Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jEaqNkxg8CgXcDrUzT0BeMgd-UM.roa
File: jEaqNkxg8CgXcDrUzT0BeMgd-UM.roa (raw, json)
Hash identifier: JqPCL9SjlIAkRlIVYL8Orv3Xkky+r2WJFOiL98khM58=
Subject key identifier: 8C:46:AA:36:4C:60:F0:28:17:70:3A:D4:CD:3D:01:78:C8:1D:F9:43
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0309B526
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jEaqNkxg8CgXcDrUzT0BeMgd-UM.roa
Signing time: Fri 06 May 2022 10:40:05 +0000
ROA not before: Fri 06 May 2022 10:40:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 2a0f:ea00::/29 maxlen: 29
2a12:4ac0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50967846 (0x309b526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 6 10:40:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c46aa364c60f02817703ad4cd3d0178c81df943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:23:95:7f:13:e7:66:26:87:4c:5a:8f:87:49:
c8:31:fa:b6:ef:99:06:31:fb:fa:d8:d7:6f:fc:d0:
b1:a8:08:dd:8b:e4:ca:17:46:e7:fe:4a:68:85:b0:
09:76:70:3a:39:9a:e8:78:c3:4b:13:0f:ca:6b:b5:
dc:12:05:02:11:27:9e:76:e7:91:06:23:63:48:ba:
2b:bc:d5:e8:1b:80:f3:8f:e8:c8:ce:3f:32:68:69:
4f:3b:c3:bb:ed:f1:90:1b:89:79:49:9b:bb:1e:7b:
87:0f:d9:bf:40:18:b7:46:77:3e:12:6a:91:81:5d:
fb:81:21:7a:0f:8a:6e:3b:2e:84:19:e3:a2:53:b1:
45:0a:05:15:73:8d:a2:79:4e:3f:aa:b1:a6:c0:e5:
90:aa:c3:cd:1b:44:ab:d5:14:72:db:08:90:1b:92:
97:5a:a1:39:c4:cd:92:9a:42:31:14:d3:1d:3c:60:
d4:f1:92:46:53:10:23:92:fb:53:3f:30:94:71:fc:
04:c6:43:a0:75:b9:3d:36:fc:5f:08:9d:ae:c7:a2:
73:ad:3e:01:e5:7e:aa:eb:1e:9e:a8:89:fa:ff:c8:
27:89:bb:32:17:3b:9d:72:bb:0c:77:ad:d7:6a:4c:
3e:a0:9c:e0:9c:c1:a9:7e:b3:df:f1:e5:c4:54:d6:
33:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:46:AA:36:4C:60:F0:28:17:70:3A:D4:CD:3D:01:78:C8:1D:F9:43
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jEaqNkxg8CgXcDrUzT0BeMgd-UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ea00::/29
2a12:4ac0::/29
Signature Algorithm: sha256WithRSAEncryption
60:e0:9c:5f:80:fc:22:3f:a8:d2:93:a0:de:6b:44:86:1f:3b:
13:dd:7a:36:29:79:84:43:c5:4c:53:c0:cf:15:bb:5b:18:00:
d2:80:1c:44:83:50:90:34:ee:ea:90:f2:17:ad:fa:3c:9a:a6:
fb:3b:0e:06:c6:0b:cb:6c:82:74:22:9c:9a:fe:75:04:b4:ba:
8f:47:a3:ad:c4:3f:57:68:01:c2:cc:91:71:a4:e9:3e:01:82:
c3:f3:88:55:75:cd:e6:6a:6e:3c:2d:4e:8e:a3:08:4f:d8:7d:
ef:2f:59:59:87:89:de:20:cf:6b:86:42:2b:40:77:22:39:31:
dd:7c:11:c4:9f:12:09:d4:f2:85:aa:17:d8:b8:5a:c0:da:d8:
71:3a:38:ce:93:91:db:8d:5c:4f:91:fe:40:8b:49:79:e2:6e:
bf:45:bb:b4:6b:6e:d7:2a:bd:5f:c0:85:49:90:05:83:81:ff:
55:b0:c0:92:61:b3:bc:c6:03:11:87:54:fd:19:98:df:75:70:
88:b1:45:ac:26:5b:5a:35:8c:7e:50:1d:23:6e:ea:23:96:ce:
5b:1a:3f:70:54:1a:e9:04:1e:df:c9:3f:a1:ce:b4:0a:49:a6:
80:ba:0a:fc:06:37:ba:7c:49:9c:a0:23:ae:0b:b6:d2:d0:20:
07:9e:d9:3b
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAwm1JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDUw
NjEwNDAwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM0NmFhMzY0YzYw
ZjAyODE3NzAzYWQ0Y2QzZDAxNzhjODFkZjk0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQjlX8T52Ymh0xaj4dJyDH6tu+ZBjH7+tjXb/zQsagI3Yvk
yhdG5/5KaIWwCXZwOjma6HjDSxMPymu13BIFAhEnnnbnkQYjY0i6K7zV6BuA84/o
yM4/MmhpTzvDu+3xkBuJeUmbux57hw/Zv0AYt0Z3PhJqkYFd+4Eheg+KbjsuhBnj
olOxRQoFFXONonlOP6qxpsDlkKrDzRtEq9UUctsIkBuSl1qhOcTNkppCMRTTHTxg
1PGSRlMQI5L7Uz8wlHH8BMZDoHW5PTb8Xwidrseic60+AeV+qusenqiJ+v/IJ4m7
Mhc7nXK7DHet12pMPqCc4JzBqX6z3/HlxFTWM1ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSMRqo2TGDwKBdwOtTNPQF4yB35QzAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L2pFYXFOa3hnOENnWGNEclV6VDBCZU1nZC1VTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoP6gADBQMqEkrAMA0GCSqGSIb3
DQEBCwUAA4IBAQBg4JxfgPwiP6jSk6Dea0SGHzsT3Xo2KXmEQ8VMU8DPFbtbGADS
gBxEg1CQNO7qkPIXrfo8mqb7Ow4GxgvLbIJ0Ipya/nUEtLqPR6OtxD9XaAHCzJFx
pOk+AYLD84hVdc3mam48LU6OowhP2H3vL1lZh4neIM9rhkIrQHciOTHdfBHEnxIJ
1PKFqhfYuFrA2thxOjjOk5HbjVxPkf5Ai0l54m6/Rbu0a27XKr1fwIVJkAWDgf9V
sMCSYbO8xgMRh1T9GZjfdXCIsUWsJltaNYx+UB0jbuojls5bGj9wVBrpBB7fyT+h
zrQKSaaAugr8Bje6fEmcoCOuC7bS0CAHntk7
-----END CERTIFICATE-----
Generated at Mon May 12 19:38:09 2025 by rpki-client