Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/HKDClkdD4TKQY6cuHj_ESuhz3hw.roa
File: HKDClkdD4TKQY6cuHj_ESuhz3hw.roa (raw, json)
Hash identifier: ULHL87inW1RQLxX64DsQ5IN3QQWQIfkNAHJq3FPBjQ8=
Subject key identifier: 1C:A0:C2:96:47:43:E1:32:90:63:A7:2E:1E:3F:C4:4A:E8:73:DE:1C
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 08E6292C
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/HKDClkdD4TKQY6cuHj_ESuhz3hw.roa
Signing time: Sat 01 Jan 2022 10:03:37 +0000
ROA not before: Sat 01 Jan 2022 10:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212804
IP address blocks: 2a0a:2785::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149301548 (0x8e6292c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jan 1 10:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ca0c2964743e1329063a72e1e3fc44ae873de1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:23:04:fb:d6:03:75:20:f5:13:fd:fa:20:e1:
16:a0:c3:84:d0:2b:97:50:d9:7c:30:eb:ee:99:e9:
0e:90:f9:2c:17:f0:7b:4e:8b:a7:dd:da:fe:83:df:
f3:fe:72:b8:e1:67:18:ec:3f:84:b8:df:3e:b0:1f:
48:d0:58:99:96:4a:bc:86:8d:b7:b8:9c:e3:f7:10:
a4:8d:c0:ae:bf:d7:7d:79:5f:2a:14:e9:de:66:69:
91:78:37:82:ef:7f:41:70:3d:9a:6d:f9:29:ac:76:
69:79:07:df:65:02:b5:00:72:4d:f2:33:e2:69:2d:
69:7e:af:1a:e8:7f:13:d3:5e:62:61:38:a6:22:53:
d1:c2:22:dc:d9:be:1d:a3:df:86:c5:5d:10:8a:68:
61:6a:3a:64:11:b7:34:f8:f0:e6:66:37:02:41:69:
ea:26:45:60:72:c0:e1:fa:9c:b7:80:d2:0f:5a:b5:
d8:ab:65:d1:ea:d8:06:9a:6b:a5:c6:bf:dd:68:56:
35:79:42:6a:32:02:b1:4f:b0:61:f5:e7:55:b4:19:
ac:f4:fd:c8:fc:4d:41:94:57:79:8a:51:0b:46:ba:
5e:57:ff:98:98:c2:eb:88:2d:b8:b8:c2:c1:5e:9c:
91:1d:39:36:89:3a:18:53:81:5b:ea:2d:88:28:b7:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A0:C2:96:47:43:E1:32:90:63:A7:2E:1E:3F:C4:4A:E8:73:DE:1C
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/HKDClkdD4TKQY6cuHj_ESuhz3hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2785::/32
Signature Algorithm: sha256WithRSAEncryption
42:f4:7b:91:bb:4b:14:23:70:63:6b:94:e1:22:ac:d2:eb:11:
83:0b:e3:08:10:01:f4:6c:80:91:57:c8:b1:1b:7e:aa:14:35:
3e:d5:25:25:6d:16:a7:07:50:8a:5c:3b:cb:13:d9:bc:4f:c0:
b7:cf:68:e9:43:63:92:79:cb:f5:ae:be:3b:39:7b:0f:ed:97:
e1:13:4a:d0:1b:bc:94:97:c9:2c:0e:07:9d:d5:6f:ea:01:c4:
2e:5a:50:13:f9:7d:fb:23:cb:6f:e6:69:2a:37:32:ff:2b:7e:
53:87:a0:ba:c8:05:af:35:34:9e:f1:b7:06:50:55:1f:35:fe:
a7:c2:59:e7:d8:21:b8:ff:4b:b0:da:c6:d0:e9:06:5f:98:9f:
44:9d:4d:91:df:f8:00:4b:73:3e:af:95:13:76:e5:3d:4d:2b:
41:3e:32:81:a3:26:99:4f:65:36:49:77:2d:36:71:3a:9d:72:
b9:27:43:4c:e5:f6:fd:05:b1:01:78:92:ab:28:ff:e5:38:e2:
90:06:73:f8:b1:d4:6b:d3:d7:6a:18:ce:3a:04:ea:08:48:29:
0f:14:39:20:47:b9:d2:6f:98:81:4f:25:88:57:13:3b:ea:d8:
0a:79:22:f3:99:64:0f:6c:59:b7:53:ac:6b:18:40:2e:69:48:
e0:ae:a8:dd
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECOYpLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTBiYWU2MDk3MGEyZGZjODZkZDYwN2M1YjkxNWFkNWM1MzRiNDEzMB4XDTIyMDEw
MTEwMDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNhMGMyOTY0NzQz
ZTEzMjkwNjNhNzJlMWUzZmM0NGFlODczZGUxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsjBPvWA3Ug9RP9+iDhFqDDhNArl1DZfDDr7pnpDpD5LBfw
e06Lp93a/oPf8/5yuOFnGOw/hLjfPrAfSNBYmZZKvIaNt7ic4/cQpI3Arr/XfXlf
KhTp3mZpkXg3gu9/QXA9mm35Kax2aXkH32UCtQByTfIz4mktaX6vGuh/E9NeYmE4
piJT0cIi3Nm+HaPfhsVdEIpoYWo6ZBG3NPjw5mY3AkFp6iZFYHLA4fqct4DSD1q1
2Ktl0erYBpprpca/3WhWNXlCajICsU+wYfXnVbQZrPT9yPxNQZRXeYpRC0a6Xlf/
mJjC64gtuLjCwV6ckR05Nok6GFOBW+otiCi30BECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQcoMKWR0PhMpBjpy4eP8RK6HPeHDAfBgNVHSMEGDAWgBT1C65glwot/Ibd
YHxbkVrVxTS0EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlRdXVZSmNLTGZ5RzNXQjhXNUZhMWNVMHRCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvZjcxZGNiLTllOTItNDRlNy1iMDQyLTM2NjUwNjdkYjI1Ni8x
L0hLRENsa2RENFRLUVk2Y3VIal9FU3VoejNody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
ZjcxZGNiLTllOTItNDRlNy1iMDQyLTM2NjUwNjdkYjI1Ni8xLzlRdXVZSmNLTGZ5
RzNXQjhXNUZhMWNVMHRCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKJ4UwDQYJKoZIhvcNAQELBQAD
ggEBAEL0e5G7SxQjcGNrlOEirNLrEYML4wgQAfRsgJFXyLEbfqoUNT7VJSVtFqcH
UIpcO8sT2bxPwLfPaOlDY5J5y/Wuvjs5ew/tl+ETStAbvJSXySwOB53Vb+oBxC5a
UBP5ffsjy2/maSo3Mv8rflOHoLrIBa81NJ7xtwZQVR81/qfCWefYIbj/S7DaxtDp
Bl+Yn0SdTZHf+ABLcz6vlRN25T1NK0E+MoGjJplPZTZJdy02cTqdcrknQ0zl9v0F
sQF4kqso/+U44pAGc/ix1GvT12oYzjoE6ghIKQ8UOSBHudJvmIFPJYhXEzvq2Ap5
IvOZZA9sWbdTrGsYQC5pSOCuqN0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:03 2024 by rpki-client on console-fra.rpki-client.org