Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/FJoMVJo9kTv_hBx1IRglbBiVnOM.roa
File: FJoMVJo9kTv_hBx1IRglbBiVnOM.roa (raw, json)
Hash identifier: D+MERPHcx1Q/83qkt71WKz4bmogwRMSVqMYqE2yTP1E=
Subject key identifier: 14:9A:0C:54:9A:3D:91:3B:FF:84:1C:75:21:18:25:6C:18:95:9C:E3
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 01856BC12243B8CD5120D22F50E0BC34AF34
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/FJoMVJo9kTv_hBx1IRglbBiVnOM.roa
Signing time: Sun 01 Jan 2023 05:14:57 +0000
ROA not before: Sun 01 Jan 2023 05:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209105
IP address blocks: 2001:67c:9ac::/48 maxlen: 48
2001:67c:9a4::/48 maxlen: 48
2001:67c:99c::/48 maxlen: 48
2001:67c:9b0::/48 maxlen: 48
2001:67c:9a8::/48 maxlen: 48
2001:67c:9a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:22:43:b8:cd:51:20:d2:2f:50:e0:bc:34:af:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Jan 1 05:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=149a0c549a3d913bff841c752118256c18959ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cc:83:4a:1c:f5:70:03:26:36:70:14:c7:04:
01:88:53:77:4a:b8:d0:da:b7:79:ae:c6:1b:e1:10:
dc:40:cc:d2:93:08:6d:1a:28:63:6f:b6:79:3f:8c:
6c:63:6e:78:03:4f:cf:94:3f:56:b5:a4:99:74:4b:
7f:7f:94:63:0c:95:d1:80:78:d8:be:93:69:6f:8d:
98:47:88:76:5c:b5:71:a3:71:80:24:06:da:a1:ba:
73:e5:de:4d:d7:77:7e:07:de:82:49:a3:20:0b:c5:
d2:b0:56:67:de:64:9e:37:02:9b:72:a8:0c:4d:93:
68:e5:18:ad:e0:ae:12:76:88:25:24:3f:1d:cb:00:
de:2a:e8:a6:bd:af:ea:8a:a5:09:47:ea:1b:76:60:
7b:99:fd:86:a0:41:88:25:f9:90:fa:77:dc:0b:85:
91:98:dd:9e:47:80:f4:02:c5:a5:a0:6e:7b:8f:70:
f0:0d:2b:43:93:d4:75:15:e3:8b:36:3f:ef:b5:ab:
28:2a:1e:27:f6:18:6d:f8:9a:67:ef:84:33:d3:d7:
77:45:56:63:ab:b0:0e:10:cc:46:5c:44:75:d8:72:
24:a8:da:43:8e:07:00:c1:97:81:1c:62:74:57:25:
19:89:4c:a0:e8:9f:3a:a3:3d:4b:41:fc:94:12:df:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9A:0C:54:9A:3D:91:3B:FF:84:1C:75:21:18:25:6C:18:95:9C:E3
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/FJoMVJo9kTv_hBx1IRglbBiVnOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:99c::/48
2001:67c:9a0::/48
2001:67c:9a4::/48
2001:67c:9a8::/48
2001:67c:9ac::/48
2001:67c:9b0::/48
Signature Algorithm: sha256WithRSAEncryption
37:d8:a6:cf:bb:a1:48:9d:e2:6f:4a:b0:0c:e6:d4:7c:02:e1:
79:06:2a:fd:8e:5b:cb:87:c4:e8:72:77:56:5c:7d:6b:df:9f:
47:f5:3d:b3:e5:40:8c:80:70:38:74:0d:61:57:e5:aa:bf:62:
d5:ce:a6:37:46:8a:61:d0:76:87:fd:f0:73:07:bd:f0:6d:44:
0c:95:92:4d:7b:76:b5:89:0b:53:13:7a:b8:c9:e0:fe:ca:91:
59:fe:cb:d0:1b:bd:09:75:b2:b5:22:b3:28:79:13:1f:20:f7:
f3:d0:01:36:00:08:a8:f9:1d:f1:5b:86:b1:7b:0c:d8:cc:84:
5a:f0:af:c3:ae:c2:06:4f:ab:27:eb:e7:0f:43:73:f9:51:e8:
16:c2:5f:9c:da:08:37:8e:d8:7f:d9:23:ec:3a:a5:88:56:0b:
21:df:37:15:d8:87:16:0e:cf:44:4b:70:64:bc:9e:3f:54:84:
63:e4:5b:bd:ff:a1:6d:f3:14:de:27:b2:d9:1d:fa:b0:98:37:
42:37:2d:ff:68:23:5e:39:31:3b:9e:47:8f:69:ac:5d:2b:23:
0d:5f:0c:f4:fd:6c:6b:69:2f:22:f6:d1:25:a6:63:0c:48:ba:
d1:8a:15:2d:52:8f:5b:6c:81:21:b8:02:7f:70:16:16:7a:e5:
4a:e6:7a:6a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVrwSJDuM1RINIvUOC8NK80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjMwMTAxMDUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDlhMGM1NDlhM2Q5MTNiZmY4NDFjNzUyMTE4MjU2YzE4OTU5Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMyDShz1cAMmNnAUxwQBiFN3SrjQ
2rd5rsYb4RDcQMzSkwhtGihjb7Z5P4xsY254A0/PlD9WtaSZdEt/f5RjDJXRgHjY
vpNpb42YR4h2XLVxo3GAJAbaobpz5d5N13d+B96CSaMgC8XSsFZn3mSeNwKbcqgM
TZNo5Rit4K4SdoglJD8dywDeKuimva/qiqUJR+obdmB7mf2GoEGIJfmQ+nfcC4WR
mN2eR4D0AsWloG57j3DwDStDk9R1FeOLNj/vtasoKh4n9hht+Jpn74Qz09d3RVZj
q7AOEMxGXER12HIkqNpDjgcAwZeBHGJ0VyUZiUyg6J86oz1LQfyUEt+bQwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBSaDFSaPZE7/4QcdSEYJWwYlZzjMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEvRkpvTVZKbzlrVHZfaEJ4MUlSZ2xiQmlWbk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAIAEGfAmc
AwcAIAEGfAmgAwcAIAEGfAmkAwcAIAEGfAmoAwcAIAEGfAmsAwcAIAEGfAmwMA0G
CSqGSIb3DQEBCwUAA4IBAQA32KbPu6FIneJvSrAM5tR8AuF5Bir9jlvLh8TocndW
XH1r359H9T2z5UCMgHA4dA1hV+Wqv2LVzqY3Roph0HaH/fBzB73wbUQMlZJNe3a1
iQtTE3q4yeD+ypFZ/svQG70JdbK1IrMoeRMfIPfz0AE2AAio+R3xW4axewzYzIRa
8K/DrsIGT6sn6+cPQ3P5UegWwl+c2gg3jth/2SPsOqWIVgsh3zcV2IcWDs9ES3Bk
vJ4/VIRj5Fu9/6Ft8xTeJ7LZHfqwmDdCNy3/aCNeOTE7nkePaaxdKyMNXwz0/Wxr
aS8i9tElpmMMSLrRihUtUo9bbIEhuAJ/cBYWeuVK5npq
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:02:37 2025 by rpki-client