (raw, json)
Hash identifier: bl1hyJc89Cm5BJJADwXRK8p3WvwS7rGFTntcxkhlfdI=
Subject key identifier: 1D:B1:04:C2:AC:55:CA:2E:0C:02:F2:15:76:C8:95:81:7D:DE:94:85
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0187AD4213F181FEC771E3C2DE6C2DE46D53
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/HbEEwqxVyi4MAvIVdsiVgX3elIU.roa
Signing time: Sun 23 Apr 2023 08:36:41 +0000
ROA not before: Sun 23 Apr 2023 08:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46450
IP address blocks: 109.111.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ad:42:13:f1:81:fe:c7:71:e3:c2:de:6c:2d:e4:6d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Apr 23 08:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1db104c2ac55ca2e0c02f21576c895817dde9485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:57:9d:55:bd:a5:8f:7e:30:b7:15:13:43:33:
7b:56:83:34:55:2b:4f:03:72:3c:ef:71:f9:66:08:
40:e5:cf:dd:1f:3a:d4:83:9c:84:3a:bd:ae:49:e5:
04:33:4a:b9:41:5a:ce:d0:62:83:5c:d5:cb:20:f0:
8f:f4:65:76:5a:23:9c:02:b6:27:5d:87:ef:f1:04:
46:e1:26:7a:6c:b0:fa:05:b9:2d:44:27:47:49:57:
8d:36:f2:84:da:1f:3d:4c:fa:9c:0a:ab:c4:ca:06:
31:16:67:79:d2:ba:95:04:73:3f:f9:5c:e7:1e:79:
63:d1:5d:f8:c3:be:1c:d2:93:2d:31:12:10:11:ab:
7b:97:9b:7b:af:3d:cb:e2:2b:58:49:8a:5c:68:b3:
10:6f:f6:74:89:ac:b6:5f:77:2a:2e:74:bb:8c:47:
16:c7:13:53:3f:03:97:00:34:7b:d4:51:64:16:a0:
4e:0b:73:1c:21:40:d8:ba:1b:ff:34:95:60:37:e9:
c9:09:e5:12:b1:3b:71:56:3b:8c:71:25:e9:d6:df:
93:82:26:a8:25:88:27:a0:9e:2a:57:d9:2f:9f:44:
6f:a4:57:ba:08:18:76:aa:77:8d:90:f7:8b:d4:a8:
d8:a5:24:0f:99:7a:fa:f7:a3:43:15:7f:e0:4e:b5:
d7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B1:04:C2:AC:55:CA:2E:0C:02:F2:15:76:C8:95:81:7D:DE:94:85
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/HbEEwqxVyi4MAvIVdsiVgX3elIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.48.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:b3:2a:6c:40:d9:a3:10:63:7f:b2:c7:15:9b:83:fc:07:5c:
fe:99:9a:c3:b7:43:57:14:7d:d3:93:71:bc:c8:70:e0:ab:80:
db:9c:13:27:ad:1d:61:d7:e6:82:6a:d8:e2:98:f2:42:a3:d5:
68:bb:6c:5a:e4:4c:33:d8:0c:be:05:72:77:85:6b:d8:e3:5c:
dd:65:6a:06:61:f9:f3:14:ea:e4:82:c0:fa:2f:e4:97:81:7c:
24:54:2a:f3:d0:aa:8a:2d:d4:4c:f7:7f:d7:b7:a0:27:c8:0a:
1c:ce:61:88:72:7c:c6:e6:10:9c:d6:9d:48:ad:d8:a2:b4:ae:
ea:17:85:7f:1a:27:e6:00:e8:6a:4b:16:d7:9b:bb:20:cf:20:
34:90:ed:33:8c:fa:1e:51:c2:3e:29:c3:4a:5e:c9:78:1c:e5:
47:d9:37:41:85:9e:48:f4:3c:34:b6:1a:00:60:e6:e1:72:8d:
f1:a1:5f:d0:02:ac:8b:98:4f:d3:34:17:7d:af:2b:da:21:c9:
4a:cf:90:12:14:0c:52:b9:ea:29:46:b9:21:3a:6c:2d:dd:b1:
02:77:51:c4:88:e7:9c:68:4a:23:db:3a:26:17:93:01:80:d5:
4a:29:34:63:88:46:32:33:49:be:8b:4a:6e:ef:0a:81:9e:ae:
0f:87:5a:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYetQhPxgf7HcePC3mwt5G1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwNDIzMDgzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIxMDRjMmFjNTVjYTJlMGMwMmYyMTU3NmM4OTU4MTdkZGU5NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1edVb2lj34wtxUTQzN7VoM0VStP
A3I873H5ZghA5c/dHzrUg5yEOr2uSeUEM0q5QVrO0GKDXNXLIPCP9GV2WiOcArYn
XYfv8QRG4SZ6bLD6BbktRCdHSVeNNvKE2h89TPqcCqvEygYxFmd50rqVBHM/+Vzn
Hnlj0V34w74c0pMtMRIQEat7l5t7rz3L4itYSYpcaLMQb/Z0iay2X3cqLnS7jEcW
xxNTPwOXADR71FFkFqBOC3McIUDYuhv/NJVgN+nJCeUSsTtxVjuMcSXp1t+Tgiao
JYgnoJ4qV9kvn0RvpFe6CBh2qneNkPeL1KjYpSQPmXr696NDFX/gTrXXWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2xBMKsVcouDALyFXbIlYF93pSFMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSGJFRXdxeFZ5aTRNQXZJVmRzaVZnWDNlbElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbW8wMA0G
CSqGSIb3DQEBCwUAA4IBAQBqsypsQNmjEGN/sscVm4P8B1z+mZrDt0NXFH3Tk3G8
yHDgq4DbnBMnrR1h1+aCatjimPJCo9Vou2xa5Ewz2Ay+BXJ3hWvY41zdZWoGYfnz
FOrkgsD6L+SXgXwkVCrz0KqKLdRM93/Xt6AnyAoczmGIcnzG5hCc1p1IrdiitK7q
F4V/GifmAOhqSxbXm7sgzyA0kO0zjPoeUcI+KcNKXsl4HOVH2TdBhZ5I9Dw0thoA
YObhco3xoV/QAqyLmE/TNBd9ryvaIclKz5ASFAxSueopRrkhOmwt3bECd1HEiOec
aEoj2zomF5MBgNVKKTRjiEYyM0m+i0pu7wqBnq4Ph1o4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:05 2025 by rpki-client