Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/AHKS5fVmCx2d6qmK3WMQhSbS2WM.roa
File: AHKS5fVmCx2d6qmK3WMQhSbS2WM.roa (raw, json)
Hash identifier: 7puc7NMTfvdaqhFln2Lt1vD2By3o6bgaukKF5BX2gZQ=
Subject key identifier: 00:72:92:E5:F5:66:0B:1D:9D:EA:A9:8A:DD:63:10:85:26:D2:D9:63
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 01865B3CD03FDF662F9CD90295676DBE25E9
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/AHKS5fVmCx2d6qmK3WMQhSbS2WM.roa
Signing time: Thu 16 Feb 2023 17:19:17 +0000
ROA not before: Thu 16 Feb 2023 17:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200327
IP address blocks: 2a13:6d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5b:3c:d0:3f:df:66:2f:9c:d9:02:95:67:6d:be:25:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Feb 16 17:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=007292e5f5660b1d9deaa98add63108526d2d963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:65:83:8c:37:9b:4b:f9:07:26:bf:15:05:57:
d9:8d:3b:c0:83:d1:3c:10:dc:2c:a3:77:d7:0d:49:
c1:8a:fc:d7:9e:86:f0:ff:7c:2c:79:5b:85:70:0d:
ab:11:d7:0c:d2:7d:45:08:f7:db:66:30:22:c8:aa:
94:c2:f6:31:e1:98:40:11:9c:1e:5a:20:0b:7b:80:
cd:2a:bf:8f:c7:08:d2:29:d8:ae:54:b3:18:0d:fd:
84:fb:48:88:2a:11:98:11:4a:e5:f6:0b:ab:6a:3a:
71:ca:43:7b:f0:bb:f0:95:f3:bd:65:1d:b9:5e:9b:
e0:22:34:95:0f:ca:9e:bb:b0:02:27:c2:4f:50:ae:
b7:76:b3:76:4a:b9:8c:6e:ad:38:49:f8:93:d0:ca:
23:ed:b2:0d:73:35:d5:40:24:82:fc:b5:75:3b:29:
47:40:cb:8a:0f:f6:ac:2b:e5:6c:74:b0:e7:8f:69:
4e:d0:fd:56:99:32:25:08:f9:90:a2:10:c5:35:0c:
8c:8c:2c:6f:1c:ec:c8:de:5e:62:f5:a8:3a:be:f4:
6b:b8:48:11:b1:f9:b4:98:d0:d1:38:12:2a:7d:99:
80:2c:c2:15:b3:ff:6f:a0:29:d8:e6:22:07:01:86:
c5:55:a1:c3:11:3e:e9:c6:a0:34:50:8f:b1:e2:0f:
6c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:72:92:E5:F5:66:0B:1D:9D:EA:A9:8A:DD:63:10:85:26:D2:D9:63
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/AHKS5fVmCx2d6qmK3WMQhSbS2WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
46:cf:e3:15:eb:9a:19:8b:f1:cc:4d:a4:ac:bf:f3:5f:f5:00:
60:24:be:8d:da:ed:4b:7b:57:6c:f3:36:e9:28:6b:0f:40:2d:
8f:6a:34:22:a9:89:8d:30:b7:37:79:e8:f0:08:c9:c5:2c:fb:
5e:c1:ac:c7:b2:bb:f8:a9:df:39:fd:80:48:3a:76:ef:61:1c:
98:04:91:9c:68:5b:a2:1a:49:f5:2e:2f:5e:04:fb:ef:08:99:
1e:ef:a9:74:41:37:5a:13:d1:c9:0a:1f:d2:3f:ef:77:a1:06:
af:c5:34:79:1a:84:ff:fd:cb:36:3d:77:50:e2:06:ce:d5:f2:
6a:ff:00:da:9f:46:70:99:26:4f:7f:e3:9d:43:40:ab:6a:f9:
e7:94:23:96:15:05:30:db:69:bc:2e:22:4f:21:ca:ca:54:ea:
53:4a:00:a9:da:ea:e4:2f:d9:d2:9b:58:67:55:d2:90:d3:1b:
c0:9c:f4:6c:c7:5a:5b:81:a6:2f:63:99:5b:4f:39:50:b8:53:
92:c5:d0:e0:ae:44:04:b1:ce:9f:ae:4c:21:14:74:f1:3a:06:
a9:81:fc:d1:d3:b0:c0:e5:91:c5:11:3c:9e:e8:07:ef:15:4c:
f5:60:c9:08:1d:29:a5:f0:8d:a4:e0:17:9e:06:a7:10:97:92:
e7:de:f8:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYZbPNA/32YvnNkClWdtviXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjMwMjE2MTcxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcyOTJlNWY1NjYwYjFkOWRlYWE5OGFkZDYzMTA4NTI2ZDJkOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWWDjDebS/kHJr8VBVfZjTvAg9E8
ENwso3fXDUnBivzXnobw/3wseVuFcA2rEdcM0n1FCPfbZjAiyKqUwvYx4ZhAEZwe
WiALe4DNKr+PxwjSKdiuVLMYDf2E+0iIKhGYEUrl9gurajpxykN78LvwlfO9ZR25
XpvgIjSVD8qeu7ACJ8JPUK63drN2SrmMbq04SfiT0Moj7bINczXVQCSC/LV1OylH
QMuKD/asK+VsdLDnj2lO0P1WmTIlCPmQohDFNQyMjCxvHOzI3l5i9ag6vvRruEgR
sfm0mNDROBIqfZmALMIVs/9voCnY5iIHAYbFVaHDET7pxqA0UI+x4g9sjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFABykuX1Zgsdneqpit1jEIUm0tljMB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvQUhLUzVmVm1DeDJkNnFtSzNXTVFoU2JTMldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNtQDAN
BgkqhkiG9w0BAQsFAAOCAQEARs/jFeuaGYvxzE2krL/zX/UAYCS+jdrtS3tXbPM2
6ShrD0Atj2o0IqmJjTC3N3no8AjJxSz7XsGsx7K7+KnfOf2ASDp272EcmASRnGhb
ohpJ9S4vXgT77wiZHu+pdEE3WhPRyQof0j/vd6EGr8U0eRqE//3LNj13UOIGztXy
av8A2p9GcJkmT3/jnUNAq2r555QjlhUFMNtpvC4iTyHKylTqU0oAqdrq5C/Z0ptY
Z1XSkNMbwJz0bMdaW4GmL2OZW085ULhTksXQ4K5EBLHOn65MIRR08ToGqYH80dOw
wOWRxRE8nugH7xVM9WDJCB0ppfCNpOAXnganEJeS59743w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:29:31 2025 by rpki-client