Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/HQM4FaosIs3a5lhK3GhHm7nb9ZE.roa
File: HQM4FaosIs3a5lhK3GhHm7nb9ZE.roa (raw, json)
Hash identifier: RrYY9s6+TCB/mCY5Z+vgdj0NR1I9hew1dQ477AzAgW4=
Subject key identifier: 1D:03:38:15:AA:2C:22:CD:DA:E6:58:4A:DC:68:47:9B:B9:DB:F5:91
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 08B1B11A
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/HQM4FaosIs3a5lhK3GhHm7nb9ZE.roa
Signing time: Sat 01 Jan 2022 15:05:17 +0000
ROA not before: Sat 01 Jan 2022 15:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57045
IP address blocks: 2a0e:1106:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145862938 (0x8b1b11a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 15:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d033815aa2c22cddae6584adc68479bb9dbf591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:54:af:ff:be:7d:c9:8d:a4:8f:1e:1b:1f:
c4:34:2b:ba:c1:a8:a6:c9:11:db:34:2e:87:ca:34:
34:7a:85:5d:31:e9:28:c1:b6:9f:ce:6c:6f:c6:8b:
bc:32:ed:12:5b:77:4e:d8:43:23:74:0c:c4:27:36:
49:b6:2b:79:2c:23:cf:aa:ef:bd:8b:0a:52:76:45:
35:e6:bb:14:8d:ff:59:cf:b1:5f:fc:03:e7:41:18:
d4:db:32:64:b1:d6:75:9b:37:01:13:b0:a0:26:72:
14:66:d4:9b:fc:d5:35:f4:37:fa:02:5f:0d:52:52:
bf:15:7b:34:a1:0e:6b:c6:62:cd:dd:51:fe:15:67:
d2:d8:29:2f:57:92:98:49:89:8b:c1:11:1d:91:80:
44:b2:03:4f:a9:5f:12:92:5d:00:91:f6:e5:b4:ae:
a3:5f:8a:81:14:8d:61:86:b6:91:61:63:ef:c7:2b:
be:79:5a:55:e0:2e:e6:3e:ad:7c:31:5b:db:74:a1:
d0:96:38:40:b3:b0:04:b4:06:9d:07:97:49:a1:45:
df:7c:19:d5:88:9e:e1:35:b4:e9:a3:43:44:8f:c9:
56:19:63:48:c4:67:6f:c8:d5:0b:21:fa:5c:34:2c:
0b:66:1b:5e:fd:f8:b9:bc:e1:34:8c:15:60:3d:e7:
29:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:03:38:15:AA:2C:22:CD:DA:E6:58:4A:DC:68:47:9B:B9:DB:F5:91
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/HQM4FaosIs3a5lhK3GhHm7nb9ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1106:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:0e:73:93:1c:8b:1e:26:d4:ac:de:62:70:f7:fa:7b:88:d3:
0c:e2:8e:fe:78:c0:bd:05:c8:7b:0d:38:ad:02:88:bf:a5:88:
fd:b0:4a:26:a0:da:59:60:b6:8f:f9:2f:27:e7:20:7a:0a:4c:
e7:72:26:7d:40:31:41:be:88:bf:f7:d1:08:8c:20:d1:d8:25:
b6:09:fe:ad:da:4c:59:b5:61:f1:19:6a:a9:31:00:47:f3:1a:
34:10:b3:4a:9b:3c:4a:1b:fd:48:2f:2c:5b:c6:1a:89:4b:09:
6d:9c:12:e4:4c:9f:fd:ea:24:73:f5:1a:ea:ec:2c:e1:29:d9:
f0:de:bc:bd:f0:e0:1c:19:2b:64:96:a8:6e:33:8d:94:f8:ea:
c1:19:f2:a6:6d:c1:56:ce:cc:38:0e:4d:da:a1:b7:90:54:e3:
c7:c6:df:d7:15:97:22:3b:58:83:c8:7c:2a:e3:6b:b7:31:10:
44:c0:69:74:35:4e:48:ae:b7:cc:75:06:ae:b4:de:90:65:37:
19:71:7a:df:73:03:80:c4:84:84:76:c6:31:26:6a:5f:c0:7a:
0c:ed:63:20:0a:b0:72:6e:e8:e0:9c:84:48:ac:69:68:7f:f6:
af:4a:3d:c8:5a:4c:70:bc:07:b4:b6:fa:4f:67:eb:b8:ac:e2:
70:ae:8b:1c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECLGxGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWNhNTA4NThhMTg1NmZmYTAyZTkxMzU2ZjE0MjM2ZTdjMzhiODVhMB4XDTIyMDEw
MTE1MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQwMzM4MTVhYTJj
MjJjZGRhZTY1ODRhZGM2ODQ3OWJiOWRiZjU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALreVK//vn3JjaSPHhsfxDQrusGopskR2zQuh8o0NHqFXTHp
KMG2n85sb8aLvDLtElt3TthDI3QMxCc2SbYreSwjz6rvvYsKUnZFNea7FI3/Wc+x
X/wD50EY1NsyZLHWdZs3AROwoCZyFGbUm/zVNfQ3+gJfDVJSvxV7NKEOa8Zizd1R
/hVn0tgpL1eSmEmJi8ERHZGARLIDT6lfEpJdAJH25bSuo1+KgRSNYYa2kWFj78cr
vnlaVeAu5j6tfDFb23Sh0JY4QLOwBLQGnQeXSaFF33wZ1Yie4TW06aNDRI/JVhlj
SMRnb8jVCyH6XDQsC2YbXv34ubzhNIwVYD3nKeECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQdAzgVqiwizdrmWErcaEebudv1kTAfBgNVHSMEGDAWgBQ6ylCFihhW/6Au
kTVvFCNufDi4WjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09zcFFoWW9ZVnYtZ0xwRTFieFFqYm53NHVGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8x
L0hRTTRGYW9zSXMzYTVsaEszR2hIbTduYjlaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8xL09zcFFoWW9ZVnYt
Z0xwRTFieFFqYm53NHVGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoOEQYQMA0GCSqGSIb3DQEBCwUA
A4IBAQCeDnOTHIseJtSs3mJw9/p7iNMM4o7+eMC9Bch7DTitAoi/pYj9sEomoNpZ
YLaP+S8n5yB6CkznciZ9QDFBvoi/99EIjCDR2CW2Cf6t2kxZtWHxGWqpMQBH8xo0
ELNKmzxKG/1ILyxbxhqJSwltnBLkTJ/96iRz9Rrq7CzhKdnw3ry98OAcGStklqhu
M42U+OrBGfKmbcFWzsw4Dk3aobeQVOPHxt/XFZciO1iDyHwq42u3MRBEwGl0NU5I
rrfMdQautN6QZTcZcXrfcwOAxISEdsYxJmpfwHoM7WMgCrBybujgnIRIrGlof/av
Sj3IWkxwvAe0tvpPZ+u4rOJwrosc
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:27:19 2025 by rpki-client