Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JqBcDN-Sjlta309w2inwL8DvVCU.roa
File: JqBcDN-Sjlta309w2inwL8DvVCU.roa (raw, json)
Hash identifier: NnhI7oiHATJrJM1YUFfdJ12UoHgd0MuqWu8jlRTBYOY=
Subject key identifier: 26:A0:5C:0C:DF:92:8E:5B:5A:DF:4F:70:DA:29:F0:2F:C0:EF:54:25
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01851F9C17766010F07FC5BE8909DBCCF4EB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JqBcDN-Sjlta309w2inwL8DvVCU.roa
Signing time: Sat 17 Dec 2022 10:23:21 +0000
ROA not before: Sat 17 Dec 2022 10:23:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0c:4880::/29 maxlen: 29
2a0f:e843::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:9c:17:76:60:10:f0:7f:c5:be:89:09:db:cc:f4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 17 10:23:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26a05c0cdf928e5b5adf4f70da29f02fc0ef5425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:ed:28:cc:55:ba:60:f0:9e:a0:ab:85:2d:
6c:ea:a5:28:92:d5:52:5d:b9:84:a1:29:63:6b:2f:
f7:cb:59:9b:c8:9a:ed:2a:a4:c1:c0:0c:5e:3f:59:
57:ba:cd:27:f1:19:19:28:3a:e2:4d:f8:7b:a8:c6:
72:51:70:64:2e:86:13:2e:82:fa:32:f5:0b:4e:42:
2c:33:cf:19:62:d5:4a:0f:70:08:76:2c:96:16:2e:
1f:b8:ff:d4:b9:28:b6:85:48:69:f5:2e:71:61:b2:
1a:af:f8:41:ca:c5:9b:26:04:1c:fc:80:4b:e7:b0:
36:6e:de:3a:7f:b5:c7:8b:ff:38:fa:f6:ee:35:f1:
40:f2:7a:f1:af:7e:d7:e1:3a:94:8e:f2:cf:c4:c3:
8b:09:dd:ee:dd:56:c4:da:7f:9a:84:8b:82:54:79:
dc:27:3d:85:5b:fd:ce:ab:00:c1:fc:3f:c9:1d:8c:
75:55:2c:f3:df:a2:61:fb:8c:61:56:46:b0:55:61:
a7:1c:51:d5:cd:09:36:b7:e0:4d:93:ea:ec:11:b5:
39:93:07:e2:5c:ef:b0:58:92:f0:b1:17:5f:6a:1d:
94:36:2f:90:cb:d1:30:f6:64:01:14:59:42:66:5d:
b7:9a:36:b4:1a:6d:e4:f5:dd:3e:81:5a:f7:a4:66:
bf:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A0:5C:0C:DF:92:8E:5B:5A:DF:4F:70:DA:29:F0:2F:C0:EF:54:25
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JqBcDN-Sjlta309w2inwL8DvVCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4880::/29
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
2a0f:e843::/32
Signature Algorithm: sha256WithRSAEncryption
cc:95:f3:1d:70:2a:93:ee:d9:fa:43:20:26:08:ec:be:d2:a2:
ac:cc:7f:e8:37:00:e4:08:77:9f:4f:f5:ea:06:d0:4a:bf:d9:
81:54:ec:5c:47:45:c4:44:5f:d3:70:45:69:d1:63:7e:9b:84:
c2:3f:46:0e:69:6e:08:a0:9a:c5:00:49:9c:0e:ae:c9:e5:3e:
9b:f7:e9:4a:87:65:95:77:c8:57:06:cd:74:28:79:2b:68:3b:
5a:4b:67:ec:cf:88:f1:1f:39:bd:97:ae:1d:cb:73:71:59:28:
64:6c:9c:b7:b9:a2:3e:24:33:f7:94:da:b9:db:73:6b:0b:33:
59:56:e7:20:1f:44:ee:b0:df:b2:7d:2b:dc:31:3a:a1:0d:62:
7a:e4:a7:25:ba:86:1a:71:6e:df:3c:e8:22:f5:e0:b6:a3:3f:
d1:6e:39:85:f2:d9:c5:07:d6:7d:5e:1f:28:cf:72:4f:fa:39:
e4:5b:53:e4:ca:c6:4c:16:a6:57:7e:1a:9c:30:84:aa:d9:9e:
e0:7f:fc:2c:67:44:ec:14:e8:89:67:47:02:5e:36:28:c9:50:
25:10:ae:61:29:bb:e7:a1:9d:b5:7b:47:72:c5:9b:3f:07:f9:
d9:e5:f5:19:8f:0c:13:46:a0:67:b2:71:d1:61:85:ef:7c:88:
7b:16:94:e1
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYUfnBd2YBDwf8W+iQnbzPTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjE3MTAyMzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmEwNWMwY2RmOTI4ZTViNWFkZjRmNzBkYTI5ZjAyZmMwZWY1NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYztKMxVumDwnqCrhS1s6qUoktVS
XbmEoSljay/3y1mbyJrtKqTBwAxeP1lXus0n8RkZKDriTfh7qMZyUXBkLoYTLoL6
MvULTkIsM88ZYtVKD3AIdiyWFi4fuP/UuSi2hUhp9S5xYbIar/hBysWbJgQc/IBL
57A2bt46f7XHi/84+vbuNfFA8nrxr37X4TqUjvLPxMOLCd3u3VbE2n+ahIuCVHnc
Jz2FW/3OqwDB/D/JHYx1VSzz36Jh+4xhVkawVWGnHFHVzQk2t+BNk+rsEbU5kwfi
XO+wWJLwsRdfah2UNi+Qy9Ew9mQBFFlCZl23mja0Gm3k9d0+gVr3pGa/wQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCagXAzfko5bWt9PcNop8C/A71QlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSnFCY0ROLVNqbHRhMzA5dzJpbndMOER2VkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUDKgxIgAMF
ACoOGoIDBwAqDx6AAAEDBQAqD+hBAwUAKg/oQzANBgkqhkiG9w0BAQsFAAOCAQEA
zJXzHXAqk+7Z+kMgJgjsvtKirMx/6DcA5Ah3n0/16gbQSr/ZgVTsXEdFxERf03BF
adFjfpuEwj9GDmluCKCaxQBJnA6uyeU+m/fpSodllXfIVwbNdCh5K2g7Wktn7M+I
8R85vZeuHctzcVkoZGyct7miPiQz95TaudtzawszWVbnIB9E7rDfsn0r3DE6oQ1i
euSnJbqGGnFu3zzoIvXgtqM/0W45hfLZxQfWfV4fKM9yT/o55FtT5MrGTBamV34a
nDCEqtme4H/8LGdE7BToiWdHAl42KMlQJRCuYSm756GdtXtHcsWbPwf52eX1GY8M
E0agZ7Jx0WGF73yIexaU4Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:24:12 2025 by rpki-client