Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/hTmcEX15ui2QCpe9bGI80gFG2fU.roa
File: hTmcEX15ui2QCpe9bGI80gFG2fU.roa (raw, json)
Hash identifier: +nmtNiX9g4mSmSq6FVzLVf5saXZQaj4zYJr+F+ExsoM=
Subject key identifier: 85:39:9C:11:7D:79:BA:2D:90:0A:97:BD:6C:62:3C:D2:01:46:D9:F5
Certificate issuer: /CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Certificate serial: 0184AE91083DCDAFBBFA3FE435F1B692188F
Authority key identifier: 4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/hTmcEX15ui2QCpe9bGI80gFG2fU.roa
Signing time: Fri 25 Nov 2022 11:34:11 +0000
ROA not before: Fri 25 Nov 2022 11:34:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5391
IP address blocks: 2a13:16c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:91:08:3d:cd:af:bb:fa:3f:e4:35:f1:b6:92:18:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Validity
Not Before: Nov 25 11:34:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85399c117d79ba2d900a97bd6c623cd20146d9f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1f:5c:c6:80:ee:a6:6d:d9:53:ba:01:a2:74:
77:ce:da:16:98:1a:2d:6d:f3:aa:72:1b:6e:05:87:
94:f3:fc:e8:67:d3:38:1a:1b:65:76:e2:e0:f2:6d:
dd:4d:e1:10:42:f2:e5:62:65:d0:e0:ff:eb:8d:66:
6c:f4:b7:30:80:d3:11:7a:bd:e6:19:75:01:06:4f:
12:a5:db:2c:b1:d6:1d:85:67:18:b3:23:aa:73:bc:
23:56:28:b3:f5:a9:f1:45:8a:92:6f:ea:42:b0:2a:
fb:97:c3:76:e9:8e:2c:b8:fb:9f:5a:47:2f:e3:03:
8e:3f:ca:e2:d2:89:d8:39:b2:17:78:fc:90:af:bf:
28:47:1c:c4:30:da:1f:fd:81:82:1d:f1:c6:4b:5d:
f0:4e:e6:19:85:b3:33:a3:54:a5:f8:1f:d0:05:94:
a5:f2:fe:b6:54:43:6a:b3:83:a2:6b:9c:7f:9c:97:
97:3d:aa:e4:26:05:9a:3a:f7:d0:91:b5:a1:4f:96:
ec:de:20:e5:a5:3f:4d:b2:2a:7b:e3:c7:72:0c:7c:
88:81:1d:9d:f9:e8:d9:94:22:d8:0f:f6:32:f7:c8:
6f:8e:dd:8c:5c:2d:5b:dd:ba:52:48:23:f4:ba:f0:
7a:47:ab:2a:cf:1d:c9:28:57:7d:ec:6e:95:45:17:
b2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:39:9C:11:7D:79:BA:2D:90:0A:97:BD:6C:62:3C:D2:01:46:D9:F5
X509v3 Authority Key Identifier:
keyid:4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/hTmcEX15ui2QCpe9bGI80gFG2fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:11:6c:fa:3b:bd:12:34:e7:03:a8:75:41:d7:21:ba:ba:d1:
17:a6:31:ac:63:8a:dd:ab:90:e4:2a:62:11:48:4a:53:66:21:
fb:14:9d:99:12:da:dd:26:3f:98:4a:6a:70:e8:04:7d:1b:9b:
92:cd:7f:50:ea:8d:6a:1c:4a:1c:32:12:67:a6:a0:4e:dd:20:
e4:6c:8d:32:7d:3a:05:6b:5c:d5:a9:56:84:79:19:6c:53:dd:
f6:ba:96:47:d9:d4:68:47:e0:1a:94:43:33:06:89:48:8e:c0:
bc:68:6e:aa:66:0d:23:6f:45:75:4b:52:13:23:a7:22:13:11:
d0:73:12:f9:62:d3:ed:5a:e9:d1:f0:51:fd:6c:43:42:59:d8:
b1:e2:e2:a3:9b:c6:57:90:a9:c5:97:04:4e:a8:14:34:1f:3d:
24:60:dc:b2:9f:72:8b:d4:38:ee:30:f7:b5:f2:3a:21:55:de:
6f:23:07:c3:75:50:3c:75:0a:4b:9b:ed:d1:07:73:64:c8:54:
f3:a6:30:e2:9e:8b:39:d5:60:54:82:a4:dc:57:19:40:3e:26:
90:32:af:ff:d9:ab:ce:d6:8d:80:bd:98:e1:f8:ed:6e:eb:c2:
e9:6f:ef:28:85:ac:fa:85:93:1e:2d:14:80:61:af:78:e0:80:
eb:bc:ed:fe
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSukQg9za+7+j/kNfG2khiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNkYzY3NTNhOGNiZDc0Yjc0NDUyYzE1MzZmMzdkOWM0
ZGM3MGMwHhcNMjIxMTI1MTEzNDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM5OWMxMTdkNzliYTJkOTAwYTk3YmQ2YzYyM2NkMjAxNDZkOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR9cxoDupm3ZU7oBonR3ztoWmBot
bfOqchtuBYeU8/zoZ9M4GhtlduLg8m3dTeEQQvLlYmXQ4P/rjWZs9LcwgNMRer3m
GXUBBk8SpdsssdYdhWcYsyOqc7wjViiz9anxRYqSb+pCsCr7l8N26Y4suPufWkcv
4wOOP8ri0onYObIXePyQr78oRxzEMNof/YGCHfHGS13wTuYZhbMzo1Sl+B/QBZSl
8v62VENqs4Oia5x/nJeXParkJgWaOvfQkbWhT5bs3iDlpT9Nsip748dyDHyIgR2d
+ejZlCLYD/Yy98hvjt2MXC1b3bpSSCP0uvB6R6sqzx3JKFd97G6VRRey8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIU5nBF9ebotkAqXvWxiPNIBRtn1MB8GA1UdIwQY
MBaAFEpj3GdTqMvXS3RFLBU2832cTccMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAt
ZTM0MWIwZjkxNWQzLzEvaFRtY0VYMTV1aTJRQ3BlOWJHSTgwZ0ZHMmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAtZTM0MWIwZjkxNWQz
LzEvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAqhFs+ju9EjTnA6h1QdchurrRF6YxrGOK3auQ5Cpi
EUhKU2Yh+xSdmRLa3SY/mEpqcOgEfRubks1/UOqNahxKHDISZ6agTt0g5GyNMn06
BWtc1alWhHkZbFPd9rqWR9nUaEfgGpRDMwaJSI7AvGhuqmYNI29FdUtSEyOnIhMR
0HMS+WLT7Vrp0fBR/WxDQlnYseLio5vGV5CpxZcETqgUNB89JGDcsp9yi9Q47jD3
tfI6IVXebyMHw3VQPHUKS5vt0QdzZMhU86Yw4p6LOdVgVIKk3FcZQD4mkDKv/9mr
ztaNgL2Y4fjtbuvC6W/vKIWs+oWTHi0UgGGveOCA67zt/g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:08 2025 by rpki-client