Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/hnLDvdypvVxtN7INTo4Af9Fmllg.roa
File: hnLDvdypvVxtN7INTo4Af9Fmllg.roa (raw, json)
Hash identifier: ILDUMobL4OMY27WsGDAoXFN5LoiQCXn96ImW5OYOBHY=
Subject key identifier: 86:72:C3:BD:DC:A9:BD:5C:6D:37:B2:0D:4E:8E:00:7F:D1:66:96:58
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 0182ECB20C166A160710F2C00B66F654A479
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/hnLDvdypvVxtN7INTo4Af9Fmllg.roa
Signing time: Tue 30 Aug 2022 03:01:07 +0000
ROA not before: Tue 30 Aug 2022 03:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203236
IP address blocks: 2a12:3fc2:aa10::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ec:b2:0c:16:6a:16:07:10:f2:c0:0b:66:f6:54:a4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Aug 30 03:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8672c3bddca9bd5c6d37b20d4e8e007fd1669658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:97:b1:2b:e2:78:2c:68:65:38:6f:54:a6:46:
11:ed:de:59:41:8f:b9:9f:1f:03:9c:75:12:3f:27:
13:b6:03:31:98:a4:a2:98:eb:9f:6f:56:42:28:c7:
f3:15:59:5e:e2:89:ec:85:4b:8e:81:a3:a4:6d:78:
1e:e0:8e:a6:69:ce:c5:a6:42:cb:33:e4:33:e7:ca:
49:7b:51:6a:6f:5a:7c:8d:5a:cd:df:e1:77:7f:c7:
7a:7d:95:b8:ea:e7:17:05:8c:53:c8:9e:16:b6:13:
17:dd:6f:26:2f:8a:50:51:3c:59:2a:fc:17:1b:70:
37:d6:ce:2f:dc:50:35:c2:8b:6e:4f:a5:81:0f:3f:
bb:5f:92:38:df:a8:e1:04:50:91:e1:21:e2:9a:44:
23:c1:fc:38:3a:69:e1:b6:64:1a:2e:85:09:ec:ae:
d7:15:20:cb:59:3b:c5:a1:c2:0f:fb:46:f6:e8:a7:
16:69:5a:74:bb:59:0b:d8:a0:37:70:49:00:9d:92:
de:55:c3:c5:94:33:11:0e:ff:a8:11:71:01:ec:c9:
69:81:53:9e:bb:a2:96:0c:e1:0c:5c:e4:48:a0:6a:
88:a8:eb:91:bb:2d:4c:d3:d4:87:d8:95:0f:c7:12:
a2:4e:7f:08:a7:96:80:99:72:fd:03:b4:ad:5a:4a:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:72:C3:BD:DC:A9:BD:5C:6D:37:B2:0D:4E:8E:00:7F:D1:66:96:58
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/hnLDvdypvVxtN7INTo4Af9Fmllg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:aa10::/44
Signature Algorithm: sha256WithRSAEncryption
ab:c5:05:fa:88:06:69:3f:38:42:46:24:d5:b1:a4:37:3d:08:
c8:fd:4c:4d:a1:d4:a8:68:52:97:ab:f7:f3:e9:6f:3e:03:eb:
93:75:d4:0f:1a:61:85:8f:7c:4f:08:e3:32:76:76:1a:fe:6c:
62:6f:95:8b:8e:70:0d:3f:06:4d:75:07:30:9c:50:75:e8:6e:
f0:7c:bd:b3:98:52:23:c6:f9:5b:09:70:0c:1f:d7:93:9c:2b:
47:9b:ef:8d:e2:f1:82:57:f5:e5:c5:fc:53:1a:e6:19:51:5f:
71:ca:1f:f0:e6:a0:80:d5:9e:97:ef:f0:b9:aa:be:9a:f8:9f:
37:30:62:eb:e1:e3:c2:6e:07:c3:63:c3:9e:94:ae:d9:5f:72:
bd:0a:48:8a:9a:93:e1:11:9c:82:04:64:71:28:4f:69:9b:5b:
24:2e:81:8c:f0:6b:46:df:87:4e:e6:fc:bc:0e:9e:1f:e2:26:
6c:66:fc:1b:36:53:cd:ed:60:61:ee:9e:f7:be:4d:16:bb:d2:
73:58:29:f1:e6:73:ba:b3:91:bf:f4:b3:38:a0:e1:6a:0e:b0:
a6:ae:2e:ac:62:15:d1:53:44:58:ae:4d:19:39:f6:40:af:ca:
a1:cb:7a:26:18:c9:0a:e4:23:8e:bb:b7:cc:27:76:ac:0d:a6:
7d:e8:d3:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLssgwWahYHEPLAC2b2VKR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIwODMwMDMwMTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcyYzNiZGRjYTliZDVjNmQzN2IyMGQ0ZThlMDA3ZmQxNjY5NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJexK+J4LGhlOG9UpkYR7d5ZQY+5
nx8DnHUSPycTtgMxmKSimOufb1ZCKMfzFVle4onshUuOgaOkbXge4I6mac7FpkLL
M+Qz58pJe1Fqb1p8jVrN3+F3f8d6fZW46ucXBYxTyJ4WthMX3W8mL4pQUTxZKvwX
G3A31s4v3FA1wotuT6WBDz+7X5I436jhBFCR4SHimkQjwfw4OmnhtmQaLoUJ7K7X
FSDLWTvFocIP+0b26KcWaVp0u1kL2KA3cEkAnZLeVcPFlDMRDv+oEXEB7MlpgVOe
u6KWDOEMXORIoGqIqOuRuy1M09SH2JUPxxKiTn8Ip5aAmXL9A7StWkpj3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIZyw73cqb1cbTeyDU6OAH/RZpZYMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvaG5MRHZkeXB2Vnh0TjdJTlRvNEFmOUZtbGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhI/wqoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCrxQX6iAZpPzhCRiTVsaQ3PQjI/UxNodSoaFKX
q/fz6W8+A+uTddQPGmGFj3xPCOMydnYa/mxib5WLjnANPwZNdQcwnFB16G7wfL2z
mFIjxvlbCXAMH9eTnCtHm++N4vGCV/XlxfxTGuYZUV9xyh/w5qCA1Z6X7/C5qr6a
+J83MGLr4ePCbgfDY8OelK7ZX3K9CkiKmpPhEZyCBGRxKE9pm1skLoGM8GtG34dO
5vy8Dp4f4iZsZvwbNlPN7WBh7p73vk0Wu9JzWCnx5nO6s5G/9LM4oOFqDrCmri6s
YhXRU0RYrk0ZOfZAr8qhy3omGMkK5COOu7fMJ3asDaZ96NOa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:37 2025 by rpki-client