Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/dJ5IVtFZbsldtCRP28QtOiYV6IY.roa
File: dJ5IVtFZbsldtCRP28QtOiYV6IY.roa (raw, json)
Hash identifier: +AIOQa1K21+EfHbAzR19jPTJQZ+RednN7fSe/K9Hfyk=
Subject key identifier: 74:9E:48:56:D1:59:6E:C9:5D:B4:24:4F:DB:C4:2D:3A:26:15:E8:86
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 09FF9C20
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/dJ5IVtFZbsldtCRP28QtOiYV6IY.roa
Signing time: Sat 01 Jan 2022 11:56:02 +0000
ROA not before: Sat 01 Jan 2022 11:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210107
IP address blocks: 2a05:88c5::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167746592 (0x9ff9c20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 1 11:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=749e4856d1596ec95db4244fdbc42d3a2615e886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:41:72:fa:42:92:57:84:6d:65:4e:d9:36:73:
f5:81:a6:c3:43:b2:df:8f:95:85:87:c4:ea:04:c0:
ce:f6:5f:02:d6:8e:e6:69:08:8a:ea:00:41:87:1d:
c6:ec:c6:1b:06:ce:93:98:74:38:04:2c:4f:2a:62:
5b:c6:a2:ad:85:76:86:f3:51:e4:3c:19:36:34:10:
e7:dc:f7:bf:8e:5b:a4:c2:51:6a:e4:ba:63:15:5c:
39:69:11:0d:80:e4:d5:a5:ab:49:54:98:94:39:49:
a3:5c:09:8c:5c:26:ad:03:8c:57:ca:e9:75:91:86:
3e:9b:27:ff:43:c2:de:d9:59:dc:12:77:5a:dc:77:
ad:4f:38:21:74:2b:0f:d0:db:f7:78:d6:65:7b:c4:
8f:ca:9e:60:7f:6d:0f:76:d0:22:f1:5d:74:be:19:
08:f8:bf:8e:e7:ff:aa:22:f4:7d:04:ec:61:c6:2f:
1a:fa:ee:8c:5a:ba:8a:da:01:8c:67:5a:bf:43:16:
fe:1a:5d:54:f5:38:16:14:07:10:9f:5b:24:13:13:
cb:70:55:62:91:68:e6:9c:77:a5:94:06:a9:69:7a:
96:ee:0f:19:c8:96:42:51:7c:8c:2f:1d:67:74:87:
94:46:a3:34:ea:fe:63:d6:3d:ea:29:94:56:8b:a9:
0d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9E:48:56:D1:59:6E:C9:5D:B4:24:4F:DB:C4:2D:3A:26:15:E8:86
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/dJ5IVtFZbsldtCRP28QtOiYV6IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
c4:0b:19:81:a5:11:2a:ca:20:ce:49:33:7c:41:5f:69:84:ac:
b1:cd:70:93:15:ae:47:26:48:cd:38:63:20:c1:b0:4a:07:5a:
83:68:84:3c:cf:da:e4:a4:32:05:d2:8e:af:42:ae:b9:c8:d0:
bd:f8:53:05:a5:5c:19:f4:eb:66:97:f8:77:d8:96:17:2e:a6:
74:64:b0:9b:29:cc:82:10:67:6c:e9:4d:a2:07:a1:fb:44:bf:
fd:08:4c:c4:d8:21:ed:fb:06:b5:84:a2:15:02:f4:29:52:43:
6b:53:73:af:b6:f4:8c:1f:38:7b:bb:9e:c3:37:ba:10:18:06:
1a:80:f0:9c:96:e7:2a:ed:f4:98:a1:ec:ff:ae:30:20:3d:9a:
7d:1a:40:4f:b8:fb:8f:60:61:fd:62:eb:20:19:90:27:33:6d:
9a:2a:f0:6f:69:d4:9b:45:c5:b0:f3:15:c7:0e:7c:9a:23:29:
79:81:17:41:83:2f:31:1e:b9:c6:a8:78:17:28:90:b3:94:b3:
d7:eb:f1:b8:fa:37:43:1c:1c:aa:57:f7:0b:1a:83:0f:16:9c:
8e:5d:06:94:dd:cf:91:d8:0d:a4:a0:d3:a9:d4:b6:1f:bd:9a:
c4:c3:99:aa:92:6c:79:be:41:18:c6:c2:0f:1c:8a:17:63:1d:
61:c9:23:65
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECf+cIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDEw
MTExNTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ5ZTQ4NTZkMTU5
NmVjOTVkYjQyNDRmZGJjNDJkM2EyNjE1ZTg4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPpBcvpCkleEbWVO2TZz9YGmw0Oy34+VhYfE6gTAzvZfAtaO
5mkIiuoAQYcdxuzGGwbOk5h0OAQsTypiW8airYV2hvNR5DwZNjQQ59z3v45bpMJR
auS6YxVcOWkRDYDk1aWrSVSYlDlJo1wJjFwmrQOMV8rpdZGGPpsn/0PC3tlZ3BJ3
Wtx3rU84IXQrD9Db93jWZXvEj8qeYH9tD3bQIvFddL4ZCPi/juf/qiL0fQTsYcYv
GvrujFq6itoBjGdav0MW/hpdVPU4FhQHEJ9bJBMTy3BVYpFo5px3pZQGqWl6lu4P
GciWQlF8jC8dZ3SHlEajNOr+Y9Y96imUVoupDRsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBR0nkhW0VluyV20JE/bxC06JhXohjAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L2RKNUlWdEZaYnNsZHRDUlAyOFF0T2lZVjZJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoFiMAwDQYJKoZIhvcNAQELBQAD
ggEBAMQLGYGlESrKIM5JM3xBX2mErLHNcJMVrkcmSM04YyDBsEoHWoNohDzP2uSk
MgXSjq9CrrnI0L34UwWlXBn062aX+HfYlhcupnRksJspzIIQZ2zpTaIHoftEv/0I
TMTYIe37BrWEohUC9ClSQ2tTc6+29IwfOHu7nsM3uhAYBhqA8JyW5yrt9Jih7P+u
MCA9mn0aQE+4+49gYf1i6yAZkCczbZoq8G9p1JtFxbDzFccOfJojKXmBF0GDLzEe
ucaoeBcokLOUs9fr8bj6N0McHKpX9wsagw8WnI5dBpTdz5HYDaSg06nUth+9msTD
maqSbHm+QRjGwg8cihdjHWHJI2U=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:52:07 2025 by rpki-client