Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/JseVCoAKC9YEWlZkJF6tVad3EvI.roa
File: JseVCoAKC9YEWlZkJF6tVad3EvI.roa (raw, json)
Hash identifier: QMhB/DWWmR1ZZqzSk5GeE2o26MKOFLUyc+qEh4pvv3s=
Subject key identifier: 26:C7:95:0A:80:0A:0B:D6:04:5A:56:64:24:5E:AD:55:A7:77:12:F2
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E58A413C57F3B635A8FAC9790D584
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/JseVCoAKC9YEWlZkJF6tVad3EvI.roa
Signing time: Mon 02 Jan 2023 06:14:52 +0000
ROA not before: Mon 02 Jan 2023 06:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206368
IP address blocks: 2a0c:b641:710::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:58:a4:13:c5:7f:3b:63:5a:8f:ac:97:90:d5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26c7950a800a0bd6045a5664245ead55a77712f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:99:13:43:da:63:b4:4b:aa:7e:f8:3f:4e:4f:
24:d3:cc:39:6d:aa:f6:06:ee:b0:6c:78:50:bb:23:
5c:13:0e:68:84:a8:d6:f4:4d:2f:c7:57:66:94:c5:
4b:71:b4:ae:db:95:19:c5:fe:97:48:19:ed:eb:4f:
e4:4c:69:5e:4e:d0:9e:e9:43:4d:54:d7:00:75:4f:
b1:c7:3e:59:91:3a:53:be:0a:76:ef:c9:c3:31:ea:
2b:c6:89:33:37:5f:1a:61:04:54:61:ec:dd:84:6f:
95:d6:c8:0e:04:6f:16:e0:7c:ff:29:f9:95:4e:e0:
8c:54:dd:4a:19:27:52:6e:89:b9:c8:6f:d7:c9:6e:
99:3e:ee:10:26:38:34:2f:b9:f7:be:3c:d7:f5:af:
a2:07:d6:74:45:33:e5:39:76:70:e1:f7:6d:32:16:
7b:8f:e2:c3:bf:1a:9e:09:3d:ae:74:3f:c7:f2:f6:
43:f0:b7:d5:07:79:79:37:fa:f0:47:f8:ea:27:37:
77:4d:b7:40:68:d7:f2:0a:4a:49:d0:55:b2:79:bb:
95:57:31:3c:64:2b:62:8f:56:be:46:bc:82:56:61:
12:8f:2a:11:cc:a3:c4:58:36:6f:db:5f:8b:e1:8e:
b9:b8:cc:06:2c:b3:7b:85:12:fe:bd:05:76:3c:a8:
5f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C7:95:0A:80:0A:0B:D6:04:5A:56:64:24:5E:AD:55:A7:77:12:F2
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/JseVCoAKC9YEWlZkJF6tVad3EvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:710::/44
Signature Algorithm: sha256WithRSAEncryption
6f:43:0e:51:7e:f8:b7:40:24:b1:a8:18:d7:0e:2d:1d:b6:08:
06:f2:4b:f7:a9:8c:4c:7f:c3:c0:64:17:3a:39:81:cd:e8:b7:
3b:ed:08:0a:c8:a3:ea:e6:a5:17:b8:0f:c6:6e:55:32:64:54:
fb:cf:21:90:30:ee:5a:2e:e1:01:c2:7e:28:78:45:92:f1:c3:
23:20:e2:7a:e4:cb:1a:21:9c:b4:af:14:ee:99:30:00:ca:50:
51:2c:94:e4:db:15:27:d0:e4:b2:cc:3a:33:67:9b:af:24:95:
3c:a6:d9:b3:b4:66:91:2f:08:03:34:38:78:35:41:9b:4e:26:
ad:a5:b3:8e:55:d6:d9:5e:a2:5a:a8:04:b1:c8:89:82:0f:5e:
51:f7:5d:5f:be:bf:cb:eb:ae:ad:c9:5a:1a:7a:ec:ba:8e:5c:
7e:d5:14:0a:bf:59:c8:93:62:03:37:60:8a:d8:2d:f6:ff:ff:
d0:86:9d:5b:f3:f0:8c:73:82:75:49:d3:94:0f:58:1d:b9:2d:
4c:fb:74:77:83:04:79:ae:e3:51:b9:a5:9c:58:a7:28:c2:04:
54:8f:72:41:bb:37:c3:81:2e:2d:72:d8:37:66:ad:06:be:35:
1f:96:3b:be:69:a9:a6:98:47:b9:2c:69:28:d6:be:13:65:da:
e8:cf:d4:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHlikE8V/O2Naj6yXkNWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM3OTUwYTgwMGEwYmQ2MDQ1YTU2NjQyNDVlYWQ1NWE3NzcxMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJkTQ9pjtEuqfvg/Tk8k08w5bar2
Bu6wbHhQuyNcEw5ohKjW9E0vx1dmlMVLcbSu25UZxf6XSBnt60/kTGleTtCe6UNN
VNcAdU+xxz5ZkTpTvgp278nDMeorxokzN18aYQRUYezdhG+V1sgOBG8W4Hz/KfmV
TuCMVN1KGSdSbom5yG/XyW6ZPu4QJjg0L7n3vjzX9a+iB9Z0RTPlOXZw4fdtMhZ7
j+LDvxqeCT2udD/H8vZD8LfVB3l5N/rwR/jqJzd3TbdAaNfyCkpJ0FWyebuVVzE8
ZCtij1a+RryCVmESjyoRzKPEWDZv21+L4Y65uMwGLLN7hRL+vQV2PKhfdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCbHlQqACgvWBFpWZCRerVWndxLyMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvSnNlVkNvQUtDOVlFV2xaa0pGNnRWYWQzRXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBvQw5Rfvi3QCSxqBjXDi0dtggG8kv3qYxMf8PA
ZBc6OYHN6Lc77QgKyKPq5qUXuA/GblUyZFT7zyGQMO5aLuEBwn4oeEWS8cMjIOJ6
5MsaIZy0rxTumTAAylBRLJTk2xUn0OSyzDozZ5uvJJU8ptmztGaRLwgDNDh4NUGb
TiatpbOOVdbZXqJaqASxyImCD15R911fvr/L666tyVoaeuy6jlx+1RQKv1nIk2ID
N2CK2C32///Qhp1b8/CMc4J1SdOUD1gduS1M+3R3gwR5ruNRuaWcWKcowgRUj3JB
uzfDgS4tctg3Zq0GvjUflju+aammmEe5LGko1r4TZdroz9Rk
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:57:56 2025 by rpki-client