Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIORsES49Z6fA756LRWMfJhj-A0.roa
File: HIORsES49Z6fA756LRWMfJhj-A0.roa (raw, json)
Hash identifier: 3kOD+O5xyQvl1wfi3bxSmqDOiAWdYDLaiz/07YGrq7c=
Subject key identifier: 1C:83:91:B0:44:B8:F5:9E:9F:03:BE:7A:2D:15:8C:7C:98:63:F8:0D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B8AB762C5CF3EED795FF1574490E2D8C7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIORsES49Z6fA756LRWMfJhj-A0.roa
Signing time: Wed 01 Nov 2023 11:49:16 +0000
ROA not before: Wed 01 Nov 2023 11:49:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 2a06:3600::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:b7:62:c5:cf:3e:ed:79:5f:f1:57:44:90:e2:d8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 1 11:49:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c8391b044b8f59e9f03be7a2d158c7c9863f80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:03:6e:32:4b:b9:46:86:e3:f1:62:85:9b:79:
6c:bf:2c:0d:4e:e1:92:44:c0:b4:01:b2:23:41:2b:
e7:d8:5a:d3:d0:5e:fa:33:79:4e:18:b2:9a:a7:f5:
df:c1:a0:5e:85:27:13:fe:b1:3d:9a:32:e5:36:44:
ba:cb:bc:42:64:14:84:5d:47:5a:ec:5c:b7:0c:74:
47:00:e2:9b:52:31:d3:3b:8f:8d:6e:47:a4:82:51:
0d:84:6c:f9:71:10:15:62:54:8f:c5:cb:85:89:1a:
af:2e:fa:a4:e7:ec:e2:ec:f2:d3:f6:2a:e4:61:5d:
38:c7:46:e9:dc:33:11:dc:58:fd:bc:aa:c3:be:d0:
dd:70:04:39:99:88:ee:9b:99:0c:ac:cf:bd:02:c4:
2d:47:5b:e5:2c:23:84:ad:f6:23:ab:bf:6c:df:89:
7f:c7:5d:2e:8e:2e:9d:2c:35:2f:4d:0f:77:35:0a:
48:f9:8c:41:61:c3:31:da:dc:fb:cc:d2:d5:69:df:
1b:17:e9:e5:15:b4:65:3c:29:4d:d2:0f:a1:a4:04:
49:63:11:94:14:1f:03:24:de:04:ca:f7:17:05:62:
86:05:89:aa:95:1f:bd:a6:4a:3e:dd:fb:12:7b:8d:
62:e2:ee:b3:a6:ce:20:e0:3c:9f:30:d7:32:d5:81:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:83:91:B0:44:B8:F5:9E:9F:03:BE:7A:2D:15:8C:7C:98:63:F8:0D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIORsES49Z6fA756LRWMfJhj-A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:3600::/29
2a0f:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
94:ca:e3:fc:dd:e8:dc:2f:34:49:92:f7:d3:c3:00:58:57:d3:
72:d3:7e:6e:e8:54:bd:0c:8d:d3:36:da:42:83:80:f1:85:a0:
f5:24:4a:b7:83:2f:04:62:ac:e7:ae:ce:bd:ad:ec:8a:38:a3:
cd:db:95:77:d6:94:d1:b6:40:e3:7b:21:f6:05:da:b6:66:b9:
cb:5f:21:77:3c:44:51:23:ac:0b:9f:15:e2:0f:03:6f:fb:ae:
6b:f3:7d:ad:44:5d:2d:99:d8:f5:33:4c:89:60:b7:44:d7:e3:
e0:0f:f3:08:20:ae:48:e6:c6:a3:a3:f6:07:c1:c9:0f:0a:cc:
7b:5a:d7:34:1b:c7:c7:04:11:af:0d:4a:75:0a:5a:03:ec:e0:
b5:46:ad:de:1d:fe:5c:f2:ca:c1:61:da:70:d4:9d:7b:64:9c:
27:bc:6f:a0:c3:20:45:a3:b5:7b:1b:bf:f7:df:56:78:96:ca:
08:17:c0:9b:48:a4:4b:b2:7a:0a:9f:3b:ee:e4:76:fd:9b:f6:
ec:1f:3a:9a:72:f1:25:15:e2:92:54:11:6d:d6:5e:f5:17:c6:
7b:7d:17:64:d4:b0:67:ec:d5:4a:6a:4d:2a:60:95:aa:d5:9a:
8b:6b:75:d8:a3:07:e8:b5:66:28:83:59:78:d6:78:13:46:8f:
28:43:6d:dd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYuKt2LFzz7teV/xV0SQ4tjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTAxMTE0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzgzOTFiMDQ0YjhmNTllOWYwM2JlN2EyZDE1OGM3Yzk4NjNmODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgNuMku5Robj8WKFm3lsvywNTuGS
RMC0AbIjQSvn2FrT0F76M3lOGLKap/XfwaBehScT/rE9mjLlNkS6y7xCZBSEXUda
7Fy3DHRHAOKbUjHTO4+NbkekglENhGz5cRAVYlSPxcuFiRqvLvqk5+zi7PLT9irk
YV04x0bp3DMR3Fj9vKrDvtDdcAQ5mYjum5kMrM+9AsQtR1vlLCOErfYjq79s34l/
x10uji6dLDUvTQ93NQpI+YxBYcMx2tz7zNLVad8bF+nlFbRlPClN0g+hpARJYxGU
FB8DJN4EyvcXBWKGBYmqlR+9pko+3fsSe41i4u6zps4g4DyfMNcy1YG7zwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFByDkbBEuPWenwO+ei0VjHyYY/gNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSElPUnNFUzQ5WjZmQTc1NkxSV01mSmhqLUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgY2AAMF
AyoP3sAwDQYJKoZIhvcNAQELBQADggEBAJTK4/zd6NwvNEmS99PDAFhX03LTfm7o
VL0MjdM22kKDgPGFoPUkSreDLwRirOeuzr2t7Io4o83blXfWlNG2QON7IfYF2rZm
uctfIXc8RFEjrAufFeIPA2/7rmvzfa1EXS2Z2PUzTIlgt0TX4+AP8wggrkjmxqOj
9gfByQ8KzHta1zQbx8cEEa8NSnUKWgPs4LVGrd4d/lzyysFh2nDUnXtknCe8b6DD
IEWjtXsbv/ffVniWyggXwJtIpEuyegqfO+7kdv2b9uwfOppy8SUV4pJUEW3WXvUX
xnt9F2TUsGfs1UpqTSpglarVmotrddijB+i1ZiiDWXjWeBNGjyhDbd0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:33 2025 by rpki-client