Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/HBst9NcnMg2Jb2S9dbEOzAGdjNI.roa
File: HBst9NcnMg2Jb2S9dbEOzAGdjNI.roa (raw, json)
Hash identifier: K98PThHNV8SPuVSBQkd7cKoDCq2fa7+fel4mrC5EiRQ=
Subject key identifier: 1C:1B:2D:F4:D7:27:32:0D:89:6F:64:BD:75:B1:0E:CC:01:9D:8C:D2
Certificate issuer: /CN=f74444a0867fcca9a3569c1fd092133546a37f4b
Certificate serial: 01856CA5DA9AAE1733827DAD2BCE2DDEA268
Authority key identifier: F7:44:44:A0:86:7F:CC:A9:A3:56:9C:1F:D0:92:13:35:46:A3:7F:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/90REoIZ_zKmjVpwf0JITNUajf0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/HBst9NcnMg2Jb2S9dbEOzAGdjNI.roa
Signing time: Sun 01 Jan 2023 09:24:46 +0000
ROA not before: Sun 01 Jan 2023 09:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197422
IP address blocks: 2001:67c:2608::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:da:9a:ae:17:33:82:7d:ad:2b:ce:2d:de:a2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f74444a0867fcca9a3569c1fd092133546a37f4b
Validity
Not Before: Jan 1 09:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c1b2df4d727320d896f64bd75b10ecc019d8cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2b:fb:38:73:10:44:3f:b7:35:b8:5f:09:0d:
3f:52:7b:f6:80:8b:23:c4:ab:31:ba:05:46:fd:ec:
86:db:53:36:d5:a9:87:1f:0a:1e:a3:95:c8:1a:0c:
e4:50:e2:6d:2c:27:11:50:10:bf:ea:0a:65:b1:b4:
69:d8:e9:13:39:53:4b:97:02:10:96:e3:1f:35:b0:
f0:71:56:50:87:60:94:24:e3:d3:9a:51:61:ae:68:
fd:be:09:2d:19:6a:a0:9f:af:c8:44:63:2e:e7:6b:
3f:e6:fa:0a:6c:f4:b6:27:6c:06:3a:ad:b9:0a:c3:
ca:69:00:13:5c:6c:2e:7d:77:c1:72:a1:13:9f:64:
05:a1:ad:c5:20:2e:58:00:9f:a9:dd:8b:11:5b:41:
45:d6:30:02:02:82:59:81:ff:28:43:7a:6a:b7:78:
7a:fb:9c:f5:47:e4:b3:93:5d:bd:9a:7b:72:63:b2:
aa:96:fa:2b:18:69:b7:5c:92:94:3b:a8:cd:b0:2f:
a0:7e:db:35:3f:02:9a:f0:76:a2:f2:fd:f1:9a:ac:
f6:ec:d9:0e:2b:1a:85:c9:2d:68:de:29:74:ce:c8:
8e:f1:78:e8:19:4c:e1:8a:e6:34:e8:33:93:be:d8:
17:9b:d1:bd:b8:2b:11:2c:f0:62:74:89:51:ad:44:
2d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1B:2D:F4:D7:27:32:0D:89:6F:64:BD:75:B1:0E:CC:01:9D:8C:D2
X509v3 Authority Key Identifier:
keyid:F7:44:44:A0:86:7F:CC:A9:A3:56:9C:1F:D0:92:13:35:46:A3:7F:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/90REoIZ_zKmjVpwf0JITNUajf0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/HBst9NcnMg2Jb2S9dbEOzAGdjNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/90REoIZ_zKmjVpwf0JITNUajf0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2608::/48
Signature Algorithm: sha256WithRSAEncryption
0c:3e:bb:03:da:79:db:c4:8f:c7:e7:0a:80:73:fc:09:32:54:
3a:a5:6d:fe:73:98:59:e1:90:a0:fb:93:27:3a:f5:51:89:d3:
f7:bf:19:fd:c6:00:ac:f6:9a:fa:10:82:81:66:a2:42:eb:cd:
9e:7d:98:93:54:62:2b:a0:e2:83:55:27:bc:0b:47:f8:13:59:
e6:03:96:0b:c3:08:07:21:9e:98:c1:3a:50:5f:59:14:88:1f:
d9:65:94:59:94:43:4a:ac:0e:1e:27:c1:71:dc:09:3c:f0:aa:
cf:90:e4:a8:df:75:90:e4:3c:32:34:17:26:3b:5c:c1:8e:02:
52:a3:8c:5e:51:62:8f:82:c8:30:b9:22:a8:1e:dd:01:b9:bc:
5a:c4:0a:d8:64:ad:be:e7:23:dc:08:e9:a8:d8:a5:81:97:70:
5c:47:8e:7e:bc:ae:8f:e2:79:4f:d1:a3:fa:ee:d7:67:66:29:
83:34:89:93:25:bd:48:82:d4:b7:2f:a3:76:db:77:b5:af:1d:
b8:6a:3f:9a:1a:dd:7a:4f:5b:5b:00:42:24:fe:e7:5d:bd:c1:
bb:0e:84:b7:3b:01:b2:1f:75:fe:e8:2b:c0:24:55:3e:e2:c6:
18:83:13:f1:95:bb:a3:cc:dd:8c:b9:4d:d1:b6:6a:c3:dc:7f:
d7:86:d4:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVspdqarhczgn2tK84t3qJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NDQ0NGEwODY3ZmNjYTlhMzU2OWMxZmQwOTIxMzM1NDZh
MzdmNGIwHhcNMjMwMTAxMDkyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzFiMmRmNGQ3MjczMjBkODk2ZjY0YmQ3NWIxMGVjYzAxOWQ4Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCv7OHMQRD+3NbhfCQ0/Unv2gIsj
xKsxugVG/eyG21M21amHHwoeo5XIGgzkUOJtLCcRUBC/6gplsbRp2OkTOVNLlwIQ
luMfNbDwcVZQh2CUJOPTmlFhrmj9vgktGWqgn6/IRGMu52s/5voKbPS2J2wGOq25
CsPKaQATXGwufXfBcqETn2QFoa3FIC5YAJ+p3YsRW0FF1jACAoJZgf8oQ3pqt3h6
+5z1R+Szk129mntyY7KqlvorGGm3XJKUO6jNsC+gfts1PwKa8Hai8v3xmqz27NkO
KxqFyS1o3il0zsiO8XjoGUzhiuY06DOTvtgXm9G9uCsRLPBidIlRrUQtXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBwbLfTXJzINiW9kvXWxDswBnYzSMB8GA1UdIwQY
MBaAFPdERKCGf8ypo1acH9CSEzVGo39LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTBSRW9JWl96S21qVnB3ZjBKSVROVWFqZjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mNjQwNTMtYjkzOC00YzUxLThlYzUt
NWQyNTI0NGU0YWFkLzEvSEJzdDlOY25NZzJKYjJTOWRiRU96QUdkak5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mNjQwNTMtYjkzOC00YzUxLThlYzUtNWQyNTI0NGU0YWFk
LzEvOTBSRW9JWl96S21qVnB3ZjBKSVROVWFqZjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCYI
MA0GCSqGSIb3DQEBCwUAA4IBAQAMPrsD2nnbxI/H5wqAc/wJMlQ6pW3+c5hZ4ZCg
+5MnOvVRidP3vxn9xgCs9pr6EIKBZqJC682efZiTVGIroOKDVSe8C0f4E1nmA5YL
wwgHIZ6YwTpQX1kUiB/ZZZRZlENKrA4eJ8Fx3Ak88KrPkOSo33WQ5DwyNBcmO1zB
jgJSo4xeUWKPgsgwuSKoHt0BubxaxArYZK2+5yPcCOmo2KWBl3BcR45+vK6P4nlP
0aP67tdnZimDNImTJb1IgtS3L6N223e1rx24aj+aGt16T1tbAEIk/uddvcG7DoS3
OwGyH3X+6CvAJFU+4sYYgxPxlbujzN2MuU3RtmrD3H/XhtQQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:33 2025 by rpki-client