Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/Jbtr4lCLCvOsVcpxRgxxAoE8KDs.roa
File: Jbtr4lCLCvOsVcpxRgxxAoE8KDs.roa (raw, json)
Hash identifier: 0MeA3KL6oOon8QkTPtJqhnlfvlvLCfYC0f6zRZrEiUk=
Subject key identifier: 25:BB:6B:E2:50:8B:0A:F3:AC:55:CA:71:46:0C:71:02:81:3C:28:3B
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01865F467059ADA3DFB3F36C314B3567EFDA
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/Jbtr4lCLCvOsVcpxRgxxAoE8KDs.roa
Signing time: Fri 17 Feb 2023 12:08:17 +0000
ROA not before: Fri 17 Feb 2023 12:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 2001:678:20::/48 maxlen: 48
2a02:850:ffe2::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:46:70:59:ad:a3:df:b3:f3:6c:31:4b:35:67:ef:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 17 12:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25bb6be2508b0af3ac55ca71460c7102813c283b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0e:52:76:6a:a9:4c:0b:4b:4d:9e:bb:02:b5:
14:9b:0d:8e:2b:c7:d4:11:53:da:a4:51:b6:bf:58:
55:57:cc:2a:61:ed:a9:5a:24:f6:25:f1:c9:5e:24:
6c:a8:de:db:f8:22:cb:31:54:19:92:2f:65:c3:59:
63:13:63:39:4b:7a:f6:3d:d1:ff:60:e9:48:c0:a8:
3b:ae:8d:f2:23:a3:77:d2:30:9a:b2:21:8d:b5:d1:
57:4a:d0:d7:c3:f7:46:02:df:b1:70:af:65:54:8f:
38:97:fe:e4:3d:6a:6c:8a:84:f7:62:cb:ec:64:c9:
d2:7e:79:2d:2d:a5:11:9a:95:26:f9:09:1e:aa:4f:
ca:03:e7:3c:67:07:b2:91:dc:0c:32:37:57:2d:ac:
ce:92:4e:3c:db:fd:5b:f4:98:af:80:61:a9:bf:34:
72:42:be:8e:6d:cc:98:34:37:1d:d7:b1:3f:4f:7a:
b9:50:7b:d3:05:dd:d8:09:a0:6b:50:7c:6b:23:b6:
7a:fe:3f:59:e1:0e:12:e0:cc:85:32:dc:25:6d:5a:
2d:bb:fe:bc:5a:64:32:68:3f:1f:45:c0:62:2e:1f:
3d:c8:ec:7e:7d:b6:a6:89:83:a3:f4:ba:de:69:50:
4c:03:94:41:53:79:74:a7:62:72:08:f3:1d:5a:17:
c8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BB:6B:E2:50:8B:0A:F3:AC:55:CA:71:46:0C:71:02:81:3C:28:3B
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/Jbtr4lCLCvOsVcpxRgxxAoE8KDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
a2:aa:37:7f:41:2c:67:1e:38:82:ef:d3:e5:3b:b5:09:39:e0:
a3:79:af:85:c3:0c:7b:f2:bf:27:2d:7f:82:67:b8:7e:3e:6a:
72:e3:0f:ed:59:a1:be:ce:9b:65:a7:44:90:49:bd:5c:56:e1:
84:46:94:3b:b6:6e:3c:b7:11:8b:1b:e8:df:31:cd:85:40:54:
db:12:c3:74:8a:33:fa:05:a9:93:e4:0d:e7:cc:fb:a6:12:4a:
86:bc:e3:d5:84:97:3c:6f:38:10:50:51:51:51:07:60:71:ae:
57:33:3f:db:1a:27:11:23:18:77:b4:c0:ec:98:a3:45:61:ff:
5d:81:e0:75:75:66:0b:f6:f5:d8:3d:e7:95:cf:0d:5c:63:fd:
a3:f1:f9:37:b4:f3:b6:89:55:f3:35:a9:07:29:f7:f4:de:6d:
a8:2c:73:5f:b2:74:e0:28:bb:27:41:a0:09:1e:07:80:a1:ee:
f5:90:8e:b4:13:4f:86:e3:e9:f4:2c:07:93:67:e3:02:60:ef:
88:90:b0:4f:e7:6f:56:0e:9d:c9:13:f4:7e:17:6f:07:f6:c1:
49:56:66:f4:5f:c7:ab:51:17:1e:fe:a2:27:bd:ec:57:95:d3:
83:56:3c:76:37:57:b8:64:c1:fa:06:5a:15:9e:bf:94:5b:85:
58:dc:a1:91
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZfRnBZraPfs/NsMUs1Z+/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjE3MTIwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJiNmJlMjUwOGIwYWYzYWM1NWNhNzE0NjBjNzEwMjgxM2MyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA5SdmqpTAtLTZ67ArUUmw2OK8fU
EVPapFG2v1hVV8wqYe2pWiT2JfHJXiRsqN7b+CLLMVQZki9lw1ljE2M5S3r2PdH/
YOlIwKg7ro3yI6N30jCasiGNtdFXStDXw/dGAt+xcK9lVI84l/7kPWpsioT3Ysvs
ZMnSfnktLaURmpUm+Qkeqk/KA+c8ZweykdwMMjdXLazOkk482/1b9JivgGGpvzRy
Qr6ObcyYNDcd17E/T3q5UHvTBd3YCaBrUHxrI7Z6/j9Z4Q4S4MyFMtwlbVotu/68
WmQyaD8fRcBiLh89yOx+fbamiYOj9LreaVBMA5RBU3l0p2JyCPMdWhfICwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCW7a+JQiwrzrFXKcUYMcQKBPCg7MB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvSmJ0cjRsQ0xDdk9zVmNweFJneHhBb0U4S0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeAAg
AwcAIAEGfAG8AwcDKgIIUP/gMA0GCSqGSIb3DQEBCwUAA4IBAQCiqjd/QSxnHjiC
79PlO7UJOeCjea+Fwwx78r8nLX+CZ7h+Pmpy4w/tWaG+zptlp0SQSb1cVuGERpQ7
tm48txGLG+jfMc2FQFTbEsN0ijP6BamT5A3nzPumEkqGvOPVhJc8bzgQUFFRUQdg
ca5XMz/bGicRIxh3tMDsmKNFYf9dgeB1dWYL9vXYPeeVzw1cY/2j8fk3tPO2iVXz
NakHKff03m2oLHNfsnTgKLsnQaAJHgeAoe71kI60E0+G4+n0LAeTZ+MCYO+IkLBP
529WDp3JE/R+F28H9sFJVmb0X8erURce/qInvexXldODVjx2N1e4ZMH6BloVnr+U
W4VY3KGR
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:07:19 2025 by rpki-client