Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hxuISRVUFKiuAZiT-ubu5PwBTrE.roa
File: hxuISRVUFKiuAZiT-ubu5PwBTrE.roa (raw, json)
Hash identifier: bHOWogXFbsLWMuxltmkm3WvotFb91R8ZYR+UP2y6Afw=
Subject key identifier: 87:1B:88:49:15:54:14:A8:AE:01:98:93:FA:E6:EE:E4:FC:01:4E:B1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B65C8BC598F1497374895178BB8F9DD47
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hxuISRVUFKiuAZiT-ubu5PwBTrE.roa
Signing time: Wed 25 Oct 2023 07:42:15 +0000
ROA not before: Wed 25 Oct 2023 07:42:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a13:2cc0::/29 maxlen: 29
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a13:200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:65:c8:bc:59:8f:14:97:37:48:95:17:8b:b8:f9:dd:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 25 07:42:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=871b8849155414a8ae019893fae6eee4fc014eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bb:12:eb:33:60:67:a5:eb:6a:0e:db:99:26:
7d:c8:a2:ac:0c:9d:42:aa:4d:db:97:0c:67:4d:c4:
2f:1d:8b:88:7c:a9:8a:c5:80:48:b9:fd:e4:40:89:
d3:16:29:12:04:cf:1c:c0:11:81:48:de:e7:0d:a9:
cb:19:9a:0b:57:73:da:75:c2:6e:e2:05:57:5c:cd:
10:b1:c3:e7:d2:5c:93:39:88:73:d8:d1:1a:45:4b:
95:96:b4:14:ef:08:10:f4:d1:63:4c:03:fa:8b:59:
72:a1:6a:a0:2f:7b:b8:79:b7:cb:71:b4:39:43:60:
c3:48:3d:ef:6b:92:ad:93:87:af:79:40:19:ff:7e:
25:87:b8:32:2c:dd:f5:81:0c:6d:c1:19:e2:0b:49:
46:09:ca:ff:a4:e7:92:67:68:98:6f:30:bd:4d:11:
64:48:69:15:a2:00:fc:57:25:2c:bd:d9:5a:92:e8:
d4:65:64:f6:2e:1d:3e:df:28:a3:95:44:ab:fe:76:
47:4d:75:ed:6b:62:89:fe:61:b3:30:5c:98:bb:b6:
df:9f:fc:8a:ca:56:be:75:64:01:ee:f0:e1:e0:52:
2c:24:c5:a9:ca:93:0a:29:19:8a:42:9b:1c:64:63:
33:ff:df:59:1d:a0:cd:03:7c:19:69:94:de:ae:e2:
1b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1B:88:49:15:54:14:A8:AE:01:98:93:FA:E6:EE:E4:FC:01:4E:B1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hxuISRVUFKiuAZiT-ubu5PwBTrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2100::/29
2a0f:7f00::/29
2a12:d6c0::/29
2a13:200::/29
2a13:2b40::/29
2a13:2cc0::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
20:b5:bd:91:24:92:ed:8e:8d:2c:c2:92:f7:1c:c5:fa:79:e3:
66:c7:cb:3c:ca:0d:d9:df:9a:f2:db:81:e5:e4:a6:a9:b9:95:
d2:51:03:08:0d:88:d1:ab:1a:5e:5a:b0:9b:95:8b:a2:3a:80:
d2:e2:43:85:e4:33:d3:e1:9b:98:d0:2c:48:09:d0:15:2e:24:
1c:39:0d:4a:05:ff:f7:da:b3:9b:d8:7e:43:fb:70:47:23:d3:
06:4b:ae:80:d1:80:89:93:18:34:89:1b:7d:a9:a6:93:46:e2:
7f:3c:0e:74:2b:94:ee:6d:df:72:ee:a5:71:7e:fc:38:38:84:
69:cd:bd:ab:bd:6b:44:ae:8d:78:17:2b:8d:b4:39:fb:d0:3f:
7a:bb:f6:29:04:c7:de:d8:86:29:73:be:e8:26:3d:a5:7d:51:
8b:bc:13:d4:52:60:8e:50:33:00:df:87:08:73:61:10:4f:34:
eb:7c:dd:4a:4c:44:ce:76:9c:8a:b6:d7:ca:f7:9d:e0:f5:47:
d8:7a:0f:d8:c3:24:45:54:1a:06:b6:00:45:af:d3:22:6b:70:
b4:42:d0:93:86:03:41:0f:88:3d:a2:e2:19:0a:14:eb:6e:f9:
85:b1:73:e3:3f:b2:4e:b1:f4:2f:0b:51:7c:91:15:fa:08:29:
e6:63:38:0b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYtlyLxZjxSXN0iVF4u4+d1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDI1MDc0MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFiODg0OTE1NTQxNGE4YWUwMTk4OTNmYWU2ZWVlNGZjMDE0ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirsS6zNgZ6Xrag7bmSZ9yKKsDJ1C
qk3blwxnTcQvHYuIfKmKxYBIuf3kQInTFikSBM8cwBGBSN7nDanLGZoLV3PadcJu
4gVXXM0QscPn0lyTOYhz2NEaRUuVlrQU7wgQ9NFjTAP6i1lyoWqgL3u4ebfLcbQ5
Q2DDSD3va5Ktk4eveUAZ/34lh7gyLN31gQxtwRniC0lGCcr/pOeSZ2iYbzC9TRFk
SGkVogD8VyUsvdlakujUZWT2Lh0+3yijlUSr/nZHTXXta2KJ/mGzMFyYu7bfn/yK
yla+dWQB7vDh4FIsJMWpypMKKRmKQpscZGMz/99ZHaDNA3wZaZTeruIb7QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIcbiEkVVBSorgGYk/rm7uT8AU6xMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaHh1SVNSVlVGS2l1QVppVC11YnU1UHdCVHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg8hAAMF
AyoPfwADBQMqEtbAAwUDKhMCAAMFAyoTK0ADBQMqEyzAAwUDKhPTADANBgkqhkiG
9w0BAQsFAAOCAQEAILW9kSSS7Y6NLMKS9xzF+nnjZsfLPMoN2d+a8tuB5eSmqbmV
0lEDCA2I0asaXlqwm5WLojqA0uJDheQz0+GbmNAsSAnQFS4kHDkNSgX/99qzm9h+
Q/twRyPTBkuugNGAiZMYNIkbfammk0bifzwOdCuU7m3fcu6lcX78ODiEac29q71r
RK6NeBcrjbQ5+9A/erv2KQTH3tiGKXO+6CY9pX1Ri7wT1FJgjlAzAN+HCHNhEE80
63zdSkxEznacirbXyved4PVH2HoP2MMkRVQaBrYARa/TImtwtELQk4YDQQ+IPaLi
GQoU6275hbFz4z+yTrH0LwtRfJEV+ggp5mM4Cw==
-----END CERTIFICATE-----
Generated at Mon May 12 04:36:28 2025 by rpki-client