Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/hqX51bRm5p17lLYZwMl6yY4ejrE.roa
File: hqX51bRm5p17lLYZwMl6yY4ejrE.roa (raw, json)
Hash identifier: eibjDoG5/Y6KaRUeEQQQKGRi8gd9Gr27FqEs7eVi0hk=
Subject key identifier: 86:A5:F9:D5:B4:66:E6:9D:7B:94:B6:19:C0:C9:7A:C9:8E:1E:8E:B1
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 018B29F0E7804EF42FCAF1DC380B746079A7
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/hqX51bRm5p17lLYZwMl6yY4ejrE.roa
Signing time: Fri 13 Oct 2023 16:48:55 +0000
ROA not before: Fri 13 Oct 2023 16:48:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a04:5b81:2060::/44 maxlen: 48
2a04:5b81:2010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:f0:e7:80:4e:f4:2f:ca:f1:dc:38:0b:74:60:79:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Oct 13 16:48:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86a5f9d5b466e69d7b94b619c0c97ac98e1e8eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:8e:75:e4:5c:5e:bf:40:e1:94:f7:c2:af:
4e:88:52:2f:46:ae:1a:97:7a:b5:73:17:c1:88:b6:
f1:8c:63:3b:5f:71:4f:3e:57:dd:cd:6b:c7:fa:b2:
a4:ff:9e:53:ce:13:16:5c:ef:c0:a8:bb:67:72:34:
a8:6b:2b:77:7c:5a:b5:1b:49:3f:72:e7:ba:77:b8:
1e:5c:22:2e:45:d7:a4:d2:52:a2:e1:51:6e:60:1d:
42:66:e1:d7:df:77:ed:a2:3b:59:06:aa:98:63:36:
f6:20:f4:1a:e2:80:3c:c6:8d:31:71:e0:f5:7c:a2:
f5:ad:b4:ee:8d:9f:1b:56:00:b5:dc:29:84:a1:9b:
ba:e4:5d:ce:33:6e:21:33:69:3f:9a:56:38:14:b9:
3e:80:cf:22:00:ea:4d:0b:fa:18:57:43:29:ae:57:
d3:68:57:56:eb:df:0f:88:74:76:f4:f6:40:73:d8:
05:f1:aa:09:b1:1c:c0:28:ba:8d:c3:85:2d:0d:d5:
a3:59:b1:4d:89:8d:89:01:cc:64:2d:cf:27:cd:a3:
c3:63:e0:44:14:f3:ca:25:2e:5d:9f:99:c7:da:72:
15:3f:49:74:aa:d5:db:c7:19:d3:c9:84:cd:d7:af:
32:74:bf:29:9e:af:73:13:b0:ba:51:46:fd:7b:3b:
47:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A5:F9:D5:B4:66:E6:9D:7B:94:B6:19:C0:C9:7A:C9:8E:1E:8E:B1
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/hqX51bRm5p17lLYZwMl6yY4ejrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b81:2010::/44
2a04:5b81:2060::/44
Signature Algorithm: sha256WithRSAEncryption
14:c6:f1:09:a6:0e:93:3a:1b:76:34:0d:1b:29:43:ee:58:2d:
a1:1c:d2:48:01:f7:1f:46:3b:c4:85:63:a6:0b:14:31:58:22:
cc:0a:55:f5:ec:af:4b:70:0c:9d:c5:71:f9:64:d8:25:0f:2f:
9e:99:e0:67:5b:6f:bf:4a:ea:0c:09:86:3b:57:51:67:49:f6:
86:2c:bd:66:78:4a:37:27:43:89:70:99:18:da:4a:65:f6:63:
2a:b2:3d:93:96:d4:9f:6b:8a:ab:d8:8e:9f:30:b4:98:d1:ea:
23:c7:41:d0:9b:17:7f:c3:38:06:da:c6:46:b0:b2:ff:af:93:
87:71:56:c7:53:20:28:eb:74:0e:1f:8a:47:e3:ce:63:89:b6:
6b:78:f2:de:49:a9:12:cc:2c:64:0d:a9:4d:1b:f3:03:cd:5b:
8b:ba:a4:2c:61:f5:49:4b:27:e4:cf:fd:7e:b0:5d:83:63:f7:
d8:bf:11:df:c3:5d:f8:32:5a:05:3d:1c:fb:4e:e8:cb:c9:88:
7a:22:a3:6a:11:09:9d:58:de:28:7a:c9:47:75:aa:ef:f0:70:
40:69:d1:2f:b6:ca:07:ae:90:7b:1b:31:57:96:77:69:b8:6c:
be:b1:6d:cf:28:86:57:f0:d5:de:f6:9d:4f:15:98:8a:0b:f1:
83:c8:ab:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsp8OeATvQvyvHcOAt0YHmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjMxMDEzMTY0ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE1ZjlkNWI0NjZlNjlkN2I5NGI2MTljMGM5N2FjOThlMWU4ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlaOdeRcXr9A4ZT3wq9OiFIvRq4a
l3q1cxfBiLbxjGM7X3FPPlfdzWvH+rKk/55TzhMWXO/AqLtncjSoayt3fFq1G0k/
cue6d7geXCIuRdek0lKi4VFuYB1CZuHX33ftojtZBqqYYzb2IPQa4oA8xo0xceD1
fKL1rbTujZ8bVgC13CmEoZu65F3OM24hM2k/mlY4FLk+gM8iAOpNC/oYV0MprlfT
aFdW698PiHR29PZAc9gF8aoJsRzAKLqNw4UtDdWjWbFNiY2JAcxkLc8nzaPDY+BE
FPPKJS5dn5nH2nIVP0l0qtXbxxnTyYTN168ydL8pnq9zE7C6UUb9eztHzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIal+dW0Zuade5S2GcDJesmOHo6xMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvaHFYNTFiUm01cDE3bExZWndNbDZ5WTRlanJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgRbgSAQ
AwcEKgRbgSBgMA0GCSqGSIb3DQEBCwUAA4IBAQAUxvEJpg6TOht2NA0bKUPuWC2h
HNJIAfcfRjvEhWOmCxQxWCLMClX17K9LcAydxXH5ZNglDy+emeBnW2+/SuoMCYY7
V1FnSfaGLL1meEo3J0OJcJkY2kpl9mMqsj2TltSfa4qr2I6fMLSY0eojx0HQmxd/
wzgG2sZGsLL/r5OHcVbHUyAo63QOH4pH485jibZrePLeSakSzCxkDalNG/MDzVuL
uqQsYfVJSyfkz/1+sF2DY/fYvxHfw134MloFPRz7TujLyYh6IqNqEQmdWN4oeslH
darv8HBAadEvtsoHrpB7GzFXlndpuGy+sW3PKIZX8NXe9p1PFZiKC/GDyKu2
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:06 2025 by rpki-client