Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/HCvGS_nAKRvI3vqx1eaiigGiND4.roa
File: HCvGS_nAKRvI3vqx1eaiigGiND4.roa (raw, json)
Hash identifier: 0W7xLtts2QLNsPJaE65XhzshTpU0GJqWcloBPPb/aL0=
Subject key identifier: 1C:2B:C6:4B:F9:C0:29:1B:C8:DE:FA:B1:D5:E6:A2:8A:01:A2:34:3E
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 0188070AD11FF11CA4D180F22935BD73E6C5
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/HCvGS_nAKRvI3vqx1eaiigGiND4.roa
Signing time: Wed 10 May 2023 19:02:09 +0000
ROA not before: Wed 10 May 2023 19:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20661
IP address blocks: 2a05:2180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:0a:d1:1f:f1:1c:a4:d1:80:f2:29:35:bd:73:e6:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: May 10 19:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c2bc64bf9c0291bc8defab1d5e6a28a01a2343e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f8:28:25:85:4c:b8:54:b8:ef:d7:46:8e:57:
77:fe:b0:63:3f:d3:30:2b:fc:9b:87:5d:fb:23:ed:
58:6e:5f:2a:c6:b7:38:17:0b:59:19:82:d7:df:91:
88:94:02:87:1e:c9:db:a2:ef:24:c4:35:41:1d:16:
5f:4a:aa:30:e3:12:1b:c1:b4:9b:a9:47:51:df:7e:
02:d0:60:4c:a0:e4:4b:5e:bd:53:0f:f9:3e:66:44:
56:39:b8:2a:a0:a8:b4:ff:33:54:d5:71:2a:a4:fb:
37:d8:d4:aa:92:7a:ff:89:26:e0:30:78:c0:b5:6f:
7d:ac:5c:4b:db:de:ff:dc:62:14:59:59:cd:c7:6a:
1a:88:d8:02:8f:39:e7:db:87:ad:4d:2d:17:d6:56:
90:f9:5c:81:24:3b:67:d3:a0:41:30:bc:43:1c:9f:
a5:90:71:b6:e5:61:0b:16:0c:6c:ef:b9:ce:9a:04:
b1:14:fa:1a:de:cc:3f:8e:b1:5a:c5:95:98:50:ac:
00:b8:f8:6d:51:fa:a4:7f:30:db:50:a0:c2:7e:68:
d0:70:d0:62:47:dd:bc:61:64:a6:be:1c:6c:b8:4a:
9d:99:af:16:18:f4:9f:3e:eb:2e:dd:34:d9:3e:32:
19:74:1a:a3:51:c9:38:a3:87:cb:d2:77:f3:98:35:
c1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2B:C6:4B:F9:C0:29:1B:C8:DE:FA:B1:D5:E6:A2:8A:01:A2:34:3E
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/HCvGS_nAKRvI3vqx1eaiigGiND4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
5f:4c:40:3a:3c:38:4d:71:6d:42:6b:b0:e7:e9:66:a9:33:48:
aa:0c:d2:37:ef:c7:19:59:cc:fc:a7:b0:bc:83:6c:9e:1e:fe:
4f:4d:46:fc:d2:8b:b3:e5:26:ba:77:64:a0:79:02:be:23:69:
ca:f4:49:e5:58:11:fa:0a:b5:6a:13:23:c3:ab:02:91:cf:f5:
f6:0c:d8:c5:a0:bc:b5:8f:ef:a3:44:ca:b1:60:cd:a5:96:a5:
04:08:4a:18:9c:d6:d4:6e:b0:94:96:0d:27:a7:36:ea:ca:47:
38:9f:f6:3b:a3:ab:6f:16:2b:e2:c3:02:22:19:81:61:85:75:
f6:1c:7f:b6:2d:3c:76:27:9c:6a:bc:11:f3:23:cf:43:f6:81:
49:27:8e:65:e7:6c:ef:e6:a1:44:42:82:90:01:75:1a:80:93:
81:93:2e:34:71:a6:eb:2d:03:e8:eb:20:ac:0f:34:d4:c2:3f:
dd:0f:41:67:06:2d:ba:71:69:48:84:a7:b0:ef:13:3d:db:20:
9a:70:8c:1f:b4:35:35:1a:2f:e3:36:95:d8:12:d8:fa:ec:11:
05:71:b4:48:59:69:68:a1:87:74:05:fc:56:f6:9a:57:5b:b8:
94:74:7c:59:33:a6:db:c8:13:0b:31:00:53:a9:14:ee:af:03:
5b:07:ee:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYgHCtEf8Ryk0YDyKTW9c+bFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjMwNTEwMTkwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJiYzY0YmY5YzAyOTFiYzhkZWZhYjFkNWU2YTI4YTAxYTIzNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovgoJYVMuFS479dGjld3/rBjP9Mw
K/ybh137I+1Ybl8qxrc4FwtZGYLX35GIlAKHHsnbou8kxDVBHRZfSqow4xIbwbSb
qUdR334C0GBMoORLXr1TD/k+ZkRWObgqoKi0/zNU1XEqpPs32NSqknr/iSbgMHjA
tW99rFxL297/3GIUWVnNx2oaiNgCjznn24etTS0X1laQ+VyBJDtn06BBMLxDHJ+l
kHG25WELFgxs77nOmgSxFPoa3sw/jrFaxZWYUKwAuPhtUfqkfzDbUKDCfmjQcNBi
R928YWSmvhxsuEqdma8WGPSfPusu3TTZPjIZdBqjUck4o4fL0nfzmDXBUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBwrxkv5wCkbyN76sdXmoooBojQ+MB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvSEN2R1NfbkFLUnZJM3ZxeDFlYWlpZ0dpTkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgUhgDAN
BgkqhkiG9w0BAQsFAAOCAQEAX0xAOjw4TXFtQmuw5+lmqTNIqgzSN+/HGVnM/Kew
vINsnh7+T01G/NKLs+UmundkoHkCviNpyvRJ5VgR+gq1ahMjw6sCkc/19gzYxaC8
tY/vo0TKsWDNpZalBAhKGJzW1G6wlJYNJ6c26spHOJ/2O6OrbxYr4sMCIhmBYYV1
9hx/ti08diecarwR8yPPQ/aBSSeOZeds7+ahREKCkAF1GoCTgZMuNHGm6y0D6Osg
rA801MI/3Q9BZwYtunFpSISnsO8TPdsgmnCMH7Q1NRov4zaV2BLY+uwRBXG0SFlp
aKGHdAX8VvaaV1u4lHR8WTOm28gTCzEAU6kU7q8DWwfu6Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:15:38 2025 by rpki-client