Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HrPnO1LvmpkGYqE4GpZwvt1LD1w.roa
File: HrPnO1LvmpkGYqE4GpZwvt1LD1w.roa (raw, json)
Hash identifier: 897qo7Vf13D/nJ7ORQwp4FfQuG/B9FdVRchcpILYQSY=
Subject key identifier: 1E:B3:E7:3B:52:EF:9A:99:06:62:A1:38:1A:96:70:BE:DD:4B:0F:5C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186B5F12A273717790070FC7A727C2AF402
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HrPnO1LvmpkGYqE4GpZwvt1LD1w.roa
Signing time: Mon 06 Mar 2023 08:02:06 +0000
ROA not before: Mon 06 Mar 2023 08:02:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:f1:2a:27:37:17:79:00:70:fc:7a:72:7c:2a:f4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 6 08:02:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb3e73b52ef9a990662a1381a9670bedd4b0f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:a4:0c:73:10:b5:69:9f:e7:15:0e:4b:23:
af:e7:9e:7f:d4:a2:3d:44:75:cf:eb:b8:8f:9b:dc:
07:50:f2:1c:4e:f2:fe:8f:f2:69:a9:4c:6a:d4:dd:
47:84:4f:4b:04:62:b4:e3:f7:68:88:52:6f:89:19:
f7:b7:71:f9:74:3f:a4:9b:df:12:fc:c2:f9:f1:be:
f5:a9:0c:8f:b2:dc:ee:db:a0:9d:6a:b7:9a:66:2e:
6f:70:5f:c4:da:b3:0d:2d:2d:3f:4a:ac:2f:68:01:
c8:e3:e4:e5:7d:86:5a:f7:6b:b6:70:66:97:af:80:
87:b7:6d:74:9a:50:66:ab:5b:c6:a9:a8:b9:d0:14:
ab:17:c9:17:7f:e6:84:82:78:f2:21:a5:22:d4:74:
6b:b7:7f:22:c5:94:f4:92:7a:31:4d:aa:53:cb:5b:
f7:c8:d2:bc:f3:4d:a1:b1:56:13:48:d3:84:b6:ef:
08:b5:87:bd:87:6b:26:87:34:95:5c:05:b8:da:5e:
69:72:51:8d:59:12:65:8d:71:29:78:c8:47:94:d7:
2a:e6:ba:37:f4:c5:ce:5a:32:d1:a5:3a:95:98:88:
c3:32:5f:ca:d9:8f:4d:d5:fc:b1:6b:6a:55:bc:8b:
00:63:99:1b:d0:f4:6c:a1:0f:41:13:23:36:de:0e:
cf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B3:E7:3B:52:EF:9A:99:06:62:A1:38:1A:96:70:BE:DD:4B:0F:5C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HrPnO1LvmpkGYqE4GpZwvt1LD1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
b0:8f:09:44:cd:14:39:b6:da:7a:5e:8b:d6:9c:d8:82:94:45:
47:f9:ce:a0:a7:f1:1c:d5:a8:34:77:b3:b8:e9:88:65:89:eb:
aa:21:d5:3c:f3:ec:0c:00:6d:ca:75:75:cc:c5:4b:7d:86:65:
37:e8:be:89:42:f2:c5:ba:07:bd:ca:37:a1:83:9b:43:c8:85:
03:63:15:70:8e:74:07:d2:13:0a:c5:22:8a:aa:d6:e5:49:96:
5a:9d:6d:0d:1b:78:47:39:7f:de:53:f5:63:47:d3:9a:fb:5f:
af:e0:fc:e6:4c:8e:b2:b7:d8:8a:4a:d3:2e:06:6e:88:b1:d8:
91:0a:0a:fe:e3:fb:d9:f9:e5:5b:a0:75:b6:76:8a:b0:a9:6d:
ff:30:e1:39:56:a3:88:9c:a3:44:12:65:ad:f1:5e:fd:23:a7:
a6:3e:c3:9b:ee:2e:93:88:a6:6d:de:58:7d:3b:8b:5a:e8:a5:
42:bb:00:b5:17:af:0e:ca:57:ac:00:f9:f3:3f:59:9b:e3:2f:
6e:a0:80:6e:56:96:14:42:21:1e:3b:b8:01:2c:0f:c6:21:03:
72:02:4b:2f:f6:5f:dc:59:ce:b1:2a:51:c5:18:bc:b1:5b:4f:
dc:af:46:21:f5:55:29:8f:02:c0:66:15:dc:9f:8c:20:9f:9b:
3e:47:c1:12
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYa18SonNxd5AHD8enJ8KvQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzA2MDgwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIzZTczYjUyZWY5YTk5MDY2MmExMzgxYTk2NzBiZWRkNGIwZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/CkDHMQtWmf5xUOSyOv555/1KI9
RHXP67iPm9wHUPIcTvL+j/JpqUxq1N1HhE9LBGK04/doiFJviRn3t3H5dD+km98S
/ML58b71qQyPstzu26CdareaZi5vcF/E2rMNLS0/SqwvaAHI4+TlfYZa92u2cGaX
r4CHt210mlBmq1vGqai50BSrF8kXf+aEgnjyIaUi1HRrt38ixZT0knoxTapTy1v3
yNK8802hsVYTSNOEtu8ItYe9h2smhzSVXAW42l5pclGNWRJljXEpeMhHlNcq5ro3
9MXOWjLRpTqVmIjDMl/K2Y9N1fyxa2pVvIsAY5kb0PRsoQ9BEyM23g7P8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB6z5ztS75qZBmKhOBqWcL7dSw9cMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSHJQbk8xTHZtcGtHWXFFNEdwWnd2dDFMRDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhE1ADAN
BgkqhkiG9w0BAQsFAAOCAQEAsI8JRM0UObbael6L1pzYgpRFR/nOoKfxHNWoNHez
uOmIZYnrqiHVPPPsDABtynV1zMVLfYZlN+i+iULyxboHvco3oYObQ8iFA2MVcI50
B9ITCsUiiqrW5UmWWp1tDRt4Rzl/3lP1Y0fTmvtfr+D85kyOsrfYikrTLgZuiLHY
kQoK/uP72fnlW6B1tnaKsKlt/zDhOVajiJyjRBJlrfFe/SOnpj7Dm+4uk4imbd5Y
fTuLWuilQrsAtRevDspXrAD58z9Zm+MvbqCAblaWFEIhHju4ASwPxiEDcgJLL/Zf
3FnOsSpRxRi8sVtP3K9GIfVVKY8CwGYV3J+MIJ+bPkfBEg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:41:03 2025 by rpki-client