Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Jb7vDcie_UJCKl6ubERo-vSPhdM.roa
File: Jb7vDcie_UJCKl6ubERo-vSPhdM.roa (raw, json)
Hash identifier: rzBkBlhxInsJTMx872lL69MfqGgQ4rawhvvKTSKFolE=
Subject key identifier: 25:BE:EF:0D:C8:9E:FD:42:42:2A:5E:AE:6C:44:68:FA:F4:8F:85:D3
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018539C081E97ADB71C7213F99B7CBBDC063
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Jb7vDcie_UJCKl6ubERo-vSPhdM.roa
Signing time: Thu 22 Dec 2022 12:13:15 +0000
ROA not before: Thu 22 Dec 2022 12:13:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47498
IP address blocks: 185.1.147.0/24 maxlen: 24
2001:7f8:ca::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:c0:81:e9:7a:db:71:c7:21:3f:99:b7:cb:bd:c0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Dec 22 12:13:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25beef0dc89efd42422a5eae6c4468faf48f85d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:6d:7b:18:51:31:ad:f5:b8:ca:35:c6:41:03:
57:2f:f9:1f:50:b6:6c:90:7c:67:34:42:25:87:12:
3b:79:2a:7a:1b:e7:73:7e:b0:5b:d9:23:e4:82:fc:
b6:b7:fd:62:19:26:b6:e1:2e:14:27:a5:e9:a8:1b:
13:93:dd:cf:68:ef:e2:5f:b9:3f:5a:42:f4:6c:5e:
1d:2b:66:6e:f8:f6:92:cb:5b:51:fa:26:40:23:e8:
c1:41:a0:6a:a0:f9:73:3f:ba:c6:b3:11:74:cb:8b:
67:66:45:c1:aa:ca:cc:ae:57:16:3f:f0:ee:71:98:
ae:84:ec:d6:6b:11:f6:4c:d8:6b:51:33:ea:dd:6d:
03:77:a6:8c:6d:be:81:01:56:39:51:d4:4f:a8:15:
7e:ee:d6:c2:0a:3c:ec:ff:c6:6e:f1:ce:36:c2:b7:
e5:a7:a1:70:0b:d9:f0:44:72:56:70:1a:e2:fa:e5:
ee:16:1c:36:ce:41:2b:32:d4:75:7b:78:eb:81:b5:
30:89:15:97:20:b1:ea:e9:ce:55:4e:f8:aa:a0:13:
93:c9:a8:43:d6:1a:ca:1e:09:a4:6c:43:3c:36:1d:
36:3c:90:d4:f3:29:75:cd:a7:c4:23:a5:c8:b8:a4:
5e:92:30:72:4c:87:2b:33:b9:60:22:da:db:31:13:
61:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BE:EF:0D:C8:9E:FD:42:42:2A:5E:AE:6C:44:68:FA:F4:8F:85:D3
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Jb7vDcie_UJCKl6ubERo-vSPhdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.147.0/24
IPv6:
2001:7f8:ca::/48
Signature Algorithm: sha256WithRSAEncryption
1a:5f:51:07:d3:45:56:9a:34:6a:b1:66:a3:87:4e:a3:db:13:
52:f8:12:85:9f:1b:86:be:e1:83:56:ce:2f:3a:df:f9:44:d1:
cf:4b:fc:6b:de:0c:03:fe:38:4b:b4:37:b0:71:fe:10:3a:ae:
77:d4:bc:dc:a1:2b:77:f9:96:d8:20:dc:63:09:5b:3e:af:f8:
da:d0:5d:ef:22:14:a8:5c:d7:dd:94:7d:88:68:35:ef:c5:ec:
a2:fc:1e:64:2a:83:9c:07:c0:3b:e8:e8:68:4c:58:1e:b7:3d:
ff:3b:29:ee:f5:e1:08:ba:94:31:cd:f1:8d:a5:8b:76:25:a6:
78:15:31:65:1b:b5:1f:96:9d:63:f7:0a:cb:dd:e9:d3:31:2d:
3d:4b:c5:83:fc:6d:dd:3c:ba:7e:95:e9:89:35:e1:57:58:38:
74:aa:70:59:d7:89:2e:c6:f6:05:de:1e:55:b7:74:bf:80:25:
1b:2a:e7:1d:33:da:f0:d1:f1:a6:37:82:d1:70:15:51:29:6b:
2c:f3:4b:5e:f5:4a:a5:0b:69:8d:b4:76:e1:99:ea:0a:51:2d:
fa:c7:95:73:a6:bd:29:02:1a:fa:9a:da:08:ee:3a:c4:48:75:
46:ca:fc:9c:ec:ac:bc:59:3e:3f:5b:49:2f:09:07:8d:2e:39:
1d:03:b1:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYU5wIHpettxxyE/mbfLvcBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIxMjIyMTIxMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJlZWYwZGM4OWVmZDQyNDIyYTVlYWU2YzQ0NjhmYWY0OGY4NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6217GFExrfW4yjXGQQNXL/kfULZs
kHxnNEIlhxI7eSp6G+dzfrBb2SPkgvy2t/1iGSa24S4UJ6XpqBsTk93PaO/iX7k/
WkL0bF4dK2Zu+PaSy1tR+iZAI+jBQaBqoPlzP7rGsxF0y4tnZkXBqsrMrlcWP/Du
cZiuhOzWaxH2TNhrUTPq3W0Dd6aMbb6BAVY5UdRPqBV+7tbCCjzs/8Zu8c42wrfl
p6FwC9nwRHJWcBri+uXuFhw2zkErMtR1e3jrgbUwiRWXILHq6c5VTviqoBOTyahD
1hrKHgmkbEM8Nh02PJDU8yl1zafEI6XIuKRekjByTIcrM7lgItrbMRNhNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCW+7w3Inv1CQipermxEaPr0j4XTMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvSmI3dkRjaWVfVUpDS2w2dWJFUm8tdlNQaGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQGTMA8E
AgACMAkDBwAgAQf4AMowDQYJKoZIhvcNAQELBQADggEBABpfUQfTRVaaNGqxZqOH
TqPbE1L4EoWfG4a+4YNWzi863/lE0c9L/GveDAP+OEu0N7Bx/hA6rnfUvNyhK3f5
ltgg3GMJWz6v+NrQXe8iFKhc192UfYhoNe/F7KL8HmQqg5wHwDvo6GhMWB63Pf87
Ke714Qi6lDHN8Y2li3YlpngVMWUbtR+WnWP3Csvd6dMxLT1LxYP8bd08un6V6Yk1
4VdYOHSqcFnXiS7G9gXeHlW3dL+AJRsq5x0z2vDR8aY3gtFwFVEpayzzS171SqUL
aY20duGZ6gpRLfrHlXOmvSkCGvqa2gjuOsRIdUbK/JzsrLxZPj9bSS8JB40uOR0D
sSA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:55 2025 by rpki-client