Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/6uKvGaOU7vimTTAAkDAD0iG8cvw.roa
File: 6uKvGaOU7vimTTAAkDAD0iG8cvw.roa (raw, json)
Hash identifier: HGBrXw+l+0BsIeeyvAV2SljOCytB3Br2nLIUlIkTOp8=
Subject key identifier: EA:E2:AF:19:A3:94:EE:F8:A6:4D:30:00:90:30:03:D2:21:BC:72:FC
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0183418D809FEB7E1364102B7A2B09477F03
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/6uKvGaOU7vimTTAAkDAD0iG8cvw.roa
Signing time: Thu 15 Sep 2022 14:28:56 +0000
ROA not before: Thu 15 Sep 2022 14:28:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 2a05:88c5::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a10:3300::/29 maxlen: 29
2a05:88c2::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:8d:80:9f:eb:7e:13:64:10:2b:7a:2b:09:47:7f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Sep 15 14:28:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eae2af19a394eef8a64d3000903003d221bc72fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:52:51:c7:29:c3:91:5c:42:5e:8a:87:84:1b:
b9:10:58:c5:0e:0f:bb:95:9e:43:74:f3:89:f9:1e:
08:f8:ae:16:81:93:61:90:f6:08:1d:25:18:c4:6f:
4b:73:5c:a4:6f:6c:f1:25:a2:9a:11:3e:e5:48:d7:
01:85:1e:a2:27:e1:92:d9:b7:e8:1e:39:54:23:f7:
9e:79:70:69:36:cf:64:eb:bd:04:6d:b7:51:b8:fd:
f3:3e:6c:e2:48:4a:fc:dd:bd:f0:83:6c:e0:e7:5e:
cc:6a:26:bf:21:9b:f3:24:0d:3f:3e:78:35:f2:92:
85:70:4c:e5:96:71:27:30:7a:f8:bd:3c:cd:96:e0:
0f:69:59:07:07:9f:92:23:77:52:18:3d:b0:fa:9a:
8d:a7:9d:e5:eb:3a:36:b8:a7:e4:2e:d2:30:82:37:
f5:f9:a5:d4:83:9f:64:bc:85:bd:2e:d9:7a:26:f9:
f6:05:c0:2a:ab:b5:b1:a3:a9:8a:57:64:5c:db:2d:
8e:8e:04:ba:37:23:f7:8f:c9:0c:cb:73:b7:41:7e:
0c:aa:4c:48:e9:14:74:7c:d2:4d:1c:7e:9f:bd:27:
66:72:a8:f8:4e:9d:da:ef:91:1d:c1:84:cb:9a:5f:
90:99:25:25:de:71:84:57:de:e0:9e:9e:c0:c0:79:
20:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E2:AF:19:A3:94:EE:F8:A6:4D:30:00:90:30:03:D2:21:BC:72:FC
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/6uKvGaOU7vimTTAAkDAD0iG8cvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:88c0::/29
2a10:3300::/29
Signature Algorithm: sha256WithRSAEncryption
43:1b:b7:d7:7b:a5:85:54:b4:f6:27:c0:6f:b9:d5:cb:a6:34:
49:4c:60:7e:3d:ae:92:b8:ce:0d:96:f5:8a:81:49:d6:c1:df:
3a:78:a3:8d:41:23:c3:5e:2f:0b:33:69:94:8c:58:f2:82:e4:
1f:5d:68:c2:06:ca:66:19:df:b1:0e:f5:09:7e:79:07:0e:5b:
b5:d6:64:e1:5c:d4:5c:d0:96:a2:79:c2:32:4f:81:c7:c2:a7:
fa:55:1d:71:f8:08:da:a6:70:23:b6:c3:f0:d3:cf:22:20:0f:
f9:69:d9:ce:04:e0:63:93:16:ec:8b:4d:67:89:75:14:68:a8:
b1:92:f2:6f:9b:89:a9:11:60:61:80:bf:45:6f:ce:4b:56:e1:
d1:95:55:38:fc:7c:51:78:8f:c8:76:30:17:fb:0f:16:cf:06:
2f:5e:cd:4a:dd:31:1b:de:56:87:0f:0a:a1:a1:35:1c:33:80:
76:f1:27:7b:13:e7:41:db:34:7c:85:21:7c:0d:73:14:4d:7f:
97:9e:1a:de:10:79:9f:0d:00:19:91:1d:30:7c:96:41:e3:51:
fe:04:4f:d5:6c:f4:fe:b0:6e:a4:d6:0c:d6:8d:73:c5:b1:98:
d5:2b:a2:34:b4:8d:63:d6:5d:f5:cf:87:5d:f9:5b:82:6d:bc:
4e:e0:cf:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYNBjYCf634TZBAreisJR38DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjIwOTE1MTQyODU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWUyYWYxOWEzOTRlZWY4YTY0ZDMwMDA5MDMwMDNkMjIxYmM3MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlJRxynDkVxCXoqHhBu5EFjFDg+7
lZ5DdPOJ+R4I+K4WgZNhkPYIHSUYxG9Lc1ykb2zxJaKaET7lSNcBhR6iJ+GS2bfo
HjlUI/eeeXBpNs9k670EbbdRuP3zPmziSEr83b3wg2zg517Maia/IZvzJA0/Png1
8pKFcEzllnEnMHr4vTzNluAPaVkHB5+SI3dSGD2w+pqNp53l6zo2uKfkLtIwgjf1
+aXUg59kvIW9Ltl6Jvn2BcAqq7Wxo6mKV2Rc2y2OjgS6NyP3j8kMy3O3QX4MqkxI
6RR0fNJNHH6fvSdmcqj4Tp3a75EdwYTLml+QmSUl3nGEV97gnp7AwHkglQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOrirxmjlO74pk0wAJAwA9IhvHL8MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvNnVLdkdhT1U3dmltVFRBQWtEQUQwaUc4Y3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgWIwAMF
AyoQMwAwDQYJKoZIhvcNAQELBQADggEBAEMbt9d7pYVUtPYnwG+51cumNElMYH49
rpK4zg2W9YqBSdbB3zp4o41BI8NeLwszaZSMWPKC5B9daMIGymYZ37EO9Ql+eQcO
W7XWZOFc1FzQlqJ5wjJPgcfCp/pVHXH4CNqmcCO2w/DTzyIgD/lp2c4E4GOTFuyL
TWeJdRRoqLGS8m+biakRYGGAv0VvzktW4dGVVTj8fFF4j8h2MBf7DxbPBi9ezUrd
MRveVocPCqGhNRwzgHbxJ3sT50HbNHyFIXwNcxRNf5eeGt4QeZ8NABmRHTB8lkHj
Uf4ET9Vs9P6wbqTWDNaNc8WxmNUrojS0jWPWXfXPh135W4JtvE7gzzM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:14 2025 by rpki-client