Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JXbBQQvEQNxIpuFNJMjW2uOSick.roa
File: JXbBQQvEQNxIpuFNJMjW2uOSick.roa (raw, json)
Hash identifier: 6nh4js6V563jx5Nhb4BP5Y2dnz+PludGURS5HbxWYco=
Subject key identifier: 25:76:C1:41:0B:C4:40:DC:48:A6:E1:4D:24:C8:D6:DA:E3:92:89:C9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAF628D323181A46A341F749794C0C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JXbBQQvEQNxIpuFNJMjW2uOSick.roa
Signing time: Sun 01 Jan 2023 14:44:55 +0000
ROA not before: Sun 01 Jan 2023 14:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 2a0f:2705::/32 maxlen: 32
2a0f:e9c0::/32 maxlen: 32
2a0f:dd42::/32 maxlen: 32
2a0f:ee05::/32 maxlen: 32
2a0f:db41::/32 maxlen: 32
2a0b:b740::/32 maxlen: 32
2a0f:dd43::/32 maxlen: 32
2a0f:ee04::/32 maxlen: 32
2a0f:2704::/32 maxlen: 32
2a0f:db42::/32 maxlen: 32
2a0f:dd41::/32 maxlen: 32
2a0b:b746::/32 maxlen: 32
2a0f:dd44::/32 maxlen: 32
2a0b:b742::/32 maxlen: 32
2a0f:db46::/32 maxlen: 32
2a0f:2707::/32 maxlen: 32
2a0f:dd40::/32 maxlen: 32
2a0f:e9c6::/32 maxlen: 32
2a0f:e9c5::/32 maxlen: 32
2a0f:ee07::/32 maxlen: 32
2a0f:db43::/32 maxlen: 32
2a0b:b743::/32 maxlen: 32
2a0f:e9c2::/32 maxlen: 32
2a0f:db40::/32 maxlen: 32
2a0f:ee01::/32 maxlen: 32
2a0b:b744::/32 maxlen: 32
2a0f:db44::/32 maxlen: 32
2a0f:dd46::/32 maxlen: 32
2a0f:2701::/32 maxlen: 32
2a0b:b745::/32 maxlen: 32
2a0f:ee02::/32 maxlen: 32
2a0f:e9c3::/32 maxlen: 32
2a0f:2702::/32 maxlen: 32
2a0f:dd47::/32 maxlen: 32
2a0f:db45::/32 maxlen: 32
2a0f:ee03::/32 maxlen: 32
2a0f:db47::/32 maxlen: 32
2a0f:dd45::/32 maxlen: 32
2a0b:b747::/32 maxlen: 32
2a0f:e9c1::/32 maxlen: 32
2a0f:2700::/32 maxlen: 32
2a0f:e9c4::/32 maxlen: 32
2a0f:2703::/32 maxlen: 32
2a0f:ee06::/32 maxlen: 32
2a0b:b741::/32 maxlen: 32
2a0f:e9c7::/32 maxlen: 32
2a0f:2706::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f6:28:d3:23:18:1a:46:a3:41:f7:49:79:4c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2576c1410bc440dc48a6e14d24c8d6dae39289c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ee:15:3a:60:f6:ca:ea:ef:78:b2:8e:d3:0c:
ee:83:18:07:16:bb:46:38:d4:6f:cd:12:c0:a0:46:
f2:fb:b9:8d:3f:05:49:be:11:00:71:c7:3a:28:75:
4a:e6:f4:67:e7:55:19:96:b9:19:70:d4:17:ff:e8:
2f:6a:51:44:13:ef:fc:c3:ea:03:e1:38:d5:b3:7d:
97:56:75:47:4c:ef:38:45:1f:8f:ef:5b:56:77:a8:
e1:15:c9:55:2a:57:40:eb:d7:b9:b5:c5:a8:85:cc:
74:2b:18:12:c0:13:38:b1:e3:6b:e9:0b:4c:aa:1b:
69:49:5f:c9:27:a6:90:ca:2e:6a:b8:b2:c5:b5:10:
4c:32:6e:d9:e8:ce:39:4a:dc:8f:42:59:52:f1:8f:
f9:17:e3:db:8f:65:bb:91:8d:b2:16:ec:3b:e4:e9:
ab:19:0e:77:99:37:a3:e2:9e:cb:97:4f:24:9b:5e:
d2:c3:38:7d:9a:bd:9c:1e:4b:21:95:8e:20:7d:71:
ea:78:2d:b9:25:4a:c2:ad:34:2f:f1:7c:b3:16:48:
e4:56:5f:ba:6e:ea:35:ea:c0:51:1a:c1:93:21:eb:
36:11:2d:b3:72:ed:de:b1:80:55:7c:b9:91:f3:b7:
b5:a1:e5:2b:a0:43:d4:b5:a1:07:5f:58:21:e1:6a:
9e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:76:C1:41:0B:C4:40:DC:48:A6:E1:4D:24:C8:D6:DA:E3:92:89:C9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JXbBQQvEQNxIpuFNJMjW2uOSick.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b740::/29
2a0f:2700::/29
2a0f:db40::/29
2a0f:dd40::/29
2a0f:e9c0::/29
2a0f:ee01::-2a0f:ee07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8d:07:be:dc:67:92:bc:d0:43:5d:01:7f:43:25:c1:90:53:30:
f8:17:37:75:f0:15:ed:b1:25:99:90:b1:bb:40:d3:c3:77:d6:
e0:6a:29:f8:bc:f5:82:17:9a:14:54:8f:67:e2:9f:91:28:95:
60:da:d7:a6:a1:32:d9:1c:bf:43:b3:c2:cb:4e:96:c6:f4:d6:
f7:e7:dd:0c:8f:08:6c:a2:53:b0:19:05:e0:41:79:c9:74:c3:
24:2f:af:a0:1c:32:e6:e5:2c:9a:01:e6:8f:6b:13:26:f9:fa:
18:48:64:db:a3:4d:93:b2:90:ed:c9:d0:99:40:11:b9:03:d1:
d0:0f:22:65:b0:1b:2a:92:1b:62:ba:47:ab:00:a3:d0:aa:eb:
06:9a:e7:bd:c7:dd:be:62:e6:0b:e8:1e:59:37:bf:8e:18:a0:
83:94:97:52:9e:b9:93:e2:9a:33:3e:93:16:5b:6f:aa:12:92:
19:ee:db:80:b5:d3:4a:d9:95:d9:1e:31:42:6b:2f:66:ae:87:
db:1b:3d:94:7c:e6:3f:2f:06:ef:e2:c7:6a:9c:fe:90:fb:50:
68:f5:73:4c:d0:f6:c7:85:f5:e5:13:94:4c:27:6b:bb:10:aa:
af:60:e0:36:06:59:78:6a:05:a4:c6:2d:1f:3d:fa:c2:d0:53:
ed:8c:4a:3e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtyvYo0yMYGkajQfdJeUwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc2YzE0MTBiYzQ0MGRjNDhhNmUxNGQyNGM4ZDZkYWUzOTI4OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+4VOmD2yurveLKO0wzugxgHFrtG
ONRvzRLAoEby+7mNPwVJvhEAccc6KHVK5vRn51UZlrkZcNQX/+gvalFEE+/8w+oD
4TjVs32XVnVHTO84RR+P71tWd6jhFclVKldA69e5tcWohcx0KxgSwBM4seNr6QtM
qhtpSV/JJ6aQyi5quLLFtRBMMm7Z6M45StyPQllS8Y/5F+Pbj2W7kY2yFuw75Omr
GQ53mTej4p7Ll08km17Swzh9mr2cHkshlY4gfXHqeC25JUrCrTQv8XyzFkjkVl+6
buo16sBRGsGTIes2ES2zcu3esYBVfLmR87e1oeUroEPUtaEHX1gh4WqegwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCV2wUELxEDcSKbhTSTI1trjkonJMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSlhiQlFRdkVRTnhJcHVGTkpNalcydU9TaWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUDKgu3QAMF
AyoPJwADBQMqD9tAAwUDKg/dQAMFAyoP6cAwDgMFACoP7gEDBQMqD+4AMA0GCSqG
SIb3DQEBCwUAA4IBAQCNB77cZ5K80ENdAX9DJcGQUzD4Fzd18BXtsSWZkLG7QNPD
d9bgain4vPWCF5oUVI9n4p+RKJVg2temoTLZHL9Ds8LLTpbG9Nb3590MjwhsolOw
GQXgQXnJdMMkL6+gHDLm5SyaAeaPaxMm+foYSGTbo02TspDtydCZQBG5A9HQDyJl
sBsqkhtiukerAKPQqusGmue9x92+YuYL6B5ZN7+OGKCDlJdSnrmT4pozPpMWW2+q
EpIZ7tuAtdNK2ZXZHjFCay9mrofbGz2UfOY/Lwbv4sdqnP6Q+1Bo9XNM0PbHhfXl
E5RMJ2u7EKqvYOA2Bll4agWkxi0fPfrC0FPtjEo+
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:55 2025 by rpki-client