Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/qJvsDgXKbytoA4PVAPqVFJIwxYA.roa
File: qJvsDgXKbytoA4PVAPqVFJIwxYA.roa (raw, json)
Hash identifier: BsQ2WV/JVxONwHjq0xBLPBygkTEMPGrQbU4Put7NSRw=
Subject key identifier: A8:9B:EC:0E:05:CA:6F:2B:68:03:83:D5:00:FA:95:14:92:30:C5:80
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018571C300EFF827D4225178F97F28164892
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/qJvsDgXKbytoA4PVAPqVFJIwxYA.roa
Signing time: Mon 02 Jan 2023 09:14:43 +0000
ROA not before: Mon 02 Jan 2023 09:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59550
IP address blocks: 2a00:1ca8:3f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:00:ef:f8:27:d4:22:51:78:f9:7f:28:16:48:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 2 09:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a89bec0e05ca6f2b680383d500fa95149230c580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:fd:b6:80:a5:1a:bd:7a:07:c2:74:b9:c2:
34:3f:ec:3d:fe:71:9f:8e:13:ed:44:01:05:56:b8:
3e:4f:f6:0a:a2:6e:26:b0:93:4d:d5:c7:49:6d:db:
2e:d8:31:8f:03:44:6f:a5:90:5a:90:1a:14:42:18:
72:32:73:bc:2c:00:08:92:b3:88:9d:46:36:1c:b9:
21:25:55:6e:ca:c9:ed:b1:84:91:f5:5a:52:70:e7:
e1:80:10:19:8d:97:9f:4a:d5:6d:3a:08:30:e6:74:
e4:92:24:6e:4f:77:16:1e:b5:6a:8b:54:92:1b:03:
14:76:94:30:8d:99:2c:2d:1f:78:27:eb:99:23:36:
9b:06:3c:c3:f4:6c:a7:3c:92:6a:e9:b5:e9:02:37:
d8:f3:57:de:dc:f1:64:fd:4e:21:64:d2:27:ce:70:
ad:19:20:bb:1f:27:3a:3f:c2:d6:6d:65:d1:ee:f7:
8a:f4:8c:03:2e:ea:58:36:c3:cb:25:1d:56:1b:aa:
cd:84:e1:d0:f9:47:ff:96:21:c0:fd:a3:20:e4:25:
e0:e1:2e:ba:25:b4:e1:f7:21:7b:f6:5d:83:29:5e:
3e:e5:d8:da:75:b9:67:63:f6:71:d0:ba:84:e6:f5:
d9:bb:00:64:9a:ae:db:6c:fe:33:43:6b:18:16:11:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9B:EC:0E:05:CA:6F:2B:68:03:83:D5:00:FA:95:14:92:30:C5:80
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/qJvsDgXKbytoA4PVAPqVFJIwxYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1ca8:3f::/48
Signature Algorithm: sha256WithRSAEncryption
0c:a0:d9:0e:d4:f5:b5:89:e2:85:03:31:44:71:ce:e4:0d:6b:
8a:ae:8b:15:52:ef:5d:ec:2b:ac:ae:25:c8:33:48:58:5f:7a:
03:ba:b0:0a:67:c4:e6:ef:4e:35:8c:34:29:07:b7:d6:8f:aa:
93:80:b5:de:6a:31:00:3a:d9:52:de:63:c2:0d:e7:cd:77:dd:
cf:3b:ea:fc:87:62:bf:46:a6:1b:b0:6b:19:ef:be:32:bf:61:
34:7d:1e:a7:67:ff:75:d3:e1:46:31:98:30:cd:0c:6d:a7:99:
2e:63:06:55:15:65:41:1a:0c:d6:5e:ac:9a:bd:1d:a3:a6:bb:
40:e7:91:41:cd:eb:4b:f9:cb:78:33:23:4f:44:e7:1c:bc:63:
0d:16:9a:c3:cc:31:3d:42:4c:f7:02:27:92:8e:c2:f9:8b:3a:
99:ac:80:1a:98:68:a1:b9:4b:a2:4b:ce:03:23:30:7d:ea:9c:
63:f3:23:d7:48:87:54:46:05:08:c8:03:ce:34:c7:f2:7e:74:
3e:6a:3a:44:5d:eb:a7:d5:53:94:cf:c1:82:00:ce:93:16:1f:
71:37:ca:fb:51:b8:f4:d2:42:1f:96:be:c8:d2:08:3b:a3:21:
8c:68:22:d8:e7:5c:23:bc:f6:21:00:4c:22:6e:f8:af:54:5b:
8e:4b:6f:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwwDv+CfUIlF4+X8oFkiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwMTAyMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODliZWMwZTA1Y2E2ZjJiNjgwMzgzZDUwMGZhOTUxNDkyMzBjNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYj9toClGr16B8J0ucI0P+w9/nGf
jhPtRAEFVrg+T/YKom4msJNN1cdJbdsu2DGPA0RvpZBakBoUQhhyMnO8LAAIkrOI
nUY2HLkhJVVuysntsYSR9VpScOfhgBAZjZefStVtOggw5nTkkiRuT3cWHrVqi1SS
GwMUdpQwjZksLR94J+uZIzabBjzD9GynPJJq6bXpAjfY81fe3PFk/U4hZNInznCt
GSC7Hyc6P8LWbWXR7veK9IwDLupYNsPLJR1WG6rNhOHQ+Uf/liHA/aMg5CXg4S66
JbTh9yF79l2DKV4+5djadblnY/Zx0LqE5vXZuwBkmq7bbP4zQ2sYFhEJ8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKib7A4Fym8raAOD1QD6lRSSMMWAMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvcUp2c0RnWEtieXRvQTRQVkFQcVZGSkl3eFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAcqAA/
MA0GCSqGSIb3DQEBCwUAA4IBAQAMoNkO1PW1ieKFAzFEcc7kDWuKrosVUu9d7Cus
riXIM0hYX3oDurAKZ8Tm7041jDQpB7fWj6qTgLXeajEAOtlS3mPCDefNd93PO+r8
h2K/RqYbsGsZ774yv2E0fR6nZ/910+FGMZgwzQxtp5kuYwZVFWVBGgzWXqyavR2j
prtA55FBzetL+ct4MyNPROccvGMNFprDzDE9Qkz3AieSjsL5izqZrIAamGihuUui
S84DIzB96pxj8yPXSIdURgUIyAPONMfyfnQ+ajpEXeun1VOUz8GCAM6TFh9xN8r7
Ubj00kIflr7I0gg7oyGMaCLY51wjvPYhAEwibvivVFuOS2+B
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:34:47 2025 by rpki-client