Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/DsPorg6uR7t6JvBbVSevkbdzJDo.roa
File: DsPorg6uR7t6JvBbVSevkbdzJDo.roa (raw, json)
Hash identifier: RpgjhCTICD6lwhLZnkbkUghdU8c5h70ZOvnzsWt/5fs=
Subject key identifier: 0E:C3:E8:AE:0E:AE:47:BB:7A:26:F0:5B:55:27:AF:91:B7:73:24:3A
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018C8C8A3A936043CDE895F1D184A7F966D2
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/DsPorg6uR7t6JvBbVSevkbdzJDo.roa
Signing time: Thu 21 Dec 2023 13:21:58 +0000
ROA not before: Thu 21 Dec 2023 13:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212921
IP address blocks: 2.59.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:8a:3a:93:60:43:cd:e8:95:f1:d1:84:a7:f9:66:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 21 13:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ec3e8ae0eae47bb7a26f05b5527af91b773243a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:46:c1:84:78:87:10:ea:27:8d:ec:a6:fe:a3:
07:53:81:0e:8f:f2:ad:b6:82:91:d4:4a:d3:de:0e:
e2:9a:b3:58:bb:3d:7a:90:0c:3e:10:24:05:43:50:
71:91:71:67:d4:6e:7d:02:9e:a0:01:9e:d1:81:4d:
19:2c:41:0e:9f:42:6a:04:12:0a:91:04:0c:f6:59:
7d:d9:d5:5e:3d:0e:f3:89:88:35:5e:57:ae:c7:54:
3d:57:88:e7:46:14:b0:45:2f:12:03:83:8c:55:27:
48:39:fd:d0:b7:c4:d3:e5:bd:e9:3b:68:bf:42:33:
25:ac:43:44:0c:e2:fe:07:25:b9:c2:0d:6c:76:c5:
87:a1:8c:b9:f3:ea:4b:83:30:de:7b:78:3d:c9:23:
77:c7:df:b2:02:48:22:81:ca:25:60:78:b3:3b:d8:
bf:08:74:38:24:87:41:43:04:5f:0a:bf:81:e5:38:
ff:01:97:23:ae:a4:02:ba:e8:99:68:a6:b6:68:c0:
af:ba:df:ba:24:c0:d2:7d:aa:c7:e9:af:a4:5b:1f:
59:f2:cc:b3:02:7d:26:4c:ed:29:28:62:11:7d:5f:
1d:8d:cc:97:64:b6:f0:67:95:44:3d:f6:07:6f:3a:
3c:c2:77:ed:29:89:e2:6c:08:97:9e:4a:00:aa:9b:
61:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C3:E8:AE:0E:AE:47:BB:7A:26:F0:5B:55:27:AF:91:B7:73:24:3A
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/DsPorg6uR7t6JvBbVSevkbdzJDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.155.0/24
Signature Algorithm: sha256WithRSAEncryption
44:41:ec:7c:cf:50:80:6b:9c:16:74:bc:e1:d9:a2:ba:a5:34:
47:c4:c0:60:0a:cc:f2:69:83:8e:25:b8:c4:c3:12:6a:f0:30:
b9:c4:e3:6a:63:ce:06:f5:f7:9f:53:9d:1e:5a:2e:a4:c6:aa:
69:92:93:83:18:c0:dd:c3:d6:3a:9b:fd:f4:e7:3e:ef:f8:d0:
ae:c2:18:d2:7e:b6:8f:30:b7:5a:a5:3a:02:71:12:5a:3f:ac:
59:cb:66:54:3e:1a:05:83:b0:71:d6:48:a9:c1:e6:26:24:70:
ad:31:68:55:93:ea:a0:c0:ca:04:ca:e5:8d:8c:1b:12:08:02:
26:a9:01:21:f5:8a:8d:4a:51:b0:69:1a:3e:c4:3d:a1:2c:08:
fe:23:1d:e5:c9:31:61:ba:83:1c:2d:c7:ee:f0:67:58:be:a3:
d2:93:49:df:ae:69:83:d9:fe:22:88:87:28:ea:f1:be:42:5c:
ad:19:59:f0:ba:33:8e:f4:88:f2:2b:21:c2:ca:18:be:96:4e:
f5:cf:c4:08:24:4b:60:83:21:f1:9c:35:a0:28:7e:0d:fe:eb:
d7:76:0a:5e:f3:00:96:90:98:4d:fe:a8:11:b9:ab:d9:ef:a3:
44:fe:8b:33:77:a4:ce:1c:a1:bf:21:be:2f:19:ff:28:31:86:
29:44:fa:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyMijqTYEPN6JXx0YSn+WbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjIxMTMyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWMzZThhZTBlYWU0N2JiN2EyNmYwNWI1NTI3YWY5MWI3NzMyNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUbBhHiHEOonjeym/qMHU4EOj/Kt
toKR1ErT3g7imrNYuz16kAw+ECQFQ1BxkXFn1G59Ap6gAZ7RgU0ZLEEOn0JqBBIK
kQQM9ll92dVePQ7ziYg1Xleux1Q9V4jnRhSwRS8SA4OMVSdIOf3Qt8TT5b3pO2i/
QjMlrENEDOL+ByW5wg1sdsWHoYy58+pLgzDee3g9ySN3x9+yAkgigcolYHizO9i/
CHQ4JIdBQwRfCr+B5Tj/AZcjrqQCuuiZaKa2aMCvut+6JMDSfarH6a+kWx9Z8syz
An0mTO0pKGIRfV8djcyXZLbwZ5VEPfYHbzo8wnftKYnibAiXnkoAqpthMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7D6K4Orke7eibwW1Unr5G3cyQ6MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvRHNQb3JnNnVSN3Q2SnZCYlZTZXZrYmR6SkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjubMA0G
CSqGSIb3DQEBCwUAA4IBAQBEQex8z1CAa5wWdLzh2aK6pTRHxMBgCszyaYOOJbjE
wxJq8DC5xONqY84G9fefU50eWi6kxqppkpODGMDdw9Y6m/305z7v+NCuwhjSfraP
MLdapToCcRJaP6xZy2ZUPhoFg7Bx1kipweYmJHCtMWhVk+qgwMoEyuWNjBsSCAIm
qQEh9YqNSlGwaRo+xD2hLAj+Ix3lyTFhuoMcLcfu8GdYvqPSk0nfrmmD2f4iiIco
6vG+QlytGVnwujOO9IjyKyHCyhi+lk71z8QIJEtggyHxnDWgKH4N/uvXdgpe8wCW
kJhN/qgRuavZ76NE/oszd6TOHKG/Ib4vGf8oMYYpRPp8
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:01:45 2025 by rpki-client