Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d2ff0f-e24a-4313-98c1-22e5547316b5/1/HppOOXjKmHEYssXbYxwMpdISwUE.roa
File: HppOOXjKmHEYssXbYxwMpdISwUE.roa (raw, json)
Hash identifier: bSsuOur+t3x0FNl542zQ681pN+K/hNr3x8zSl+MhoO0=
Subject key identifier: 1E:9A:4E:39:78:CA:98:71:18:B2:C5:DB:63:1C:0C:A5:D2:12:C1:41
Certificate issuer: /CN=e81d2dcf2b69abdbd609436440115a9e4ea19a05
Certificate serial: 01856C4A5C2DC843B0D042C524A5E9AA10FD
Authority key identifier: E8:1D:2D:CF:2B:69:AB:DB:D6:09:43:64:40:11:5A:9E:4E:A1:9A:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6B0tzytpq9vWCUNkQBFank6hmgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/d2ff0f-e24a-4313-98c1-22e5547316b5/1/HppOOXjKmHEYssXbYxwMpdISwUE.roa
Signing time: Sun 01 Jan 2023 07:44:50 +0000
ROA not before: Sun 01 Jan 2023 07:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205016
IP address blocks: 2001:67c:198c::/48 maxlen: 48
2001:67c:2660::/48 maxlen: 48
2001:67c:2628::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:5c:2d:c8:43:b0:d0:42:c5:24:a5:e9:aa:10:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e81d2dcf2b69abdbd609436440115a9e4ea19a05
Validity
Not Before: Jan 1 07:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e9a4e3978ca987118b2c5db631c0ca5d212c141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f7:07:15:25:2b:a4:88:97:e8:b1:6f:ad:83:
ac:25:35:82:67:80:2b:4e:14:02:5b:11:de:98:22:
1d:41:9f:7d:08:f1:e3:6c:93:e1:44:70:62:88:ad:
b7:f1:87:8d:a8:69:36:cd:7e:e4:b9:2b:55:ca:59:
6f:4e:6a:be:2b:4c:36:6c:35:03:9e:f7:16:87:06:
c7:c6:bd:df:da:11:92:66:79:39:ac:49:09:11:70:
d0:e1:81:9d:58:e0:b9:75:ba:5d:69:a1:56:c3:b0:
7d:d1:1f:cd:9d:ba:c6:55:11:ce:00:60:7a:b4:57:
78:b3:d5:96:ec:81:c9:8b:7c:b7:18:88:c0:4a:0d:
7e:2e:30:d1:b5:f1:27:5b:e0:9d:35:e9:b9:d5:42:
ac:54:6e:5a:a4:7f:9d:20:f6:28:c8:aa:56:75:11:
5f:c5:7b:a1:2c:a9:b5:24:26:15:8e:76:90:04:7e:
b5:6f:a6:d7:53:f2:b9:96:bd:20:f6:91:cb:61:6e:
c2:2f:00:f1:2e:98:f3:d3:82:75:8e:9f:d4:77:aa:
9a:50:6a:f7:4f:ff:9a:36:0e:ab:af:29:30:09:ca:
d9:26:f1:21:7c:04:f0:d1:05:73:53:6d:06:9e:6a:
9e:19:4c:64:db:af:f2:d3:9e:9b:8f:16:d4:86:e0:
73:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9A:4E:39:78:CA:98:71:18:B2:C5:DB:63:1C:0C:A5:D2:12:C1:41
X509v3 Authority Key Identifier:
keyid:E8:1D:2D:CF:2B:69:AB:DB:D6:09:43:64:40:11:5A:9E:4E:A1:9A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6B0tzytpq9vWCUNkQBFank6hmgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d2ff0f-e24a-4313-98c1-22e5547316b5/1/HppOOXjKmHEYssXbYxwMpdISwUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d2ff0f-e24a-4313-98c1-22e5547316b5/1/6B0tzytpq9vWCUNkQBFank6hmgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:198c::/48
2001:67c:2628::/48
2001:67c:2660::/48
Signature Algorithm: sha256WithRSAEncryption
51:cb:6a:04:5e:0b:a0:27:50:7c:05:21:36:21:f2:c4:f2:f8:
ce:fa:b0:4f:41:09:4e:a6:20:a2:61:4d:44:cd:6e:da:b9:c2:
39:f9:29:8b:db:b3:c7:db:9e:dd:37:6a:fc:11:8b:7d:10:da:
f3:bf:59:2f:1b:10:e7:83:17:04:b3:07:dc:be:76:78:de:0f:
08:cc:ae:20:89:8b:fe:3d:4b:be:8e:bb:23:c9:a0:c0:b3:b4:
0e:a6:75:87:1d:e7:3a:8b:39:b6:c4:e5:81:28:d0:11:7c:fd:
57:a7:f9:11:b1:03:dd:06:5f:9c:7e:76:b2:48:5e:55:5c:88:
46:9e:bb:21:c9:e2:05:a8:89:9c:f4:b8:5b:5f:fd:81:93:9a:
b4:f6:53:6d:8e:a7:02:3d:0e:8d:0f:30:40:79:11:e8:07:c9:
5a:75:48:4f:fb:a3:03:4d:db:0e:25:3b:7d:7d:a3:b3:ea:70:
45:a9:58:93:41:c4:20:85:f6:f4:19:34:46:33:28:6e:06:e0:
6f:f6:cd:0b:34:e5:62:76:64:0d:4d:f4:16:c5:8f:ee:45:22:
d6:a0:3a:33:ff:8b:9e:90:e9:f4:8b:52:de:9a:31:a2:28:c7:
77:03:1e:98:a3:b4:75:63:05:c6:2d:83:e2:50:ee:7e:b3:37:
c6:9f:2a:70
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsSlwtyEOw0ELFJKXpqhD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MWQyZGNmMmI2OWFiZGJkNjA5NDM2NDQwMTE1YTllNGVh
MTlhMDUwHhcNMjMwMTAxMDc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTlhNGUzOTc4Y2E5ODcxMThiMmM1ZGI2MzFjMGNhNWQyMTJjMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPcHFSUrpIiX6LFvrYOsJTWCZ4Ar
ThQCWxHemCIdQZ99CPHjbJPhRHBiiK238YeNqGk2zX7kuStVyllvTmq+K0w2bDUD
nvcWhwbHxr3f2hGSZnk5rEkJEXDQ4YGdWOC5dbpdaaFWw7B90R/NnbrGVRHOAGB6
tFd4s9WW7IHJi3y3GIjASg1+LjDRtfEnW+CdNem51UKsVG5apH+dIPYoyKpWdRFf
xXuhLKm1JCYVjnaQBH61b6bXU/K5lr0g9pHLYW7CLwDxLpjz04J1jp/Ud6qaUGr3
T/+aNg6rrykwCcrZJvEhfATw0QVzU20GnmqeGUxk26/y056bjxbUhuBzRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB6aTjl4yphxGLLF22McDKXSEsFBMB8GA1UdIwQY
MBaAFOgdLc8raavb1glDZEARWp5OoZoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkIwdHp5dHBxOXZXQ1VOa1FCRmFuazZobWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kMmZmMGYtZTI0YS00MzEzLTk4YzEt
MjJlNTU0NzMxNmI1LzEvSHBwT09YakttSEVZc3NYYll4d01wZElTd1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kMmZmMGYtZTI0YS00MzEzLTk4YzEtMjJlNTU0NzMxNmI1
LzEvNkIwdHp5dHBxOXZXQ1VOa1FCRmFuazZobWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGfBmM
AwcAIAEGfCYoAwcAIAEGfCZgMA0GCSqGSIb3DQEBCwUAA4IBAQBRy2oEXgugJ1B8
BSE2IfLE8vjO+rBPQQlOpiCiYU1EzW7aucI5+SmL27PH257dN2r8EYt9ENrzv1kv
GxDngxcEswfcvnZ43g8IzK4giYv+PUu+jrsjyaDAs7QOpnWHHec6izm2xOWBKNAR
fP1Xp/kRsQPdBl+cfnaySF5VXIhGnrshyeIFqImc9LhbX/2Bk5q09lNtjqcCPQ6N
DzBAeRHoB8ladUhP+6MDTdsOJTt9faOz6nBFqViTQcQghfb0GTRGMyhuBuBv9s0L
NOVidmQNTfQWxY/uRSLWoDoz/4uekOn0i1LemjGiKMd3Ax6Yo7R1YwXGLYPiUO5+
szfGnypw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:59 2025 by rpki-client