Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/HkYmSmpPrwDxSIeQMSJXwnaDyXU.roa
File: HkYmSmpPrwDxSIeQMSJXwnaDyXU.roa (raw, json)
Hash identifier: RkEMDit8s43IS+Ihc5w01xqnm9vqt7HgXx3k6u8JGGI=
Subject key identifier: 1E:46:26:4A:6A:4F:AF:00:F1:48:87:90:31:22:57:C2:76:83:C9:75
Certificate issuer: /CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Certificate serial: 0D96AACD
Authority key identifier: 2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/HkYmSmpPrwDxSIeQMSJXwnaDyXU.roa
Signing time: Sat 01 Jan 2022 06:54:29 +0000
ROA not before: Sat 01 Jan 2022 06:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1257
IP address blocks: 159.72.192.0/18 maxlen: 18
159.72.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227977933 (0xd96aacd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Validity
Not Before: Jan 1 06:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e46264a6a4faf00f1488790312257c27683c975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:50:96:2b:e2:e7:15:7a:af:f6:10:88:a9:38:
7e:64:94:c1:d3:9f:03:ed:09:61:d2:46:b4:35:bf:
e4:57:d3:b6:49:8d:b1:86:69:eb:73:b1:04:8b:c6:
72:c9:f8:38:9a:4c:1c:11:7b:5f:2a:b8:e3:23:70:
e2:0e:e0:4a:cb:e7:81:85:4c:14:21:85:9f:ae:f2:
07:25:22:05:26:2b:50:09:76:73:ba:f1:10:28:46:
ca:ec:26:10:bf:ff:d2:47:de:83:dc:91:ad:c3:74:
7f:bc:b6:d9:91:27:aa:72:bf:a6:af:91:df:9b:11:
fa:9f:7c:b3:a9:f2:cf:ae:8a:b8:c5:06:d5:60:c2:
28:4a:61:73:52:77:1f:bd:66:56:11:8c:92:4e:a3:
15:43:71:3c:96:72:0a:48:8e:43:a9:fa:b7:41:8c:
1e:8c:8b:8c:e2:83:39:eb:35:21:46:4d:97:8d:a8:
01:2a:ff:b5:3d:14:0f:b8:e1:6d:2e:60:e0:ff:c2:
82:6d:c4:da:f9:26:16:33:03:a3:3b:7d:5c:41:aa:
c7:18:95:a2:9c:d1:87:90:cc:8c:58:2c:07:a8:dd:
99:82:6f:72:f6:35:33:d9:bd:8c:8b:1b:d1:cb:7b:
7f:b8:24:db:f2:68:5e:6d:17:10:11:d7:4f:07:06:
e4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:46:26:4A:6A:4F:AF:00:F1:48:87:90:31:22:57:C2:76:83:C9:75
X509v3 Authority Key Identifier:
keyid:2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/HkYmSmpPrwDxSIeQMSJXwnaDyXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.72.0.0/17
159.72.192.0/18
Signature Algorithm: sha256WithRSAEncryption
08:24:98:84:77:f6:51:cc:b1:1b:af:34:96:41:34:b6:98:b5:
4d:82:18:c5:34:f9:0a:cf:c6:20:33:4c:66:fb:81:bd:b6:52:
ad:97:82:66:96:3f:ce:f8:a2:db:6f:2f:f3:2c:d7:3b:55:a2:
07:a6:10:5b:b5:7e:8f:18:c7:7e:bb:2c:07:ab:1b:f6:9a:12:
4f:c6:3e:1c:9a:76:2d:d6:13:c0:0a:18:5c:e8:34:88:0e:10:
d8:a2:4b:02:f9:db:00:0c:2e:ee:6c:6b:64:11:eb:33:10:48:
29:28:5f:64:e2:d2:99:ed:6f:ed:a7:4d:fe:6a:1d:f4:f4:71:
0e:09:73:97:bd:c8:c3:75:8b:80:09:18:96:4b:6b:70:17:b6:
3f:f9:63:74:19:5f:b4:69:a0:06:0e:86:3c:38:16:d5:0b:54:
0a:7f:ef:1c:cd:59:57:3d:e2:c6:b4:85:1d:66:e6:a3:64:a9:
84:d8:32:7d:74:2a:08:69:01:1b:62:dc:b8:aa:ef:3b:48:49:
af:22:0a:6a:13:f9:22:86:24:0a:0e:42:ed:60:79:a5:a0:76:
26:80:a5:43:55:e7:82:a9:88:38:e7:e3:16:f4:95:c1:01:33:
99:29:60:b7:29:57:e9:98:c4:50:5e:bb:fc:16:b0:62:57:04:
bf:df:e4:dc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDZaqzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmJjMDAyYTJiMzU5YjFhYTg4NzllMWM0ZDcwNDU1YjMxOTJlZmFjMB4XDTIyMDEw
MTA2NTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU0NjI2NGE2YTRm
YWYwMGYxNDg4NzkwMzEyMjU3YzI3NjgzYzk3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVQlivi5xV6r/YQiKk4fmSUwdOfA+0JYdJGtDW/5FfTtkmN
sYZp63OxBIvGcsn4OJpMHBF7Xyq44yNw4g7gSsvngYVMFCGFn67yByUiBSYrUAl2
c7rxEChGyuwmEL//0kfeg9yRrcN0f7y22ZEnqnK/pq+R35sR+p98s6nyz66KuMUG
1WDCKEphc1J3H71mVhGMkk6jFUNxPJZyCkiOQ6n6t0GMHoyLjOKDOes1IUZNl42o
ASr/tT0UD7jhbS5g4P/Cgm3E2vkmFjMDozt9XEGqxxiVopzRh5DMjFgsB6jdmYJv
cvY1M9m9jIsb0ct7f7gk2/JoXm0XEBHXTwcG5C0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQeRiZKak+vAPFIh5AxIlfCdoPJdTAfBgNVHSMEGDAWgBQrvAAqKzWbGqiH
nhxNcEVbMZLvrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s3d0FLaXMxbXhxb2g1NGNUWEJGV3pHUzc2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvN2MzNzI2LTJkYmUtNDE3NC1iMTY0LWE4OTg4OWNlNWY4NC8x
L0hrWW1TbXBQcndEeFNJZVFNU0pYd25hRHlYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
N2MzNzI2LTJkYmUtNDE3NC1iMTY0LWE4OTg4OWNlNWY4NC8xL0s3d0FLaXMxbXhx
b2g1NGNUWEJGV3pHUzc2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEB59IAAMEBp9IwDANBgkqhkiG9w0B
AQsFAAOCAQEACCSYhHf2UcyxG680lkE0tpi1TYIYxTT5Cs/GIDNMZvuBvbZSrZeC
ZpY/zvii228v8yzXO1WiB6YQW7V+jxjHfrssB6sb9poST8Y+HJp2LdYTwAoYXOg0
iA4Q2KJLAvnbAAwu7mxrZBHrMxBIKShfZOLSme1v7adN/mod9PRxDglzl73Iw3WL
gAkYlktrcBe2P/ljdBlftGmgBg6GPDgW1QtUCn/vHM1ZVz3ixrSFHWbmo2SphNgy
fXQqCGkBG2LcuKrvO0hJryIKahP5IoYkCg5C7WB5paB2JoClQ1XngqmIOOfjFvSV
wQEzmSlgtylX6ZjEUF67/BawYlcEv9/k3A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:21 2025 by rpki-client