Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JvXd-plAe0mezMvvjZGeNbfQRYA.roa
File: JvXd-plAe0mezMvvjZGeNbfQRYA.roa (raw, json)
Hash identifier: d9eZqkcVcicqBBLAT3jlJkdxlPvTF1saS2kDl+7Bi2c=
Subject key identifier: 26:F5:DD:FA:99:40:7B:49:9E:CC:CB:EF:8D:91:9E:35:B7:D0:45:80
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184CD4808D322472CFE00A088B9AAA95DC0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JvXd-plAe0mezMvvjZGeNbfQRYA.roa
Signing time: Thu 01 Dec 2022 10:42:40 +0000
ROA not before: Thu 01 Dec 2022 10:42:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30633
IP address blocks: 2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:e842::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:48:08:d3:22:47:2c:fe:00:a0:88:b9:aa:a9:5d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 1 10:42:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26f5ddfa99407b499ecccbef8d919e35b7d04580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:49:c3:1e:17:e7:68:12:09:7a:6b:24:ed:9e:
47:97:2b:e0:b4:c8:77:12:b6:9d:ba:1b:90:d8:fd:
4c:08:3f:0a:8f:4f:c9:fc:03:d2:58:78:b3:d2:c1:
d2:83:74:d6:28:e3:ab:1d:73:6c:e4:cb:a4:f8:8a:
f6:c8:cf:9a:e0:94:b1:e2:d1:86:90:5f:d5:15:f2:
10:6f:6e:67:f3:9e:cf:62:45:a9:96:39:5d:1c:ee:
05:46:b0:39:14:7e:5e:58:4c:57:12:3f:5f:12:07:
9c:41:11:26:95:d3:58:47:ab:5d:08:a4:e6:d3:a8:
c1:6e:e8:58:ee:30:7e:65:21:fa:16:7d:f0:3c:ee:
c9:71:47:bf:44:64:b0:34:f1:c4:07:e2:0d:55:5a:
c8:aa:b6:d2:96:08:83:02:1d:bf:a6:bb:df:0f:e6:
f7:da:b0:c9:c9:95:6e:24:0f:cd:ed:04:a4:dd:1e:
3a:6f:da:2d:95:4c:31:7a:1f:39:cb:df:73:88:0b:
ca:6e:c0:fc:9e:d5:51:8b:f2:5d:87:f5:0c:7a:d7:
37:93:4b:78:d2:6c:e8:23:70:30:e6:8e:43:53:83:
6a:c7:be:dd:5e:fd:a3:46:d5:0e:66:69:e3:48:cb:
fc:61:62:cd:98:42:83:34:8b:39:c4:c5:0e:df:52:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F5:DD:FA:99:40:7B:49:9E:CC:CB:EF:8D:91:9E:35:B7:D0:45:80
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JvXd-plAe0mezMvvjZGeNbfQRYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f300::/29
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:e842::/32
2a0f:e940::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
Signature Algorithm: sha256WithRSAEncryption
ce:05:52:c6:97:3c:7b:29:56:82:82:fd:f1:9b:40:27:c9:b6:
8f:75:fc:f4:f0:a7:87:8a:25:68:28:33:1c:dd:93:a6:e8:d1:
cb:bb:91:69:5c:8d:f9:32:d1:bd:35:20:f0:fc:ed:6a:bd:7d:
e0:a6:40:ce:3d:9a:19:25:53:e3:f8:8c:ff:11:f0:24:3e:ee:
83:ea:9b:44:d6:28:d9:4e:7c:c9:d1:f6:7b:e9:e3:be:d7:03:
dd:0b:fa:be:00:15:41:44:bc:f8:d4:72:32:99:33:f7:80:ab:
d1:b2:f6:09:30:e6:a2:47:10:e0:b9:72:d8:8e:7b:0a:07:e4:
b0:22:68:bb:70:88:31:0c:19:67:f0:63:54:9f:3b:11:63:4f:
76:1e:84:57:33:fd:a6:af:e2:e0:4d:21:75:62:78:26:f0:57:
bd:ee:8b:0e:1f:28:10:25:85:f7:ac:86:fc:a1:ae:59:9d:d2:
7d:75:dd:eb:18:52:3e:5a:2f:fc:5b:5a:2f:ac:19:a2:60:fb:
0b:cc:ca:99:76:99:8e:9c:65:69:bc:3b:e8:d4:7f:7d:e9:87:
72:7d:52:29:f7:fc:4d:39:41:67:60:b1:7f:87:fb:b3:10:91:
5b:47:2e:7c:61:2b:53:ac:3f:70:38:04:dd:2b:98:6d:db:3b:
7f:45:af:02
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYTNSAjTIkcs/gCgiLmqqV3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjAxMTA0MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmY1ZGRmYTk5NDA3YjQ5OWVjY2NiZWY4ZDkxOWUzNWI3ZDA0NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjknDHhfnaBIJemsk7Z5HlyvgtMh3
EraduhuQ2P1MCD8Kj0/J/APSWHiz0sHSg3TWKOOrHXNs5Muk+Ir2yM+a4JSx4tGG
kF/VFfIQb25n857PYkWpljldHO4FRrA5FH5eWExXEj9fEgecQREmldNYR6tdCKTm
06jBbuhY7jB+ZSH6Fn3wPO7JcUe/RGSwNPHEB+INVVrIqrbSlgiDAh2/prvfD+b3
2rDJyZVuJA/N7QSk3R46b9otlUwxeh85y99ziAvKbsD8ntVRi/Jdh/UMetc3k0t4
0mzoI3Aw5o5DU4Nqx77dXv2jRtUOZmnjSMv8YWLNmEKDNIs5xMUO31J0CQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFCb13fqZQHtJnszL742RnjW30EWAMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSnZYZC1wbEFlMG1lek12dmpaR2VOYmZRUllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgACMIHkAwUD
KgfzAAMFACoOGoADBQMqDlqAAwUAKg7HgAMHACoO8gEAAQMFASoPCgADBwAqDx4A
ASMDBwAqDx4ABFYDBwAqDx4ACYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAED
BwAqDx6BAAIDBwAqDx6BEpMDBwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAq
Dx6Bza4DBQEqDznAAwcAKg89gAEjAwUAKg89ggMFACoPPYQDBQAqDz2HAwUAKg/o
QgMFAyoP6UADBwAqEqxAAAADBwAqEqxAAA8DBQMqEtVAMA0GCSqGSIb3DQEBCwUA
A4IBAQDOBVLGlzx7KVaCgv3xm0AnybaPdfz08KeHiiVoKDMc3ZOm6NHLu5FpXI35
MtG9NSDw/O1qvX3gpkDOPZoZJVPj+Iz/EfAkPu6D6ptE1ijZTnzJ0fZ76eO+1wPd
C/q+ABVBRLz41HIymTP3gKvRsvYJMOaiRxDguXLYjnsKB+SwImi7cIgxDBln8GNU
nzsRY092HoRXM/2mr+LgTSF1Yngm8Fe97osOHygQJYX3rIb8oa5ZndJ9dd3rGFI+
Wi/8W1ovrBmiYPsLzMqZdpmOnGVpvDvo1H996YdyfVIp9/xNOUFnYLF/h/uzEJFb
Ry58YStTrD9wOATdK5ht2zt/Ra8C
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:16 2025 by rpki-client