Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/hMB3a_g0b1cPwBcJjcHed3ZUnSs.roa
File: hMB3a_g0b1cPwBcJjcHed3ZUnSs.roa (raw, json)
Hash identifier: e4QIB9aOFWTDwHDqYEymzT/3RefwI3NfHzsRbaJo25o=
Subject key identifier: 84:C0:77:6B:F8:34:6F:57:0F:C0:17:09:8D:C1:DE:77:76:54:9D:2B
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 018A980DB68072E70B00BCD277F5D58C4462
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/hMB3a_g0b1cPwBcJjcHed3ZUnSs.roa
Signing time: Fri 15 Sep 2023 08:55:50 +0000
ROA not before: Fri 15 Sep 2023 08:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51369
IP address blocks: 2a13:6d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:0d:b6:80:72:e7:0b:00:bc:d2:77:f5:d5:8c:44:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Sep 15 08:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84c0776bf8346f570fc017098dc1de7776549d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9a:98:83:bd:1d:19:10:ce:6d:10:fc:b9:18:
82:39:85:16:20:cf:b9:7a:4c:64:51:c3:6e:73:66:
32:fc:a7:9e:98:ed:c3:38:3a:7c:ef:2c:5c:d3:bf:
c6:0f:ca:a7:71:cb:77:62:b6:1f:44:b7:0f:9e:a4:
11:df:31:a2:4b:e0:04:14:2e:55:99:74:75:8b:9f:
4b:cc:05:8e:11:4e:41:4e:aa:63:99:ca:ca:80:83:
7f:d1:f4:87:67:fd:a4:9c:e9:ad:4e:73:23:d9:a6:
fd:d7:f3:4e:7e:d2:34:cd:2d:2c:41:9e:1f:2a:9d:
0c:56:5b:7b:72:3f:06:47:88:d7:08:f9:12:49:0c:
bd:3b:a0:30:c5:e5:ae:1c:b5:02:3c:c3:74:d9:0e:
e9:66:74:bd:55:7f:20:e3:1c:7a:f9:13:61:b9:06:
0f:96:a3:29:b2:65:f9:3b:57:19:73:75:31:fb:bb:
c5:2b:e7:1c:37:38:6a:27:c6:e8:fe:62:0d:3f:bf:
15:39:fa:b6:c1:b6:5f:d2:77:8d:09:de:8b:0b:00:
6a:a6:59:5b:b1:96:d9:74:6f:f2:0f:32:9b:0d:df:
a3:91:2c:fd:88:55:a1:c1:bb:88:f1:ff:32:13:72:
9e:09:26:02:68:8c:00:5d:fc:c0:bf:4b:92:cb:05:
c7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C0:77:6B:F8:34:6F:57:0F:C0:17:09:8D:C1:DE:77:76:54:9D:2B
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/hMB3a_g0b1cPwBcJjcHed3ZUnSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
a9:b0:ff:d8:67:59:9d:3d:78:28:98:89:f8:71:cd:95:6f:1b:
8f:1c:5c:f7:66:4a:b6:96:81:f6:33:ff:4a:06:53:bc:31:44:
d5:15:36:fe:89:6c:3b:91:d5:a3:4d:61:61:33:57:82:79:d8:
6c:42:5c:65:d9:2a:b2:9b:df:fe:06:4f:f2:9d:64:f6:fe:29:
77:1e:3f:c7:dd:11:f9:73:76:b2:4f:1e:42:c6:e7:01:4e:1d:
85:8c:a0:d5:53:f7:14:81:c9:ec:98:ef:00:fc:03:f8:25:15:
3a:7a:23:1a:69:99:52:bc:06:ac:92:8f:43:96:7b:36:6a:11:
24:a9:b9:77:db:84:3c:59:ee:e0:c6:1a:16:b2:78:fc:f8:c3:
6b:6c:60:a6:f3:5e:f1:ef:97:4b:01:fd:44:b4:e8:21:f1:4a:
b6:78:10:55:2e:d0:f6:73:86:7b:cf:dd:18:70:30:a2:4e:8f:
b7:b1:4b:67:31:c8:9e:54:7f:01:e7:78:38:e6:b9:93:9f:8e:
7c:02:88:6b:e0:a4:0d:37:94:69:e0:69:1b:15:7e:5f:de:62:
06:d7:70:96:8a:cb:49:06:50:1d:b6:a7:36:18:c1:b4:c9:6b:
7a:3d:de:d1:cc:ce:35:9b:af:89:2a:73:04:d9:93:dc:93:3d:
58:76:5b:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqYDbaAcucLALzSd/XVjERiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjMwOTE1MDg1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGMwNzc2YmY4MzQ2ZjU3MGZjMDE3MDk4ZGMxZGU3Nzc2NTQ5ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJqYg70dGRDObRD8uRiCOYUWIM+5
ekxkUcNuc2Yy/KeemO3DODp87yxc07/GD8qncct3YrYfRLcPnqQR3zGiS+AEFC5V
mXR1i59LzAWOEU5BTqpjmcrKgIN/0fSHZ/2knOmtTnMj2ab91/NOftI0zS0sQZ4f
Kp0MVlt7cj8GR4jXCPkSSQy9O6AwxeWuHLUCPMN02Q7pZnS9VX8g4xx6+RNhuQYP
lqMpsmX5O1cZc3Ux+7vFK+ccNzhqJ8bo/mINP78VOfq2wbZf0neNCd6LCwBqpllb
sZbZdG/yDzKbDd+jkSz9iFWhwbuI8f8yE3KeCSYCaIwAXfzAv0uSywXHnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFITAd2v4NG9XD8AXCY3B3nd2VJ0rMB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvaE1CM2FfZzBiMWNQd0JjSmpjSGVkM1pVblNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNtQDAN
BgkqhkiG9w0BAQsFAAOCAQEAqbD/2GdZnT14KJiJ+HHNlW8bjxxc92ZKtpaB9jP/
SgZTvDFE1RU2/olsO5HVo01hYTNXgnnYbEJcZdkqspvf/gZP8p1k9v4pdx4/x90R
+XN2sk8eQsbnAU4dhYyg1VP3FIHJ7JjvAPwD+CUVOnojGmmZUrwGrJKPQ5Z7NmoR
JKm5d9uEPFnu4MYaFrJ4/PjDa2xgpvNe8e+XSwH9RLToIfFKtngQVS7Q9nOGe8/d
GHAwok6Pt7FLZzHInlR/Aed4OOa5k5+OfAKIa+CkDTeUaeBpGxV+X95iBtdwlorL
SQZQHbanNhjBtMlrej3e0czONZuviSpzBNmT3JM9WHZboA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:32 2025 by rpki-client