Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/MHEbr4IBy3f8rKZD3HWnDa2CXuA.roa
File: MHEbr4IBy3f8rKZD3HWnDa2CXuA.roa (raw, json)
Hash identifier: QKaHgqaN8axpr11CHoSEGpek5wbqu+/7VRCwp2CJUtw=
Subject key identifier: 30:71:1B:AF:82:01:CB:77:FC:AC:A6:43:DC:75:A7:0D:AD:82:5E:E0
Certificate issuer: /CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Certificate serial: 0183B1E1521EDE8A67C9A4834DC453A694DF
Authority key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/MHEbr4IBy3f8rKZD3HWnDa2CXuA.roa
Signing time: Fri 07 Oct 2022 09:57:57 +0000
ROA not before: Fri 07 Oct 2022 09:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35205
IP address blocks: 2a05:3700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:e1:52:1e:de:8a:67:c9:a4:83:4d:c4:53:a6:94:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Validity
Not Before: Oct 7 09:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30711baf8201cb77fcaca643dc75a70dad825ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:cb:a4:f2:2a:cf:88:06:08:10:23:09:78:
89:fc:47:ce:91:31:81:0f:34:da:2e:1d:62:c4:36:
e9:47:62:3c:9d:2d:25:77:9d:60:d8:9e:93:01:3b:
38:87:5c:02:6f:9f:da:cd:71:15:33:31:5d:65:14:
de:e8:3d:0e:1e:20:fa:9d:32:ea:ae:19:f6:c3:7e:
aa:60:da:70:52:1d:98:d1:30:0c:79:60:91:a8:ac:
a2:7b:ce:6e:cf:8e:c8:38:d2:52:28:87:af:91:36:
85:b8:39:59:1d:6d:9d:e0:b1:33:29:fd:d3:50:3b:
ce:7c:5b:2c:8c:83:5a:dc:58:76:bc:24:27:95:fa:
96:87:8f:e3:9c:e6:e3:84:2f:e3:9e:91:a3:19:39:
7e:28:f6:c5:f5:2b:61:6b:44:26:99:c4:b9:15:60:
ed:a3:93:59:b2:88:cf:1f:0e:65:f8:4a:60:e2:0b:
16:e2:34:c3:66:ef:dc:2e:27:30:06:d2:35:66:92:
63:4a:4e:9e:ca:14:b2:72:98:f8:f1:60:7f:39:f7:
be:6f:b1:80:e9:88:7c:e9:05:08:d1:34:3a:a0:e7:
df:d3:42:55:45:9f:f7:27:31:72:37:00:6f:3e:2e:
82:bb:42:29:22:2a:ac:64:a9:38:26:ea:79:8c:ed:
fd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:71:1B:AF:82:01:CB:77:FC:AC:A6:43:DC:75:A7:0D:AD:82:5E:E0
X509v3 Authority Key Identifier:
keyid:67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/MHEbr4IBy3f8rKZD3HWnDa2CXuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:3700::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a4:bc:31:d3:0a:cb:95:25:5e:40:dd:aa:30:b4:69:bf:e9:
a3:01:8e:44:ff:c4:d3:b9:16:3b:b8:29:f5:f2:7f:40:f6:0b:
19:5b:5d:89:64:73:2d:61:c2:4a:8d:6a:34:33:9c:aa:17:4c:
7f:5f:00:43:cd:de:61:49:ea:9e:cb:c5:09:2b:b3:6f:80:7e:
26:8c:ac:5f:dc:2a:6b:f0:07:19:94:1f:5c:be:fa:15:5a:ec:
bb:04:54:4d:c8:32:85:fa:df:b2:e6:51:9d:3f:34:1c:0a:a9:
09:a1:7e:7f:0b:6c:5a:16:d2:3b:0b:5b:4b:64:86:64:64:7b:
52:e3:b3:41:46:fb:5b:30:13:68:89:78:07:e7:7e:1a:e5:8d:
44:6e:2d:23:0a:ed:aa:89:32:89:2a:95:fd:8c:5a:cb:29:12:
af:00:52:57:fb:79:83:f6:bb:2b:59:62:3d:0a:0a:30:fb:68:
d6:a6:92:5c:92:d3:fe:0e:b6:6f:c9:c2:c5:eb:79:4d:8e:06:
84:8b:60:bc:0b:17:3b:2f:b1:ff:28:e5:c5:62:ca:34:59:72:
d4:dc:dd:fb:b8:b6:6f:c6:85:69:c8:4f:78:e7:ad:e5:99:f1:
a1:72:50:ca:82:80:84:80:f4:82:68:43:56:26:81:cc:33:a3:
d0:bb:24:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYOx4VIe3opnyaSDTcRTppTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTFjZWRmZTA4MjZmMGY5Nzc1YmRmYThlOTQyNTMwMGJk
ZTlmMTMwHhcNMjIxMDA3MDk1NzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDcxMWJhZjgyMDFjYjc3ZmNhY2E2NDNkYzc1YTcwZGFkODI1ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7LLpPIqz4gGCBAjCXiJ/EfOkTGB
DzTaLh1ixDbpR2I8nS0ld51g2J6TATs4h1wCb5/azXEVMzFdZRTe6D0OHiD6nTLq
rhn2w36qYNpwUh2Y0TAMeWCRqKyie85uz47IONJSKIevkTaFuDlZHW2d4LEzKf3T
UDvOfFssjINa3Fh2vCQnlfqWh4/jnObjhC/jnpGjGTl+KPbF9Stha0QmmcS5FWDt
o5NZsojPHw5l+Epg4gsW4jTDZu/cLicwBtI1ZpJjSk6eyhSycpj48WB/Ofe+b7GA
6Yh86QUI0TQ6oOff00JVRZ/3JzFyNwBvPi6Cu0IpIiqsZKk4Jup5jO39JQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDBxG6+CAct3/KymQ9x1pw2tgl7gMB8GA1UdIwQY
MBaAFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEt
ZWM5Yjc1NTIxMjk3LzEvTUhFYnI0SUJ5M2Y4cktaRDNIV25EYTJDWHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEtZWM5Yjc1NTIxMjk3
LzEvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgU3ADAN
BgkqhkiG9w0BAQsFAAOCAQEAC6S8MdMKy5UlXkDdqjC0ab/powGORP/E07kWO7gp
9fJ/QPYLGVtdiWRzLWHCSo1qNDOcqhdMf18AQ83eYUnqnsvFCSuzb4B+JoysX9wq
a/AHGZQfXL76FVrsuwRUTcgyhfrfsuZRnT80HAqpCaF+fwtsWhbSOwtbS2SGZGR7
UuOzQUb7WzATaIl4B+d+GuWNRG4tIwrtqokyiSqV/YxayykSrwBSV/t5g/a7K1li
PQoKMPto1qaSXJLT/g62b8nCxet5TY4GhItgvAsXOy+x/yjlxWLKNFly1Nzd+7i2
b8aFachPeOet5ZnxoXJQyoKAhID0gmhDViaBzDOj0LskIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:27 2024 by rpki-client on console-ams.rpki-client.org