Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Hftx5e5mwjrFEuJNOe8J1l62ByU.roa
File: Hftx5e5mwjrFEuJNOe8J1l62ByU.roa (raw, json)
Hash identifier: 9Jv9tHPFL5ZKwtzlowQ6mA5BJpU5cNynn3i4Ql2b/nQ=
Subject key identifier: 1D:FB:71:E5:EE:66:C2:3A:C5:12:E2:4D:39:EF:09:D6:5E:B6:07:25
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018318481FAEF4FD765F051E6D8D2EB094F4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Hftx5e5mwjrFEuJNOe8J1l62ByU.roa
Signing time: Wed 07 Sep 2022 14:08:43 +0000
ROA not before: Wed 07 Sep 2022 14:08:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0f:e843::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:48:1f:ae:f4:fd:76:5f:05:1e:6d:8d:2e:b0:94:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 7 14:08:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dfb71e5ee66c23ac512e24d39ef09d65eb60725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:12:ba:3b:e4:40:dd:d6:78:c8:e0:54:c3:e0:
f0:89:f3:12:5f:76:0c:92:b4:1a:29:8b:c3:1d:9c:
44:6b:bd:37:c4:8a:eb:8b:1a:aa:c5:66:98:1f:85:
cf:96:54:6e:93:e4:95:d2:80:ed:84:bb:3b:e8:37:
1e:3c:d0:bb:f6:c1:f6:c0:fe:62:ec:3a:45:54:78:
82:48:6f:64:76:ec:ce:ff:98:3d:29:50:f1:a5:60:
fc:2e:f5:23:a1:b5:6e:4c:86:c4:8e:e1:d4:49:b9:
60:b5:0b:a5:b1:6a:61:8b:47:74:0d:57:57:7a:ed:
80:0b:05:d1:58:d9:dc:2d:f5:99:ee:50:4b:d6:22:
f3:a3:f2:1c:01:84:bc:31:03:32:0b:68:cf:20:9d:
c0:28:02:5d:8d:c3:bb:0e:c5:d6:4d:22:7d:f4:85:
f0:b6:d6:d2:55:a1:6c:47:aa:b9:78:38:21:d3:e5:
6c:96:f3:2c:bf:0c:50:ee:7b:47:b3:b9:eb:3c:2b:
d0:77:42:93:d2:66:d6:16:6d:f5:d3:1e:34:6d:7d:
38:8c:a7:e6:01:ff:be:26:32:e3:9d:87:63:dd:2c:
a0:76:7e:85:87:5c:35:df:4c:e6:f4:ef:3d:a0:4d:
dd:fe:e5:47:51:bc:45:5b:03:b1:f7:b3:c0:d4:19:
19:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FB:71:E5:EE:66:C2:3A:C5:12:E2:4D:39:EF:09:D6:5E:B6:07:25
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Hftx5e5mwjrFEuJNOe8J1l62ByU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
2a0f:e843::/32
Signature Algorithm: sha256WithRSAEncryption
18:bf:07:c5:86:80:3b:26:c5:86:51:c8:af:0b:64:92:68:04:
29:fa:ac:db:b8:10:b2:1f:cb:26:af:ea:5d:30:7e:7f:2f:c4:
6f:ed:c5:21:f2:bf:5c:f1:c5:a4:96:08:22:5a:5f:d6:39:2b:
7c:3a:61:90:57:03:d2:16:24:78:7b:77:1f:4d:87:72:18:7e:
e0:df:42:a8:09:84:99:2b:32:0e:f2:c4:76:97:2f:3c:95:c3:
df:62:b8:43:7c:9e:8a:a1:84:d5:32:70:61:ad:66:db:77:4a:
33:eb:20:c8:ba:1d:7a:51:00:f0:a9:e9:bf:da:62:6b:fc:c6:
e7:8d:8f:fd:04:00:b7:97:37:e6:cd:b4:43:51:7a:70:cf:5a:
bf:8b:7d:81:bb:97:f3:ad:53:2f:f4:d5:11:d3:a6:58:e3:83:
a8:54:3e:9d:1d:9a:55:71:56:85:82:9b:89:10:3d:bc:f3:6c:
ea:1c:81:55:04:96:43:eb:dd:ae:e9:7f:7f:41:46:4b:52:07:
32:75:7b:5c:73:24:6a:d4:98:d9:bb:53:38:c3:88:36:d6:12:
8e:19:85:f0:2f:3c:c7:31:df:72:71:23:bd:36:e4:4a:ff:ea:
bb:88:43:77:24:d4:bb:e0:a8:d1:b6:ba:4c:9e:41:29:e9:a9:
0d:d7:4c:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYMYSB+u9P12XwUebY0usJT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwOTA3MTQwODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZiNzFlNWVlNjZjMjNhYzUxMmUyNGQzOWVmMDlkNjVlYjYwNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixK6O+RA3dZ4yOBUw+DwifMSX3YM
krQaKYvDHZxEa703xIrrixqqxWaYH4XPllRuk+SV0oDthLs76DcePNC79sH2wP5i
7DpFVHiCSG9kduzO/5g9KVDxpWD8LvUjobVuTIbEjuHUSblgtQulsWphi0d0DVdX
eu2ACwXRWNncLfWZ7lBL1iLzo/IcAYS8MQMyC2jPIJ3AKAJdjcO7DsXWTSJ99IXw
ttbSVaFsR6q5eDgh0+VslvMsvwxQ7ntHs7nrPCvQd0KT0mbWFm310x40bX04jKfm
Af++JjLjnYdj3Sygdn6Fh1w130zm9O89oE3d/uVHUbxFWwOx97PA1BkZrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB37ceXuZsI6xRLiTTnvCdZetgclMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSGZ0eDVlNW13anJGRXVKTk9lOEoxbDYyQnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKg4aggMH
ACoPHoAAAQMFACoP6EEDBQAqD+hDMA0GCSqGSIb3DQEBCwUAA4IBAQAYvwfFhoA7
JsWGUcivC2SSaAQp+qzbuBCyH8smr+pdMH5/L8Rv7cUh8r9c8cWklggiWl/WOSt8
OmGQVwPSFiR4e3cfTYdyGH7g30KoCYSZKzIO8sR2ly88lcPfYrhDfJ6KoYTVMnBh
rWbbd0oz6yDIuh16UQDwqem/2mJr/MbnjY/9BAC3lzfmzbRDUXpwz1q/i32Bu5fz
rVMv9NUR06ZY44OoVD6dHZpVcVaFgpuJED2882zqHIFVBJZD692u6X9/QUZLUgcy
dXtccyRq1JjZu1M4w4g21hKOGYXwLzzHMd9ycSO9NuRK/+q7iEN3JNS74KjRtrpM
nkEp6akN10zD
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:19 2025 by rpki-client