Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/JftIzh7WXIDHne2PZfgMn9LwlCs.roa
File: JftIzh7WXIDHne2PZfgMn9LwlCs.roa (raw, json)
Hash identifier: fFRhwxlF96Q/sVL6hgzpAXhJEdeL4fYxRWQAxggsLIA=
Subject key identifier: 25:FB:48:CE:1E:D6:5C:80:C7:9D:ED:8F:65:F8:0C:9F:D2:F0:94:2B
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 1B621D21
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/JftIzh7WXIDHne2PZfgMn9LwlCs.roa
Signing time: Sat 01 Jan 2022 08:54:23 +0000
ROA not before: Sat 01 Jan 2022 08:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212391
IP address blocks: 2a04:2b00:14ee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459414817 (0x1b621d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 08:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25fb48ce1ed65c80c79ded8f65f80c9fd2f0942b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:95:52:14:28:59:85:1a:43:79:9a:41:1d:
e6:bc:87:2f:0f:c6:ca:af:8a:14:48:12:ea:80:66:
54:a3:00:81:3c:be:2a:99:50:31:7b:ca:ca:50:ea:
c1:3b:ac:54:b4:f8:6a:12:db:c1:87:8b:9d:8f:52:
21:b5:96:62:99:62:f3:c5:48:29:51:84:df:4b:7e:
eb:78:43:ff:3c:fa:87:33:d9:f5:b2:a2:28:6e:a5:
91:ca:4c:f8:22:83:3b:b1:ea:25:3c:6e:20:65:9e:
a9:a9:ee:dd:e1:2e:f5:d6:52:d0:0b:d6:4a:ff:77:
d5:85:d6:db:3a:92:06:61:fa:70:bb:c1:51:8d:6e:
8d:97:fe:6f:fc:74:3b:97:f7:df:79:53:29:7c:5c:
4b:7e:24:07:d4:73:bb:a3:b9:28:62:10:ca:48:c1:
aa:94:35:52:44:a2:40:e5:8b:f1:84:6f:98:81:5e:
de:8e:49:67:bf:d0:0e:7d:06:ac:33:2a:d5:60:68:
a8:ac:f0:f7:ff:15:d6:27:54:42:56:89:67:f0:ac:
9e:da:37:90:23:1e:85:fd:96:95:85:80:68:3c:89:
1e:58:52:7f:a0:3d:1c:96:de:8c:b9:92:8e:76:56:
bf:71:1a:61:37:92:1c:24:e9:77:68:29:75:10:48:
eb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FB:48:CE:1E:D6:5C:80:C7:9D:ED:8F:65:F8:0C:9F:D2:F0:94:2B
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/JftIzh7WXIDHne2PZfgMn9LwlCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14ee::/48
Signature Algorithm: sha256WithRSAEncryption
70:f1:79:34:12:0d:fe:c1:a5:89:57:57:28:83:b9:a6:0c:f6:
0a:84:84:f9:eb:4b:88:4b:e6:16:c9:79:81:65:3f:66:ef:9c:
b1:cb:f1:2c:fe:2a:33:93:69:91:fc:cc:a6:ec:fe:1a:27:49:
32:d1:81:cf:a6:5e:fa:db:46:02:56:f2:08:c4:22:41:57:cb:
fc:7d:b0:26:51:65:ab:6c:7e:cf:ea:27:f4:53:35:ee:bc:a6:
e7:bd:ee:df:49:63:ed:c5:cd:37:4d:4f:47:d8:f8:cc:c3:a8:
75:4b:71:38:23:09:54:5f:c5:ee:d6:a5:a8:2b:dc:90:1c:df:
85:07:8b:5b:3e:88:e1:b6:8c:1e:09:5d:df:fc:fe:28:9e:d3:
e4:7c:60:c6:a3:a9:46:a2:5b:1b:61:cf:5b:fe:5b:e2:61:e8:
9f:6d:2d:26:98:50:a3:33:15:03:5b:0f:13:3c:94:2c:b9:17:
66:80:20:59:cd:cd:fc:e2:4b:65:a7:6e:06:72:25:fb:37:81:
38:79:93:c8:79:10:76:0c:1e:2e:14:37:67:15:12:6f:4e:3b:
d8:7a:3e:ac:f0:9a:5f:ce:7f:b2:fe:5d:96:6e:91:ea:6a:f7:
3d:b8:6c:97:aa:52:cc:b1:5f:f0:94:38:b9:5e:6a:2d:a8:ec:
d8:be:f3:98
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEG2IdITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzc2YWZiNzRmYWQ1YmFmMGE2MTgwYjQ5NTEwZDhiODQ5N2RmOGQzMB4XDTIyMDEw
MTA4NTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVmYjQ4Y2UxZWQ2
NWM4MGM3OWRlZDhmNjVmODBjOWZkMmYwOTQyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJj2lVIUKFmFGkN5mkEd5ryHLw/Gyq+KFEgS6oBmVKMAgTy+
KplQMXvKylDqwTusVLT4ahLbwYeLnY9SIbWWYpli88VIKVGE30t+63hD/zz6hzPZ
9bKiKG6lkcpM+CKDO7HqJTxuIGWeqanu3eEu9dZS0AvWSv931YXW2zqSBmH6cLvB
UY1ujZf+b/x0O5f333lTKXxcS34kB9Rzu6O5KGIQykjBqpQ1UkSiQOWL8YRvmIFe
3o5JZ7/QDn0GrDMq1WBoqKzw9/8V1idUQlaJZ/Csnto3kCMehf2WlYWAaDyJHlhS
f6A9HJbejLmSjnZWv3EaYTeSHCTpd2gpdRBI658CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQl+0jOHtZcgMed7Y9l+Ayf0vCUKzAfBgNVHSMEGDAWgBRHdq+3T61brwph
gLSVENi4SX340zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1IzYXZ0MC10VzY4S1lZQzBsUkRZdUVsOS1OTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8x
L0pmdEl6aDdXWElESG5lMlBaZmdNbjlMd2xDcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8xL1IzYXZ0MC10VzY4
S1lZQzBsUkRZdUVsOS1OTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEKwAU7jANBgkqhkiG9w0BAQsF
AAOCAQEAcPF5NBIN/sGliVdXKIO5pgz2CoSE+etLiEvmFsl5gWU/Zu+cscvxLP4q
M5NpkfzMpuz+GidJMtGBz6Ze+ttGAlbyCMQiQVfL/H2wJlFlq2x+z+on9FM17rym
573u30lj7cXNN01PR9j4zMOodUtxOCMJVF/F7talqCvckBzfhQeLWz6I4baMHgld
3/z+KJ7T5HxgxqOpRqJbG2HPW/5b4mHon20tJphQozMVA1sPEzyULLkXZoAgWc3N
/OJLZaduBnIl+zeBOHmTyHkQdgweLhQ3ZxUSb0472Ho+rPCaX85/sv5dlm6R6mr3
Pbhsl6pSzLFf8JQ4uV5qLajs2L7zmA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:07 2025 by rpki-client