Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/sHvGf2WNZmlViLjnsctpYvpFApY.roa
File: sHvGf2WNZmlViLjnsctpYvpFApY.roa (raw, json)
Hash identifier: 8A7x1+ZQkl0I52N94ynvG6f5nvrZYQKxMwRYZ3Ps/A4=
Subject key identifier: B0:7B:C6:7F:65:8D:66:69:55:88:B8:E7:B1:CB:69:62:FA:45:02:96
Certificate issuer: /CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Certificate serial: 01830D78FA22E38552A669BAD0D1D11DF04B
Authority key identifier: CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/sHvGf2WNZmlViLjnsctpYvpFApY.roa
Signing time: Mon 05 Sep 2022 11:46:15 +0000
ROA not before: Mon 05 Sep 2022 11:46:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212748
IP address blocks: 2a0e:b2c4::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:78:fa:22:e3:85:52:a6:69:ba:d0:d1:d1:1d:f0:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Validity
Not Before: Sep 5 11:46:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b07bc67f658d66695588b8e7b1cb6962fa450296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dd:ec:bb:9c:af:54:d3:fb:c2:74:1e:ee:01:
e5:30:4e:78:9b:b2:14:fb:88:f7:85:49:de:3c:3e:
5f:1f:92:73:3e:8e:cd:5b:9e:c1:4e:cc:71:06:4f:
af:05:cb:ca:07:95:d3:ad:84:e2:d6:69:75:1f:a0:
bb:be:ab:7a:8c:02:f3:ed:86:4e:d4:16:b5:8a:7a:
eb:ae:b3:3d:6e:5d:6a:ec:d7:f7:bf:d8:a0:6f:b3:
a4:e4:4d:aa:fd:95:0d:08:35:7c:d6:a1:e6:21:c1:
02:4c:48:11:30:0e:24:16:18:de:8e:4e:5f:9b:54:
dd:6e:11:43:d6:98:b3:2a:bb:ed:2d:81:91:5e:31:
16:7a:4e:9a:15:99:bf:07:51:ff:55:9b:50:6c:ca:
8e:e7:bd:82:cc:11:c6:ce:62:c9:d5:e3:de:04:c6:
90:9b:bc:3a:0f:7c:ad:e7:7b:0e:e9:66:8c:d5:8c:
89:46:9b:c8:86:b8:85:2e:ac:ac:e8:59:d1:39:39:
ee:f5:8e:3e:a7:cc:94:09:73:ef:36:b9:f1:5d:94:
6c:5e:b1:99:86:b4:09:0e:81:02:f2:22:6e:6e:ab:
22:a5:c5:28:10:71:dc:55:d1:60:c7:b0:0c:c9:15:
69:a5:5b:15:ba:1c:39:17:c1:30:c0:0b:92:2a:7e:
bc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7B:C6:7F:65:8D:66:69:55:88:B8:E7:B1:CB:69:62:FA:45:02:96
X509v3 Authority Key Identifier:
keyid:CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/sHvGf2WNZmlViLjnsctpYvpFApY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/zjfKOryl4UrBG8fzwVYqZNY5HSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b2c4::/30
Signature Algorithm: sha256WithRSAEncryption
a6:37:17:c4:c5:cd:9f:94:1c:48:0c:61:13:d0:8e:15:4c:53:
ca:38:1f:e4:f0:95:65:65:0e:b0:32:3a:1a:ea:a0:21:38:8d:
28:73:1a:b4:2f:f1:9b:49:b0:58:ae:6f:1b:34:54:c3:bf:64:
72:7f:35:be:2d:2e:5d:4a:c2:3b:d7:bd:c4:f0:e7:9b:dc:c1:
16:3b:04:8c:b0:fd:dc:07:9d:57:8b:e0:7e:8f:59:b3:33:2a:
74:eb:d2:af:9c:f0:58:8a:f8:dc:d0:75:60:59:ca:2e:22:5e:
78:0a:8a:55:25:0a:cd:46:d5:69:38:d2:59:af:52:71:d0:cd:
01:21:07:22:3e:ae:04:29:4c:79:16:ee:b9:d9:32:f5:61:92:
d4:05:95:2b:2a:be:d3:60:32:44:fd:da:9f:8a:b3:a7:83:44:
2a:cd:4b:1f:c5:a8:2c:5f:07:26:23:57:52:70:09:13:c5:0f:
4a:e3:93:20:ed:f0:0a:67:4b:6e:8c:52:03:7b:71:ec:09:5c:
46:7e:6c:78:c5:41:57:a9:5e:2b:a6:6f:32:6e:96:6e:07:36:
67:79:6e:e9:d5:d1:7f:a9:2c:ec:52:7a:b4:84:f3:fa:68:e0:
c5:cd:16:eb:c8:11:05:af:c4:f5:b4:7f:e8:4f:0b:cc:25:8a:
6c:bc:cc:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMNePoi44VSpmm60NHRHfBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMzdjYTNhYmNhNWUxNGFjMTFiYzdmM2MxNTYyYTY0ZDYz
OTFkMjIwHhcNMjIwOTA1MTE0NjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDdiYzY3ZjY1OGQ2NjY5NTU4OGI4ZTdiMWNiNjk2MmZhNDUwMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj93su5yvVNP7wnQe7gHlME54m7IU
+4j3hUnePD5fH5JzPo7NW57BTsxxBk+vBcvKB5XTrYTi1ml1H6C7vqt6jALz7YZO
1Ba1inrrrrM9bl1q7Nf3v9igb7Ok5E2q/ZUNCDV81qHmIcECTEgRMA4kFhjejk5f
m1TdbhFD1pizKrvtLYGRXjEWek6aFZm/B1H/VZtQbMqO572CzBHGzmLJ1ePeBMaQ
m7w6D3yt53sO6WaM1YyJRpvIhriFLqys6FnROTnu9Y4+p8yUCXPvNrnxXZRsXrGZ
hrQJDoEC8iJubqsipcUoEHHcVdFgx7AMyRVppVsVuhw5F8EwwAuSKn68uQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLB7xn9ljWZpVYi457HLaWL6RQKWMB8GA1UdIwQY
MBaAFM43yjq8peFKwRvH88FWKmTWOR0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvempmS09yeWw0VXJCRzhmendWWXFaTlk1SFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZTY2YmYtNTYxYy00ZDU1LTgyNmQt
MDM4MDM1ZDgwYzBiLzEvc0h2R2YyV05abWxWaUxqbnNjdHBZdnBGQXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZTY2YmYtNTYxYy00ZDU1LTgyNmQtMDM4MDM1ZDgwYzBi
LzEvempmS09yeWw0VXJCRzhmendWWXFaTlk1SFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKg6yxDAN
BgkqhkiG9w0BAQsFAAOCAQEApjcXxMXNn5QcSAxhE9COFUxTyjgf5PCVZWUOsDI6
GuqgITiNKHMatC/xm0mwWK5vGzRUw79kcn81vi0uXUrCO9e9xPDnm9zBFjsEjLD9
3AedV4vgfo9ZszMqdOvSr5zwWIr43NB1YFnKLiJeeAqKVSUKzUbVaTjSWa9ScdDN
ASEHIj6uBClMeRbuudky9WGS1AWVKyq+02AyRP3an4qzp4NEKs1LH8WoLF8HJiNX
UnAJE8UPSuOTIO3wCmdLboxSA3tx7AlcRn5seMVBV6leK6ZvMm6Wbgc2Z3lu6dXR
f6ks7FJ6tITz+mjgxc0W68gRBa/E9bR/6E8LzCWKbLzMFg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:12 2025 by rpki-client