Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/JKPM0Ao8JxcDih9BBMYm1yXtutM.roa
File: JKPM0Ao8JxcDih9BBMYm1yXtutM.roa (raw, json)
Hash identifier: lte+jfOR7s8tNH6zuyUvjzFZ2rvZSOi8Q8smjSVqk2w=
Subject key identifier: 24:A3:CC:D0:0A:3C:27:17:03:8A:1F:41:04:C6:26:D7:25:ED:BA:D3
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018755D25CD1F28027F8D07738541A042479
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/JKPM0Ao8JxcDih9BBMYm1yXtutM.roa
Signing time: Thu 06 Apr 2023 09:07:42 +0000
ROA not before: Thu 06 Apr 2023 09:07:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 2a07:3502:10e0::/48 maxlen: 48
2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1ac0::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:d2:5c:d1:f2:80:27:f8:d0:77:38:54:1a:04:24:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Apr 6 09:07:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24a3ccd00a3c2717038a1f4104c626d725edbad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:49:4f:d6:92:e5:3e:4a:60:4c:2c:b1:ed:
8d:02:23:8b:8f:24:e2:e5:50:73:47:9d:77:c3:bc:
2d:9b:9b:65:d8:1d:fe:04:ca:67:38:a2:b0:6f:2f:
b4:9c:8a:6a:e9:86:f7:38:02:86:69:d6:48:be:71:
2d:82:53:2f:f3:3e:7f:91:a2:8e:4a:bb:39:44:c5:
cb:00:d0:23:89:33:a0:4e:65:f5:79:ad:03:b7:98:
c7:05:b9:71:fc:62:d0:cf:25:b8:24:04:9f:95:94:
37:45:35:39:75:4c:86:96:d3:14:7e:4a:23:1c:fa:
a3:44:bf:24:f6:5c:c6:ca:e7:b7:cb:20:d4:fd:84:
71:b9:b0:e8:00:cf:f9:f1:32:64:f1:d5:c4:6a:a2:
c8:c2:19:d7:3b:94:63:ab:f7:f8:2d:ea:df:3e:09:
bc:fa:d7:ec:4a:0f:c1:e5:0f:70:69:79:e9:62:5b:
69:7b:3f:ab:3a:41:c7:e8:8a:7b:e6:e4:02:1e:13:
25:66:62:41:e0:7a:d8:a2:a0:f7:57:08:66:4e:b2:
8b:0f:bd:c4:00:c7:96:3c:8a:5d:00:ea:ee:50:5f:
29:fd:79:3e:be:fe:ea:bc:0e:ce:5e:23:96:b8:81:
0e:37:4d:53:c8:44:b0:32:18:97:06:05:1b:d6:a8:
d6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A3:CC:D0:0A:3C:27:17:03:8A:1F:41:04:C6:26:D7:25:ED:BA:D3
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/JKPM0Ao8JxcDih9BBMYm1yXtutM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1020::/48
2a07:3500:1ac0::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
2a07:3502:10e0::/48
Signature Algorithm: sha256WithRSAEncryption
52:57:db:75:de:3c:50:ed:71:f3:af:13:ef:01:b1:27:7e:bc:
14:ca:e6:dd:f1:f3:ad:b6:d2:14:4b:40:dd:d8:b1:bd:ef:18:
ee:43:f1:cb:c2:b2:f2:75:ae:1b:54:a3:b1:f5:ce:fd:26:dd:
2a:cf:ee:ba:bf:79:4c:f9:d4:ee:73:c9:1c:6d:79:52:3e:ef:
5c:f1:a9:1a:62:23:6b:c5:09:d2:33:22:d6:10:ac:f1:6d:9c:
b8:c3:92:99:29:87:08:c9:e6:68:e9:73:16:65:33:60:54:db:
8f:00:23:be:4b:54:2b:dd:26:43:7f:7a:6d:03:ca:d7:20:4b:
73:f0:b8:35:20:45:19:01:76:91:53:75:ec:92:59:bc:a5:f6:
47:33:ac:b6:46:71:ca:9b:0e:79:a1:df:cf:64:f6:eb:05:fe:
56:9e:6c:c5:d3:64:d6:cd:f9:a0:02:57:97:78:46:c7:7b:87:
62:dd:b9:51:08:a2:31:1b:39:c6:71:e4:b2:14:eb:98:4e:05:
90:4e:98:d2:ea:ce:5e:b4:5b:2a:67:63:f3:4a:cd:bf:d3:a1:
54:d4:4d:9d:15:d9:dd:20:3e:b2:cb:c7:d2:0e:84:ca:a4:08:
0f:55:38:87:7d:2f:2c:7b:90:14:77:d5:d1:f2:10:cf:c6:f7:
d7:c6:74:fd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYdV0lzR8oAn+NB3OFQaBCR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwNDA2MDkwNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGEzY2NkMDBhM2MyNzE3MDM4YTFmNDEwNGM2MjZkNzI1ZWRiYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZpJT9aS5T5KYEwsse2NAiOLjyTi
5VBzR513w7wtm5tl2B3+BMpnOKKwby+0nIpq6Yb3OAKGadZIvnEtglMv8z5/kaKO
Srs5RMXLANAjiTOgTmX1ea0Dt5jHBblx/GLQzyW4JASflZQ3RTU5dUyGltMUfkoj
HPqjRL8k9lzGyue3yyDU/YRxubDoAM/58TJk8dXEaqLIwhnXO5Rjq/f4LerfPgm8
+tfsSg/B5Q9waXnpYltpez+rOkHH6Ip75uQCHhMlZmJB4HrYoqD3VwhmTrKLD73E
AMeWPIpdAOruUF8p/Xk+vv7qvA7OXiOWuIEON01TyESwMhiXBgUb1qjW0wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCSjzNAKPCcXA4ofQQTGJtcl7brTMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvSktQTTBBbzhKeGNEaWg5QkJNWW0xeVh0dXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgc1ABAg
AwcAKgc1ABrAAwcAKgc1ABswAwcAKgc1ABtIAwcAKgc1ABvAAwcAKgc1AhDgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSV9t13jxQ7XHzrxPvAbEnfrwUyubd8fOtttIUS0Dd
2LG97xjuQ/HLwrLyda4bVKOx9c79Jt0qz+66v3lM+dTuc8kcbXlSPu9c8akaYiNr
xQnSMyLWEKzxbZy4w5KZKYcIyeZo6XMWZTNgVNuPACO+S1Qr3SZDf3ptA8rXIEtz
8Lg1IEUZAXaRU3Xsklm8pfZHM6y2RnHKmw55od/PZPbrBf5WnmzF02TWzfmgAleX
eEbHe4di3blRCKIxGznGceSyFOuYTgWQTpjS6s5etFsqZ2PzSs2/06FU1E2dFdnd
ID6yy8fSDoTKpAgPVTiHfS8se5AUd9XR8hDPxvfXxnT9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:09 2025 by rpki-client