Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/g95qPC2iRyu5Cwy_KJ3rqmc__Ow.roa
File: g95qPC2iRyu5Cwy_KJ3rqmc__Ow.roa (raw, json)
Hash identifier: vQs+b/jOvcfWA7bkUjVGYpKeDjnMjfzyABomHt5qGz0=
Subject key identifier: 83:DE:6A:3C:2D:A2:47:2B:B9:0B:0C:BF:28:9D:EB:AA:67:3F:FC:EC
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01857169E676B4EB48304BF494EE7DD07D64
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/g95qPC2iRyu5Cwy_KJ3rqmc__Ow.roa
Signing time: Mon 02 Jan 2023 07:37:23 +0000
ROA not before: Mon 02 Jan 2023 07:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 2a05:88c5::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:e6:76:b4:eb:48:30:4b:f4:94:ee:7d:d0:7d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 07:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83de6a3c2da2472bb90b0cbf289debaa673ffcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:82:e6:dc:ad:8c:b3:19:d8:56:24:43:ea:6e:
8c:cc:af:5a:ad:de:82:a2:f4:02:21:6e:f3:ef:87:
d7:5d:8e:eb:97:c3:f6:e7:b8:93:f7:66:15:a4:20:
2a:52:bf:93:28:78:81:db:d2:ef:7c:af:7d:e7:7f:
8e:c5:6e:b1:07:e2:e9:98:e0:b8:95:34:d5:72:d1:
ef:05:af:dd:f3:1d:50:56:98:8c:b6:16:48:93:eb:
35:36:2d:a0:17:b4:fc:28:ea:a6:8b:cf:c2:2c:dd:
5c:31:b6:4c:a0:e4:b4:be:d9:78:3e:fe:86:24:3c:
fd:ef:ea:bc:79:3d:82:7d:56:02:dc:5b:25:5d:7e:
ce:10:70:36:44:30:12:92:90:8c:d1:aa:91:ee:13:
af:ca:2e:11:91:9d:67:e3:27:c3:26:e5:1f:7a:66:
08:63:80:b4:28:3a:c4:86:f7:aa:54:d1:af:a1:e3:
71:1c:38:93:36:0a:2d:8b:4b:19:df:20:85:05:1d:
d2:27:55:d6:f3:f5:ee:af:05:4a:c8:97:65:56:db:
dc:7f:87:4c:d8:6a:68:c5:fc:5b:b8:b0:80:d7:0d:
fc:d4:27:c5:1a:81:00:8c:56:44:9e:f9:c2:aa:a3:
ff:98:c9:c4:ba:98:76:b3:2e:07:21:e7:68:b7:71:
d3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DE:6A:3C:2D:A2:47:2B:B9:0B:0C:BF:28:9D:EB:AA:67:3F:FC:EC
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/g95qPC2iRyu5Cwy_KJ3rqmc__Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:88c0::/29
2a10:3300::/29
Signature Algorithm: sha256WithRSAEncryption
39:04:08:85:1c:36:7c:06:26:d4:bc:39:c8:93:97:4f:43:38:
7f:15:12:eb:04:48:47:2c:e3:9f:0c:f5:fa:8a:a2:cb:c5:d7:
5d:2c:36:2b:98:f8:44:f9:e9:fd:6b:00:eb:94:ac:ad:dc:9f:
4e:d5:38:08:d9:94:55:8a:e9:d6:07:e9:88:4f:3a:c9:10:38:
fa:0d:14:de:25:9a:d3:c1:88:b4:5b:2b:f2:c1:c4:5d:56:8a:
38:9a:ec:4f:55:23:72:2a:b4:bb:17:6f:67:6f:df:fe:f1:40:
70:e0:f2:48:4b:ec:84:33:08:dd:18:b3:d8:75:75:7e:07:34:
3b:62:df:05:cb:5b:ca:5c:a2:7b:92:6c:1e:0b:06:58:d3:88:
5f:aa:c5:81:19:34:f4:f1:10:e9:8b:a1:e9:6d:a8:a4:83:f3:
f7:84:5c:8e:df:da:ab:b1:ee:7a:c5:36:0b:a1:ea:75:62:4c:
b9:9b:8b:f8:8b:a2:7d:d1:76:27:11:3b:0d:59:b7:04:9b:b3:
ab:66:d0:7f:c2:04:68:94:83:9b:0f:5c:2e:41:a0:5c:95:d9:
ea:42:9e:6c:18:02:fc:b1:bc:89:38:37:cb:66:29:3f:11:f9:
4b:dc:b6:9e:94:54:be:e3:71:7a:5c:d5:66:3a:00:25:24:33:
46:82:1d:4a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxaeZ2tOtIMEv0lO590H1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwMTAyMDczNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RlNmEzYzJkYTI0NzJiYjkwYjBjYmYyODlkZWJhYTY3M2ZmY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4Lm3K2MsxnYViRD6m6MzK9ard6C
ovQCIW7z74fXXY7rl8P257iT92YVpCAqUr+TKHiB29LvfK9953+OxW6xB+LpmOC4
lTTVctHvBa/d8x1QVpiMthZIk+s1Ni2gF7T8KOqmi8/CLN1cMbZMoOS0vtl4Pv6G
JDz97+q8eT2CfVYC3FslXX7OEHA2RDASkpCM0aqR7hOvyi4RkZ1n4yfDJuUfemYI
Y4C0KDrEhveqVNGvoeNxHDiTNgoti0sZ3yCFBR3SJ1XW8/XurwVKyJdlVtvcf4dM
2GpoxfxbuLCA1w381CfFGoEAjFZEnvnCqqP/mMnEuph2sy4HIedot3HTpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIPeajwtokcruQsMvyid66pnP/zsMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvZzk1cVBDMmlSeXU1Q3d5X0tKM3JxbWNfX093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgWIwAMF
AyoQMwAwDQYJKoZIhvcNAQELBQADggEBADkECIUcNnwGJtS8OciTl09DOH8VEusE
SEcs458M9fqKosvF110sNiuY+ET56f1rAOuUrK3cn07VOAjZlFWK6dYH6YhPOskQ
OPoNFN4lmtPBiLRbK/LBxF1Wijia7E9VI3IqtLsXb2dv3/7xQHDg8khL7IQzCN0Y
s9h1dX4HNDti3wXLW8pconuSbB4LBljTiF+qxYEZNPTxEOmLoeltqKSD8/eEXI7f
2qux7nrFNguh6nViTLmbi/iLon3RdicROw1ZtwSbs6tm0H/CBGiUg5sPXC5BoFyV
2epCnmwYAvyxvIk4N8tmKT8R+Uvctp6UVL7jcXpc1WY6ACUkM0aCHUo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:31:21 2025 by rpki-client