Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HBy2jL-7_QUsVKChDqATw7CB8PI.roa
File: HBy2jL-7_QUsVKChDqATw7CB8PI.roa (raw, json)
Hash identifier: TGShRJu9x1mhxNO+t4y/RE5lv29f8DlHI5anUhUOIbE=
Subject key identifier: 1C:1C:B6:8C:BF:BB:FD:05:2C:54:A0:A1:0E:A0:13:C3:B0:81:F0:F2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C3E98443AF385BB9428A24F399B14F073
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HBy2jL-7_QUsVKChDqATw7CB8PI.roa
Signing time: Wed 06 Dec 2023 10:06:55 +0000
ROA not before: Wed 06 Dec 2023 10:06:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:98:44:3a:f3:85:bb:94:28:a2:4f:39:9b:14:f0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 6 10:06:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c1cb68cbfbbfd052c54a0a10ea013c3b081f0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cd:4b:01:43:a6:65:ef:07:8d:ff:7f:7b:7a:
3b:b1:27:72:dc:72:8f:bd:38:59:4d:42:cb:3e:ba:
50:a1:38:79:70:57:50:84:c3:5c:dd:ea:1a:b4:34:
2c:a9:57:3c:18:16:3b:f0:1c:d1:5d:12:24:47:a8:
58:08:76:fa:c6:fd:7d:cc:ca:1a:dc:96:fc:e4:d9:
a7:f3:5b:f9:bd:b3:24:d9:01:76:62:4a:43:4f:20:
42:13:f1:92:df:6c:d4:1b:a1:a0:e9:9b:35:b2:d2:
08:b7:63:57:dd:9b:e0:03:ac:75:16:c1:9a:36:5d:
bf:8a:22:b8:bb:7f:bf:b1:5f:f0:2a:c9:69:52:d6:
11:63:26:dd:17:e2:5c:29:62:70:dc:5b:07:6e:c4:
86:03:a2:c8:10:74:f7:68:ce:33:f6:0a:8e:17:0a:
8f:78:ea:a3:9d:dd:2f:36:60:21:01:9e:bf:a9:91:
68:d4:0c:0c:69:37:40:de:f4:ed:a5:5d:47:f1:73:
7b:a0:ce:2b:5e:75:ba:c8:96:c1:8d:b7:64:59:73:
82:23:82:aa:c1:2e:69:39:f5:79:d9:45:f7:6e:6e:
f5:47:87:c3:2f:3a:a9:ca:8a:33:90:04:d8:34:3f:
c4:5d:b1:a0:1b:c3:bd:4f:0c:7a:af:4a:3c:6c:ae:
a9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1C:B6:8C:BF:BB:FD:05:2C:54:A0:A1:0E:A0:13:C3:B0:81:F0:F2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HBy2jL-7_QUsVKChDqATw7CB8PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3940::/29
2a0f:39c0::/29
2a11:4e80::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:a5:6f:60:b7:ca:c2:5b:9d:e1:63:e8:02:88:46:6d:6b:08:
16:9c:b9:a7:cc:36:c2:25:d2:56:5f:32:4d:e6:c9:94:39:f3:
be:f1:da:64:a7:92:6e:d8:ad:64:a6:37:f1:3d:14:6b:b4:f8:
8e:b4:6f:aa:40:57:ad:8c:54:d4:88:dc:41:5c:ee:be:c9:70:
c5:8a:50:a9:30:76:0f:70:3b:57:d1:2c:1b:83:d2:e8:84:5b:
c8:55:a0:c8:73:81:e9:21:da:3b:cc:ac:9f:51:15:10:58:46:
47:9a:f2:e4:93:a5:aa:19:2c:e0:cc:57:d5:4b:20:09:36:9b:
38:3d:99:a6:37:4e:bf:1f:3b:a4:f9:45:cf:be:1a:5a:e5:fc:
61:e4:0e:8f:4a:16:f4:6f:07:28:af:75:2c:66:2a:f4:28:7c:
bd:0d:8c:9c:30:78:74:59:a7:57:0f:6c:48:82:7f:d1:9d:f8:
3e:68:c2:86:d4:d2:54:76:cc:d6:4b:05:42:bb:98:2b:10:48:
94:0a:93:5d:88:3a:0f:f2:a1:ac:d4:19:54:30:b2:f7:ac:d5:
77:f8:45:5e:1c:d6:6f:09:14:a1:79:50:ec:40:0a:d2:67:29:
ec:6a:05:ff:d0:f3:a5:4b:40:e0:29:e7:5c:fc:73:3e:e5:85:
17:d7:92:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYw+mEQ684W7lCiiTzmbFPBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjA2MTAwNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzFjYjY4Y2JmYmJmZDA1MmM1NGEwYTEwZWEwMTNjM2IwODFmMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc1LAUOmZe8Hjf9/e3o7sSdy3HKP
vThZTULLPrpQoTh5cFdQhMNc3eoatDQsqVc8GBY78BzRXRIkR6hYCHb6xv19zMoa
3Jb85Nmn81v5vbMk2QF2YkpDTyBCE/GS32zUG6Gg6Zs1stIIt2NX3ZvgA6x1FsGa
Nl2/iiK4u3+/sV/wKslpUtYRYybdF+JcKWJw3FsHbsSGA6LIEHT3aM4z9gqOFwqP
eOqjnd0vNmAhAZ6/qZFo1AwMaTdA3vTtpV1H8XN7oM4rXnW6yJbBjbdkWXOCI4Kq
wS5pOfV52UX3bm71R4fDLzqpyoozkATYND/EXbGgG8O9Twx6r0o8bK6pQQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBwctoy/u/0FLFSgoQ6gE8OwgfDyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSEJ5MmpMLTdfUVVzVktDaERxQVR3N0NCOFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg85QAMF
AyoPOcADBQMqEU6AAwUDKhLVwDANBgkqhkiG9w0BAQsFAAOCAQEAFaVvYLfKwlud
4WPoAohGbWsIFpy5p8w2wiXSVl8yTebJlDnzvvHaZKeSbtitZKY38T0Ua7T4jrRv
qkBXrYxU1IjcQVzuvslwxYpQqTB2D3A7V9EsG4PS6IRbyFWgyHOB6SHaO8ysn1EV
EFhGR5ry5JOlqhks4MxX1UsgCTabOD2ZpjdOvx87pPlFz74aWuX8YeQOj0oW9G8H
KK91LGYq9Ch8vQ2MnDB4dFmnVw9sSIJ/0Z34PmjChtTSVHbM1ksFQruYKxBIlAqT
XYg6D/KhrNQZVDCy96zVd/hFXhzWbwkUoXlQ7EAK0mcp7GoF/9DzpUtA4CnnXPxz
PuWFF9eSjg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:50 2025 by rpki-client