Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ICJ2sbudcwbTwL3XDjkEUE7KtEE.roa
File: ICJ2sbudcwbTwL3XDjkEUE7KtEE.roa (raw, json)
Hash identifier: PlNRz8iG/Ji5DxRGQjPIoSC7CNuefq/clSE/CgjEVOU=
Subject key identifier: 20:22:76:B1:BB:9D:73:06:D3:C0:BD:D7:0E:39:04:50:4E:CA:B4:41
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018A4AB97C5EA37E01B242095F7D0CA130BC
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ICJ2sbudcwbTwL3XDjkEUE7KtEE.roa
Signing time: Thu 31 Aug 2023 08:33:04 +0000
ROA not before: Thu 31 Aug 2023 08:33:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3500:19d8::/48 maxlen: 48
2a07:3500:1998::/48 maxlen: 48
2a07:3500:19e8::/48 maxlen: 48
2a07:3500:19a8::/48 maxlen: 48
2a07:3500:19a0::/48 maxlen: 48
2a07:3500:19e0::/48 maxlen: 48
2a07:3500:19b0::/48 maxlen: 48
2a07:3500:1200::/48 maxlen: 48
2a07:3500:1a00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:b9:7c:5e:a3:7e:01:b2:42:09:5f:7d:0c:a1:30:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Aug 31 08:33:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=202276b1bb9d7306d3c0bdd70e3904504ecab441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:7f:be:35:a2:61:42:60:aa:d8:7b:d2:69:
8e:65:b6:41:c9:84:8e:a7:ab:fc:82:5a:8c:75:38:
1e:29:33:64:c6:88:6a:3a:d5:b0:33:15:ae:0f:19:
51:84:4f:f8:fa:63:46:e2:bb:a6:24:3b:01:07:36:
09:ca:82:81:ce:b7:d6:6e:1b:ea:94:3f:b2:bf:41:
be:85:81:7f:c1:98:b6:00:ae:6c:98:8d:80:88:42:
11:72:1a:11:a3:73:c1:eb:07:7f:98:5c:b8:94:6e:
f0:58:65:9a:88:69:2e:a1:b4:87:57:d8:25:66:93:
20:bb:7c:ef:4b:56:8e:c2:c5:c9:1b:f2:2d:c8:be:
c7:98:6c:51:19:67:89:45:47:ba:e4:a0:b5:5f:51:
5a:5a:14:b7:65:af:dc:70:8d:07:b9:58:02:e5:a7:
72:08:0e:7a:62:33:5d:6f:39:16:65:5e:d1:c0:bd:
f2:1b:32:0d:3e:33:74:20:8f:eb:81:1c:f3:56:d3:
ac:f6:f8:91:dc:ea:fe:50:4d:16:f7:11:46:fa:2f:
11:8b:e7:71:9b:5d:b7:41:78:be:65:70:e8:5a:fe:
c6:d7:24:a6:e3:19:2e:a7:8b:d2:28:22:3f:27:27:
cc:9c:75:63:5c:4e:05:d0:fc:b5:3c:a3:c5:e6:f8:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:22:76:B1:BB:9D:73:06:D3:C0:BD:D7:0E:39:04:50:4E:CA:B4:41
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ICJ2sbudcwbTwL3XDjkEUE7KtEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
2a07:3500:19a0::/48
2a07:3500:19a8::/48
2a07:3500:19b0::/48
2a07:3500:19d8::/48
2a07:3500:19e0::/48
2a07:3500:19e8::/48
2a07:3500:1a00::/48
Signature Algorithm: sha256WithRSAEncryption
81:f0:ad:89:02:d6:34:c9:25:4e:4a:db:98:c3:bc:45:cd:b1:
a6:c3:f5:cd:4b:99:b3:33:4a:ce:28:75:ed:4d:92:50:0a:72:
3e:7a:87:4b:35:e6:c0:8d:aa:6e:20:61:e1:ef:17:d0:24:3d:
93:bc:e4:d8:28:5b:f1:fc:e0:d4:40:26:08:90:2c:ad:50:fa:
bc:c5:ed:b3:b2:e1:70:2f:3e:49:d8:a3:d6:42:d9:1c:31:9d:
13:5c:e5:38:60:e6:7a:49:c6:6c:38:5a:74:cd:46:b0:0e:e7:
23:5d:a6:8f:5d:9a:fb:e9:68:44:65:69:ef:ee:64:a0:66:6d:
d3:71:f0:9a:35:a9:b7:24:53:cf:bc:23:23:09:e3:43:74:3b:
ea:c1:dc:a0:b7:cc:2f:a9:6b:b4:10:d2:a2:fc:bb:5e:a2:bd:
f3:c5:e9:8b:18:a6:29:98:33:c7:78:b7:97:e1:3e:4f:fa:36:
1e:f8:13:e9:5e:01:dd:fd:cb:94:12:20:68:59:6c:4e:80:e6:
06:05:3e:70:03:89:69:c1:9c:c5:c2:2b:f3:9e:a8:b1:e5:5d:
98:00:13:30:03:c8:a3:a0:59:cf:1c:7c:c1:ae:32:5d:b2:e4:
80:52:41:51:b4:56:53:d2:8a:a6:d1:f3:0f:50:b4:b7:60:7c:
aa:a2:3c:3b
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYpKuXxeo34BskIJX30MoTC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwODMxMDgzMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDIyNzZiMWJiOWQ3MzA2ZDNjMGJkZDcwZTM5MDQ1MDRlY2FiNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiid/vjWiYUJgqth70mmOZbZByYSO
p6v8glqMdTgeKTNkxohqOtWwMxWuDxlRhE/4+mNG4rumJDsBBzYJyoKBzrfWbhvq
lD+yv0G+hYF/wZi2AK5smI2AiEIRchoRo3PB6wd/mFy4lG7wWGWaiGkuobSHV9gl
ZpMgu3zvS1aOwsXJG/ItyL7HmGxRGWeJRUe65KC1X1FaWhS3Za/ccI0HuVgC5ady
CA56YjNdbzkWZV7RwL3yGzINPjN0II/rgRzzVtOs9viR3Or+UE0W9xFG+i8Ri+dx
m123QXi+ZXDoWv7G1ySm4xkup4vSKCI/JyfMnHVjXE4F0Py1PKPF5vjzoQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFCAidrG7nXMG08C91w45BFBOyrRBMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvSUNKMnNidWRjd2JUd0wzWERqa0VVRTdLdEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcAKgc1ABIA
AwcAKgc1ABmYAwcAKgc1ABmgAwcAKgc1ABmoAwcAKgc1ABmwAwcAKgc1ABnYAwcA
Kgc1ABngAwcAKgc1ABnoAwcAKgc1ABoAMA0GCSqGSIb3DQEBCwUAA4IBAQCB8K2J
AtY0ySVOStuYw7xFzbGmw/XNS5mzM0rOKHXtTZJQCnI+eodLNebAjapuIGHh7xfQ
JD2TvOTYKFvx/ODUQCYIkCytUPq8xe2zsuFwLz5J2KPWQtkcMZ0TXOU4YOZ6ScZs
OFp0zUawDucjXaaPXZr76WhEZWnv7mSgZm3TcfCaNam3JFPPvCMjCeNDdDvqwdyg
t8wvqWu0ENKi/Lteor3zxemLGKYpmDPHeLeX4T5P+jYe+BPpXgHd/cuUEiBoWWxO
gOYGBT5wA4lpwZzFwivznqix5V2YABMwA8ijoFnPHHzBrjJdsuSAUkFRtFZT0oqm
0fMPULS3YHyqojw7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:33 2025 by rpki-client