Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/8mHBIZenh5Gxatzn6EUmONTvSAs.roa
File: 8mHBIZenh5Gxatzn6EUmONTvSAs.roa (raw, json)
Hash identifier: kwFD12FdpvTxfG+V4JhdGv0ni7DqS4z4FU54CRj57m4=
Subject key identifier: F2:61:C1:21:97:A7:87:91:B1:6A:DC:E7:E8:45:26:38:D4:EF:48:0B
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 018A83B19DF994B43AF8C97D9E961AD5AA20
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/8mHBIZenh5Gxatzn6EUmONTvSAs.roa
Signing time: Mon 11 Sep 2023 10:02:50 +0000
ROA not before: Mon 11 Sep 2023 10:02:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212996
IP address blocks: 2a13:d8c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:b1:9d:f9:94:b4:3a:f8:c9:7d:9e:96:1a:d5:aa:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Sep 11 10:02:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f261c12197a78791b16adce7e8452638d4ef480b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:df:d5:dc:09:a0:1c:60:c7:ff:a2:e8:92:62:
31:76:b3:93:b4:96:1b:c3:1b:7b:c0:59:1e:78:61:
ce:f4:d9:70:5c:e4:cf:ee:62:be:13:29:e8:ad:b7:
0d:f4:c1:0c:55:36:54:23:ef:09:44:2a:3d:18:2f:
b3:7a:6a:99:1f:d4:c1:82:26:ec:b8:ee:e1:7d:9c:
55:63:07:49:46:fa:2d:b8:4a:be:67:78:34:0a:b2:
82:81:66:9c:31:8f:20:49:00:c5:bf:87:74:b4:a2:
bb:da:d9:be:64:2f:d4:59:a8:42:6f:37:29:a8:7b:
f2:2a:c5:c3:0a:07:35:98:85:62:ba:4c:4f:54:af:
ce:22:c2:e6:79:05:e4:dc:d5:bb:ef:ff:8d:d4:62:
46:9b:55:01:2f:82:8f:fa:9d:1a:a2:07:af:f6:60:
d3:a1:29:89:c0:fc:68:4a:04:04:62:52:d9:a4:6a:
07:da:18:e5:93:46:2a:9e:a1:5f:20:f6:de:b1:77:
57:a7:01:50:c5:44:ec:6f:0f:bd:c1:71:70:f6:39:
40:9c:27:84:5c:55:2c:15:90:f2:1c:5f:f5:25:81:
0f:7c:45:c7:3d:d7:65:1f:d3:0a:4d:2d:f2:8c:12:
b0:68:a6:83:0d:c8:cc:00:b0:07:c5:5b:29:9a:7a:
60:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:61:C1:21:97:A7:87:91:B1:6A:DC:E7:E8:45:26:38:D4:EF:48:0B
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/8mHBIZenh5Gxatzn6EUmONTvSAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:c4:3d:16:77:ea:72:4b:49:26:d8:05:04:6e:b0:ba:72:b3:
4d:4c:4d:56:43:b9:c3:7c:a4:12:90:15:60:f2:1e:b1:74:e6:
3d:15:9c:4e:5f:c0:2c:b2:ad:4a:31:99:ef:82:90:7e:cf:c8:
b2:df:92:73:b1:5a:7b:7a:5e:74:14:a3:77:7b:d1:15:45:03:
24:98:d0:83:25:d2:ed:43:42:5e:86:ba:48:f0:aa:28:e9:77:
fd:3b:5f:15:0b:12:88:98:80:30:37:14:94:1a:8f:94:d6:19:
2d:33:b1:72:f7:ff:67:e7:03:8f:cf:ec:cb:ab:2a:91:34:4f:
31:6b:8a:1b:ed:72:95:71:af:4b:91:f8:72:8d:8b:c0:d8:67:
b0:f4:7d:0d:88:2b:9d:45:02:78:78:48:cb:9c:cc:dd:88:c5:
86:75:ae:b8:ea:10:65:ec:d0:a5:97:72:8f:d8:53:eb:23:d1:
5b:c4:0a:84:71:a3:9e:63:8e:e0:43:a4:5f:fa:2d:95:a7:70:
a7:93:1e:3d:90:84:c0:5a:aa:0c:70:dd:d1:a0:53:bf:ca:64:
f2:06:ca:43:bc:c5:9d:12:a1:10:d6:bf:f7:b7:c7:de:2f:3c:
80:4a:8b:39:6f:7c:67:77:aa:b5:f1:87:fe:01:25:2b:10:c3:
4e:5d:2e:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqDsZ35lLQ6+Ml9npYa1aogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjMwOTExMTAwMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYxYzEyMTk3YTc4NzkxYjE2YWRjZTdlODQ1MjYzOGQ0ZWY0ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot/V3AmgHGDH/6LokmIxdrOTtJYb
wxt7wFkeeGHO9NlwXOTP7mK+EynorbcN9MEMVTZUI+8JRCo9GC+zemqZH9TBgibs
uO7hfZxVYwdJRvotuEq+Z3g0CrKCgWacMY8gSQDFv4d0tKK72tm+ZC/UWahCbzcp
qHvyKsXDCgc1mIViukxPVK/OIsLmeQXk3NW77/+N1GJGm1UBL4KP+p0aogev9mDT
oSmJwPxoSgQEYlLZpGoH2hjlk0YqnqFfIPbesXdXpwFQxUTsbw+9wXFw9jlAnCeE
XFUsFZDyHF/1JYEPfEXHPddlH9MKTS3yjBKwaKaDDcjMALAHxVspmnpgjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPJhwSGXp4eRsWrc5+hFJjjU70gLMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvOG1IQklaZW5oNUd4YXR6bjZFVW1PTlR2U0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdMQ9FnfqcktJJtgFBG6wunKzTUxNVkO5w3ykEpAV
YPIesXTmPRWcTl/ALLKtSjGZ74KQfs/Ist+Sc7Fae3pedBSjd3vRFUUDJJjQgyXS
7UNCXoa6SPCqKOl3/TtfFQsSiJiAMDcUlBqPlNYZLTOxcvf/Z+cDj8/sy6sqkTRP
MWuKG+1ylXGvS5H4co2LwNhnsPR9DYgrnUUCeHhIy5zM3YjFhnWuuOoQZezQpZdy
j9hT6yPRW8QKhHGjnmOO4EOkX/otladwp5MePZCEwFqqDHDd0aBTv8pk8gbKQ7zF
nRKhENa/97fH3i88gEqLOW98Z3eqtfGH/gElKxDDTl0uKA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:36 2025 by rpki-client