Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/hbuMAINwf46QHzDMp6d5pWmJnDg.roa
File: hbuMAINwf46QHzDMp6d5pWmJnDg.roa (raw, json)
Hash identifier: jt+NieNb2A6WnrmUHJdKe4RFV15rmCJfFMaAFsw5Ip4=
Subject key identifier: 85:BB:8C:00:83:70:7F:8E:90:1F:30:CC:A7:A7:79:A5:69:89:9C:38
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 1422D695
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/hbuMAINwf46QHzDMp6d5pWmJnDg.roa
Signing time: Sat 01 Jan 2022 04:51:28 +0000
ROA not before: Sat 01 Jan 2022 04:51:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139242
IP address blocks: 2a06:98c0:1001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 337827477 (0x1422d695)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jan 1 04:51:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85bb8c0083707f8e901f30cca7a779a569899c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:98:fa:71:19:b6:a8:c2:f5:a4:58:48:2c:
2d:31:48:f5:2e:f3:88:de:fb:f1:ea:f2:74:52:bb:
29:c9:80:dc:2e:c9:68:8c:ff:7f:36:48:35:2f:3a:
32:6e:93:e9:0d:e6:32:42:57:3c:e3:e8:61:91:52:
bd:9f:d8:4a:40:53:ab:54:c1:42:04:5d:fe:33:89:
01:b7:be:e8:49:2a:13:5b:2c:02:5c:6d:b5:54:91:
dd:17:e6:f4:70:44:e8:c9:05:c2:b2:c5:0a:97:ad:
b2:b8:cb:7e:3f:fb:2e:63:d4:1d:93:4f:b3:28:81:
19:00:e7:b5:d7:4e:74:e4:e3:08:d6:67:a0:ff:92:
31:d2:d3:99:25:1c:d9:19:76:5f:54:95:0b:02:f4:
ed:80:31:c1:00:19:6c:cb:66:fc:a3:69:d5:95:08:
a7:1f:9d:d2:c7:70:b0:55:1e:d7:7f:19:5a:f4:f2:
13:64:20:06:5a:91:4d:ec:94:5d:14:1e:f1:52:25:
be:70:01:f1:b8:3c:48:91:ab:7a:41:f0:6d:2a:17:
71:8c:42:a2:70:1d:9e:24:fb:40:47:0e:8e:32:8b:
a5:c9:b2:60:2b:50:04:47:d8:af:65:3e:29:e6:c2:
60:12:67:a5:cf:24:fe:cf:3d:e4:1d:90:6b:d5:bb:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BB:8C:00:83:70:7F:8E:90:1F:30:CC:A7:A7:79:A5:69:89:9C:38
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/hbuMAINwf46QHzDMp6d5pWmJnDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:98c0:1001::/48
Signature Algorithm: sha256WithRSAEncryption
42:04:2c:af:74:bb:f8:4c:11:59:0b:d7:93:42:0e:f7:80:bf:
7c:47:ea:56:0f:72:0a:4e:0a:9f:b1:09:45:6e:4d:1d:c8:43:
45:34:ae:81:0f:1a:01:a2:61:f6:05:95:3e:81:c1:25:1d:ea:
7d:bb:ea:f3:e9:d0:9a:ac:fa:8e:5f:0f:b5:69:56:4c:fb:19:
32:23:7a:43:a7:47:52:ee:1b:b3:4a:ce:2e:6c:5b:0d:09:73:
30:35:69:9f:a0:3f:ff:3f:c6:ba:be:13:c0:72:d0:5e:72:36:
d9:dc:15:ac:fd:e2:dc:6c:07:99:81:3e:09:86:c0:8c:ad:0e:
8b:d5:30:ed:cd:29:e0:bd:8d:7a:ec:a3:93:09:1f:7b:ff:19:
1c:2b:72:56:96:64:2e:ac:ae:00:61:6c:db:71:1d:36:f3:18:
6e:b0:0b:53:5b:d0:84:1e:04:1b:0d:6b:3d:f3:bd:bc:3a:ed:
fd:38:1d:84:d1:43:35:2e:02:c6:ae:e6:dd:2d:62:4a:04:f4:
93:43:14:e0:f6:5d:bc:d5:76:30:8c:82:37:1d:68:a9:8d:cb:
59:91:ca:52:4b:af:bc:25:95:e3:b5:3f:11:e5:7f:be:6b:ff:
e4:22:af:ee:03:0c:66:47:0e:84:07:3b:9c:08:e3:d9:75:b4:
d5:09:f3:68
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFCLWlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWQ1YmZhZDQ1ZDdjNjVhNmUzNDMwMjg1MDlmZDE4OTJlOTdiOWQwMB4XDTIyMDEw
MTA0NTEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODViYjhjMDA4Mzcw
N2Y4ZTkwMWYzMGNjYTdhNzc5YTU2OTg5OWMzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsimPpxGbaowvWkWEgsLTFI9S7ziN778erydFK7KcmA3C7J
aIz/fzZINS86Mm6T6Q3mMkJXPOPoYZFSvZ/YSkBTq1TBQgRd/jOJAbe+6EkqE1ss
AlxttVSR3Rfm9HBE6MkFwrLFCpetsrjLfj/7LmPUHZNPsyiBGQDntddOdOTjCNZn
oP+SMdLTmSUc2Rl2X1SVCwL07YAxwQAZbMtm/KNp1ZUIpx+d0sdwsFUe138ZWvTy
E2QgBlqRTeyUXRQe8VIlvnAB8bg8SJGrekHwbSoXcYxConAdniT7QEcOjjKLpcmy
YCtQBEfYr2U+KebCYBJnpc8k/s895B2Qa9W7qRUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSFu4wAg3B/jpAfMMynp3mlaYmcODAfBgNVHSMEGDAWgBSZ1b+tRdfGWm40
MChQn9GJLpe50DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21kV19yVVhYeGxwdU5EQW9VSl9SaVM2WHVkQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvODE3MWUzLTJkMjktNGNiNi04YTk0LTc1NTE4MDljYjczMS8x
L2hidU1BSU53ZjQ2UUh6RE1wNmQ1cFdtSm5EZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
ODE3MWUzLTJkMjktNGNiNi04YTk0LTc1NTE4MDljYjczMS8xL21kV19yVVhYeGxw
dU5EQW9VSl9SaVM2WHVkQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoGmMAQATANBgkqhkiG9w0BAQsF
AAOCAQEAQgQsr3S7+EwRWQvXk0IO94C/fEfqVg9yCk4Kn7EJRW5NHchDRTSugQ8a
AaJh9gWVPoHBJR3qfbvq8+nQmqz6jl8PtWlWTPsZMiN6Q6dHUu4bs0rOLmxbDQlz
MDVpn6A//z/Gur4TwHLQXnI22dwVrP3i3GwHmYE+CYbAjK0Oi9Uw7c0p4L2Neuyj
kwkfe/8ZHCtyVpZkLqyuAGFs23EdNvMYbrALU1vQhB4EGw1rPfO9vDrt/TgdhNFD
NS4Cxq7m3S1iSgT0k0MU4PZdvNV2MIyCNx1oqY3LWZHKUkuvvCWV47U/EeV/vmv/
5CKv7gMMZkcOhAc7nAjj2XW01QnzaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:48 2024 by rpki-client on console-ams.rpki-client.org