Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/hDVpt8Ox-JpTn0HW5pXlmd3up0c.roa
File: hDVpt8Ox-JpTn0HW5pXlmd3up0c.roa (raw, json)
Hash identifier: lPSjcHIcjCsIpXNVi8bJHiExFC70uzN9I8c1DauxRsg=
Subject key identifier: 84:35:69:B7:C3:B1:F8:9A:53:9F:41:D6:E6:95:E5:99:DD:EE:A7:47
Certificate issuer: /CN=d1df4803e54b084a99cb7bb044bf791327594b73
Certificate serial: 01857094EB8E412688FCFBF92941B4D6360A
Authority key identifier: D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/hDVpt8Ox-JpTn0HW5pXlmd3up0c.roa
Signing time: Mon 02 Jan 2023 03:44:45 +0000
ROA not before: Mon 02 Jan 2023 03:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206499
IP address blocks: 2a0f:5c47:3e8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:eb:8e:41:26:88:fc:fb:f9:29:41:b4:d6:36:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1df4803e54b084a99cb7bb044bf791327594b73
Validity
Not Before: Jan 2 03:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=843569b7c3b1f89a539f41d6e695e599ddeea747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:28:19:c1:ef:ab:d3:a6:9b:56:83:5b:0d:
f4:67:11:01:12:ce:ef:a0:22:81:53:a1:87:59:41:
09:d6:6a:5f:69:bb:c6:5e:ec:f0:bb:1f:aa:a7:9d:
6e:8e:95:51:cf:02:51:e3:f3:1f:5c:ce:f2:3a:d5:
2b:5c:5a:2b:e2:8e:18:50:44:a0:0a:b9:00:38:a8:
7d:37:56:1a:a0:42:1e:7e:8e:45:04:38:ba:c3:8a:
4e:40:12:34:48:58:9d:fa:24:67:79:2f:f3:49:29:
d2:94:8a:41:91:59:99:d5:8a:c3:2f:13:b1:e7:f2:
56:a8:07:26:cd:d5:35:ec:b8:2c:81:dd:d4:a7:81:
d8:14:e2:5e:e1:7f:f3:61:83:58:0f:7c:94:b1:79:
1e:e2:50:24:77:bf:95:b4:6f:5b:41:52:74:20:53:
cb:41:e9:5f:da:01:62:a8:5c:e5:94:fc:12:dd:ab:
47:43:ab:2b:b4:c0:3d:4d:b1:cf:d8:91:b4:77:3c:
65:23:e2:be:a4:e8:3b:fe:31:3a:c1:00:6b:e3:03:
7f:c7:fc:d0:3b:2b:0c:95:e8:3a:32:fc:d1:a5:21:
e2:a4:75:df:26:5e:b6:da:79:7c:68:5a:e9:b4:14:
c2:e3:96:81:06:f6:bb:19:e3:17:5f:75:00:d6:f5:
8a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:35:69:B7:C3:B1:F8:9A:53:9F:41:D6:E6:95:E5:99:DD:EE:A7:47
X509v3 Authority Key Identifier:
keyid:D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/hDVpt8Ox-JpTn0HW5pXlmd3up0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/0d9IA-VLCEqZy3uwRL95EydZS3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5c47:3e8::/48
Signature Algorithm: sha256WithRSAEncryption
4f:20:f8:96:50:61:02:89:93:46:9f:16:ab:01:c6:29:fc:65:
cd:f7:32:d3:ac:63:aa:32:d7:03:15:38:c9:30:21:f7:00:0e:
f2:c7:fa:a9:42:6f:34:fb:e0:ac:d8:91:7e:e6:d4:3b:7e:79:
be:d4:66:c1:ac:cf:35:ab:a1:ef:ce:92:f8:be:a5:aa:01:c7:
5d:20:0a:b4:78:3e:d8:c1:0a:35:b5:f1:11:2d:24:f7:a6:b7:
38:7d:e2:05:e9:89:9c:4c:54:3b:5c:4c:22:95:f1:b9:cc:57:
e3:b0:2b:81:8f:d6:fd:31:95:8a:81:af:8d:7d:1b:a9:2b:f7:
61:93:e1:d1:46:24:ad:4e:46:0b:48:fd:0d:7d:31:d3:5e:8d:
42:3c:79:71:1a:5e:0e:3b:f8:91:f6:33:60:c5:9e:41:2b:73:
a1:97:13:78:4b:95:2f:e1:4c:7b:22:f1:de:57:ee:b2:fe:08:
4a:24:ec:0c:62:12:82:e1:95:1f:9d:2a:a5:c9:a2:ac:ee:6a:
db:63:e3:3f:5b:5d:05:4a:f7:6f:57:59:9d:bd:e4:06:e6:50:
d9:07:eb:24:f2:09:a1:6c:e2:59:a2:74:e3:6e:ea:90:3a:10:
96:3b:2f:b1:c4:cd:90:4c:87:97:01:08:de:ca:a6:4e:ac:bd:
9c:64:8f:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwlOuOQSaI/Pv5KUG01jYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGY0ODAzZTU0YjA4NGE5OWNiN2JiMDQ0YmY3OTEzMjc1
OTRiNzMwHhcNMjMwMTAyMDM0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDM1NjliN2MzYjFmODlhNTM5ZjQxZDZlNjk1ZTU5OWRkZWVhNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkQoGcHvq9Omm1aDWw30ZxEBEs7v
oCKBU6GHWUEJ1mpfabvGXuzwux+qp51ujpVRzwJR4/MfXM7yOtUrXFor4o4YUESg
CrkAOKh9N1YaoEIefo5FBDi6w4pOQBI0SFid+iRneS/zSSnSlIpBkVmZ1YrDLxOx
5/JWqAcmzdU17Lgsgd3Up4HYFOJe4X/zYYNYD3yUsXke4lAkd7+VtG9bQVJ0IFPL
Qelf2gFiqFzllPwS3atHQ6srtMA9TbHP2JG0dzxlI+K+pOg7/jE6wQBr4wN/x/zQ
OysMleg6MvzRpSHipHXfJl622nl8aFrptBTC45aBBva7GeMXX3UA1vWKkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIQ1abfDsfiaU59B1uaV5Znd7qdHMB8GA1UdIwQY
MBaAFNHfSAPlSwhKmct7sES/eRMnWUtzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5Nzct
NDhmNWU4NzY3ZDAyLzEvaERWcHQ4T3gtSnBUbjBIVzVwWGxtZDN1cDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5NzctNDhmNWU4NzY3ZDAy
LzEvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9cRwPo
MA0GCSqGSIb3DQEBCwUAA4IBAQBPIPiWUGECiZNGnxarAcYp/GXN9zLTrGOqMtcD
FTjJMCH3AA7yx/qpQm80++Cs2JF+5tQ7fnm+1GbBrM81q6HvzpL4vqWqAcddIAq0
eD7YwQo1tfERLST3prc4feIF6YmcTFQ7XEwilfG5zFfjsCuBj9b9MZWKga+NfRup
K/dhk+HRRiStTkYLSP0NfTHTXo1CPHlxGl4OO/iR9jNgxZ5BK3OhlxN4S5Uv4Ux7
IvHeV+6y/ghKJOwMYhKC4ZUfnSqlyaKs7mrbY+M/W10FSvdvV1mdveQG5lDZB+sk
8gmhbOJZonTjbuqQOhCWOy+xxM2QTIeXAQjeyqZOrL2cZI9n
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:45 2025 by rpki-client