Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/jKELW8QJjXqL9hPDHb5ecbckuPs.roa
File: jKELW8QJjXqL9hPDHb5ecbckuPs.roa (raw, json)
Hash identifier: rnYIlKeE856EMsezGEZti0/8jpUaJRcyxI0aCoN8w6c=
Subject key identifier: 8C:A1:0B:5B:C4:09:8D:7A:8B:F6:13:C3:1D:BE:5E:71:B7:24:B8:FB
Certificate issuer: /CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Certificate serial: 018AB1E920873AF20B57AB0EDDAD30F9A516
Authority key identifier: 80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/jKELW8QJjXqL9hPDHb5ecbckuPs.roa
Signing time: Wed 20 Sep 2023 09:26:00 +0000
ROA not before: Wed 20 Sep 2023 09:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9044
IP address blocks: 2001:678:e48::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:e9:20:87:3a:f2:0b:57:ab:0e:dd:ad:30:f9:a5:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Validity
Not Before: Sep 20 09:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ca10b5bc4098d7a8bf613c31dbe5e71b724b8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3d:38:97:1e:64:2b:c4:da:13:65:89:32:6a:
68:41:4a:1e:4c:86:34:6e:bd:a6:01:17:d5:df:28:
7b:37:4a:0e:1a:35:77:b3:d9:4b:02:f3:a4:a7:5f:
df:fd:91:2f:84:ce:30:4f:0f:56:29:7c:7f:b5:87:
b3:6a:d6:ff:c8:d1:32:69:5e:02:00:a5:5c:7c:5c:
18:bd:7f:8f:5d:7b:19:31:5e:fd:d9:cb:76:38:2a:
91:ec:4f:ac:bf:e5:13:c6:2c:32:6c:44:51:1f:09:
18:59:93:cb:88:9d:ea:35:03:77:4a:5e:67:ec:2e:
5f:85:f8:a6:0a:ca:4e:2e:ab:07:92:5e:ad:c9:c1:
36:59:e3:7f:04:28:40:61:5e:d2:88:f9:61:d7:48:
92:8d:09:5f:97:b3:2d:2c:07:fb:58:d3:f3:0c:12:
07:a0:98:bf:dc:15:13:0d:33:06:22:1c:fa:5d:ed:
c4:f1:65:31:89:d5:13:29:a1:c1:fa:aa:f9:06:3a:
0e:3c:24:c0:d7:8f:eb:38:98:74:be:5c:a2:c4:13:
9a:58:31:12:3e:e4:d8:ee:6c:4c:8e:b7:a9:82:58:
6a:5b:72:09:e4:bb:43:7e:cb:74:6e:a6:0c:82:d7:
d3:fb:9f:b2:84:27:20:07:69:32:1a:22:ed:22:f2:
9f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A1:0B:5B:C4:09:8D:7A:8B:F6:13:C3:1D:BE:5E:71:B7:24:B8:FB
X509v3 Authority Key Identifier:
keyid:80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/jKELW8QJjXqL9hPDHb5ecbckuPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e48::/48
Signature Algorithm: sha256WithRSAEncryption
94:94:46:2f:ce:f8:63:8f:b6:b6:95:34:c0:03:18:df:f7:77:
db:5e:77:03:02:b0:8d:00:40:0d:d7:3a:08:51:4f:18:5d:97:
76:c4:e4:e0:61:e9:1f:27:08:db:d5:15:03:8b:94:23:56:9a:
5b:f1:4d:2b:bd:45:63:a8:80:19:e0:47:bc:5d:2d:9a:01:51:
9b:36:3e:13:a3:d8:19:f5:14:4d:77:d7:7a:3f:cb:43:b4:a1:
3f:f3:6e:c6:69:9b:90:c9:33:37:cf:ad:d0:39:c3:a0:85:cc:
53:d1:4e:ae:69:44:4b:62:55:fd:3b:91:6d:ff:9b:ed:fa:b5:
69:c5:4c:8f:dc:db:c0:af:c9:1e:66:37:27:ea:7c:36:d6:ab:
7d:62:2e:98:d3:67:8b:57:08:42:b3:eb:7f:ea:10:a0:da:9a:
cb:f3:50:6e:a3:af:90:cb:48:c5:a4:6f:ab:16:d1:34:e6:1e:
0c:bc:2f:c7:f9:91:e6:23:10:de:c6:1c:08:2f:97:7e:d1:6e:
a6:28:d9:b6:7c:aa:e0:ed:d7:59:f6:79:e1:c9:74:55:55:38:
e1:6b:d7:6d:21:2a:fc:80:8c:97:37:84:8d:de:75:2f:44:f1:
85:ad:ff:d3:26:58:be:7d:c6:92:91:10:0a:a3:7d:9b:48:90:
7c:87:6f:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqx6SCHOvILV6sO3a0w+aUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNTA1MDRmNGIxNzc2ZTgwYjhhZDlmOGIzNTZlNjEzYjU4
NWIzNWEwHhcNMjMwOTIwMDkyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ExMGI1YmM0MDk4ZDdhOGJmNjEzYzMxZGJlNWU3MWI3MjRiOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD04lx5kK8TaE2WJMmpoQUoeTIY0
br2mARfV3yh7N0oOGjV3s9lLAvOkp1/f/ZEvhM4wTw9WKXx/tYezatb/yNEyaV4C
AKVcfFwYvX+PXXsZMV792ct2OCqR7E+sv+UTxiwybERRHwkYWZPLiJ3qNQN3Sl5n
7C5fhfimCspOLqsHkl6tycE2WeN/BChAYV7SiPlh10iSjQlfl7MtLAf7WNPzDBIH
oJi/3BUTDTMGIhz6Xe3E8WUxidUTKaHB+qr5BjoOPCTA14/rOJh0vlyixBOaWDES
PuTY7mxMjrepglhqW3IJ5LtDfst0bqYMgtfT+5+yhCcgB2kyGiLtIvKfwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIyhC1vECY16i/YTwx2+XnG3JLj7MB8GA1UdIwQY
MBaAFIBQUE9LF3boC4rZ+LNW5hO1hbNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjIt
MDE0NGEzMjgyYTJlLzEvaktFTFc4UUpqWHFMOWhQREhiNWVjYmNrdVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjItMDE0NGEzMjgyYTJl
LzEvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA5I
MA0GCSqGSIb3DQEBCwUAA4IBAQCUlEYvzvhjj7a2lTTAAxjf93fbXncDArCNAEAN
1zoIUU8YXZd2xOTgYekfJwjb1RUDi5QjVppb8U0rvUVjqIAZ4Ee8XS2aAVGbNj4T
o9gZ9RRNd9d6P8tDtKE/827GaZuQyTM3z63QOcOghcxT0U6uaURLYlX9O5Ft/5vt
+rVpxUyP3NvAr8keZjcn6nw21qt9Yi6Y02eLVwhCs+t/6hCg2prL81Buo6+Qy0jF
pG+rFtE05h4MvC/H+ZHmIxDexhwIL5d+0W6mKNm2fKrg7ddZ9nnhyXRVVTjha9dt
ISr8gIyXN4SN3nUvRPGFrf/TJli+fcaSkRAKo32bSJB8h2/o
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:49 2025 by rpki-client