Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/a3311a-aa9a-4904-88e5-1ba65174bd1d/1/bhIoOnZP98ScwV8E1pDs8riY7U0.roa
File: bhIoOnZP98ScwV8E1pDs8riY7U0.roa (raw, json)
Hash identifier: qwvhs7ECyapdVl9McKKS59SNpSdSNq/IGrgw2pX6VqQ=
Subject key identifier: 6E:12:28:3A:76:4F:F7:C4:9C:C1:5F:04:D6:90:EC:F2:B8:98:ED:4D
Certificate issuer: /CN=42f51aeaf774b633a47f960a7089b15b35b1a4cb
Certificate serial: 018B4D7ACFCC69BD229823EBE57C38AE6AC2
Authority key identifier: 42:F5:1A:EA:F7:74:B6:33:A4:7F:96:0A:70:89:B1:5B:35:B1:A4:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvUa6vd0tjOkf5YKcImxWzWxpMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/a3311a-aa9a-4904-88e5-1ba65174bd1d/1/bhIoOnZP98ScwV8E1pDs8riY7U0.roa
Signing time: Fri 20 Oct 2023 14:26:16 +0000
ROA not before: Fri 20 Oct 2023 14:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216145
IP address blocks: 2001:67c:15cc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:7a:cf:cc:69:bd:22:98:23:eb:e5:7c:38:ae:6a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f51aeaf774b633a47f960a7089b15b35b1a4cb
Validity
Not Before: Oct 20 14:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e12283a764ff7c49cc15f04d690ecf2b898ed4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b3:50:de:c9:95:09:c2:d0:78:eb:97:6a:40:
9e:84:76:8b:9a:1d:43:ec:cb:4c:26:bd:07:a1:5b:
e7:25:c2:dd:af:f5:6d:d6:04:66:91:bc:9f:7d:d7:
99:2b:d6:05:d1:7b:c1:13:de:28:91:1a:c5:c0:be:
23:e3:05:dc:b9:95:dd:56:f7:64:89:fe:f9:be:db:
52:bd:1d:fb:87:65:88:00:18:2a:08:e0:f0:c8:61:
16:09:0a:57:1c:a1:a2:03:d2:5f:33:11:ac:ae:99:
ab:26:8e:c4:57:dd:1e:2e:5c:00:77:b4:e8:9e:ab:
b6:ac:5e:ea:24:a2:b5:cb:ce:71:88:78:de:fc:71:
dd:12:c6:57:9c:f0:7a:9a:b7:b2:4d:73:64:8b:3b:
2e:68:ec:2c:03:ef:85:5d:3a:f5:55:c1:2f:f4:72:
b8:79:ab:80:72:85:33:a3:d6:07:26:28:ab:01:50:
27:d3:02:42:7e:08:d6:4c:bb:d0:42:75:9a:1c:41:
ec:cb:d4:35:f8:fd:6a:6c:44:48:75:74:c3:44:dc:
ff:b1:31:59:b4:12:41:5a:87:51:28:a6:30:a3:77:
bd:c1:a3:d1:c4:32:54:64:e0:83:5d:31:de:d8:f0:
fb:a1:81:a7:45:21:83:05:cb:f9:6d:fd:30:99:34:
3a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:12:28:3A:76:4F:F7:C4:9C:C1:5F:04:D6:90:EC:F2:B8:98:ED:4D
X509v3 Authority Key Identifier:
keyid:42:F5:1A:EA:F7:74:B6:33:A4:7F:96:0A:70:89:B1:5B:35:B1:A4:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvUa6vd0tjOkf5YKcImxWzWxpMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/a3311a-aa9a-4904-88e5-1ba65174bd1d/1/bhIoOnZP98ScwV8E1pDs8riY7U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/a3311a-aa9a-4904-88e5-1ba65174bd1d/1/QvUa6vd0tjOkf5YKcImxWzWxpMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:15cc::/48
Signature Algorithm: sha256WithRSAEncryption
24:a2:1b:5b:6a:72:da:26:b5:51:ec:68:e6:d6:64:3d:b1:e5:
8b:9e:e2:4e:00:56:8c:a7:59:1d:8e:ec:7e:01:f7:15:82:b9:
22:26:b6:c0:4f:b9:fa:92:93:9b:ca:28:ac:6b:07:2b:51:90:
2e:ab:5c:c5:ed:e0:3c:0b:6e:9e:28:af:31:0e:39:a5:14:54:
f4:16:d4:93:1b:14:56:6e:ea:71:b9:fc:1f:99:9b:5e:a1:06:
76:9a:c3:47:73:31:4e:d3:4e:b5:6d:ae:f7:c3:c2:b3:45:d4:
84:a8:1b:b1:53:6e:fb:26:67:a3:0e:d4:41:93:74:0a:d2:a0:
2a:6b:02:d1:0c:58:a1:e5:d6:65:bb:28:89:6b:8a:3c:ef:20:
9f:89:8e:f1:f0:3f:44:85:bc:e6:d4:54:ab:dd:68:d0:45:88:
d0:2b:6d:99:a2:e9:ee:fe:51:ad:66:73:b0:3f:5c:90:38:72:
64:b6:1d:f7:7b:bd:c2:f9:79:c3:1d:df:32:2f:52:a8:f8:8a:
37:8a:f2:c6:fd:5f:a1:57:3a:d1:15:f7:dd:28:b8:49:9a:4c:
ca:39:8e:86:44:34:f3:f0:0b:5c:e3:07:04:00:f7:0e:6e:bc:
ac:e6:75:50:18:9f:ee:31:aa:67:99:99:63:bb:2a:9b:d2:56:
78:f6:58:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtNes/Mab0imCPr5Xw4rmrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjUxYWVhZjc3NGI2MzNhNDdmOTYwYTcwODliMTViMzVi
MWE0Y2IwHhcNMjMxMDIwMTQyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTEyMjgzYTc2NGZmN2M0OWNjMTVmMDRkNjkwZWNmMmI4OThlZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLNQ3smVCcLQeOuXakCehHaLmh1D
7MtMJr0HoVvnJcLdr/Vt1gRmkbyffdeZK9YF0XvBE94okRrFwL4j4wXcuZXdVvdk
if75vttSvR37h2WIABgqCODwyGEWCQpXHKGiA9JfMxGsrpmrJo7EV90eLlwAd7To
nqu2rF7qJKK1y85xiHje/HHdEsZXnPB6mreyTXNkizsuaOwsA++FXTr1VcEv9HK4
eauAcoUzo9YHJiirAVAn0wJCfgjWTLvQQnWaHEHsy9Q1+P1qbERIdXTDRNz/sTFZ
tBJBWodRKKYwo3e9waPRxDJUZOCDXTHe2PD7oYGnRSGDBcv5bf0wmTQ61QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG4SKDp2T/fEnMFfBNaQ7PK4mO1NMB8GA1UdIwQY
MBaAFEL1Gur3dLYzpH+WCnCJsVs1saTLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZVYTZ2ZDB0ak9rZjVZS2NJbXhXeld4cE1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hMzMxMWEtYWE5YS00OTA0LTg4ZTUt
MWJhNjUxNzRiZDFkLzEvYmhJb09uWlA5OFNjd1Y4RTFwRHM4cmlZN1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hMzMxMWEtYWE5YS00OTA0LTg4ZTUtMWJhNjUxNzRiZDFk
LzEvUXZVYTZ2ZDB0ak9rZjVZS2NJbXhXeld4cE1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBXM
MA0GCSqGSIb3DQEBCwUAA4IBAQAkohtbanLaJrVR7Gjm1mQ9seWLnuJOAFaMp1kd
jux+AfcVgrkiJrbAT7n6kpObyiisawcrUZAuq1zF7eA8C26eKK8xDjmlFFT0FtST
GxRWbupxufwfmZteoQZ2msNHczFO0061ba73w8KzRdSEqBuxU277JmejDtRBk3QK
0qAqawLRDFih5dZluyiJa4o87yCfiY7x8D9Ehbzm1FSr3WjQRYjQK22Zounu/lGt
ZnOwP1yQOHJkth33e73C+XnDHd8yL1Ko+Io3ivLG/V+hVzrRFffdKLhJmkzKOY6G
RDTz8Atc4wcEAPcObrys5nVQGJ/uMapnmZljuyqb0lZ49lgC
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:17:51 2025 by rpki-client