Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/rhADtWBOxhIfgcLxEoVgqu73Saw.roa
File: rhADtWBOxhIfgcLxEoVgqu73Saw.roa (raw, json)
Hash identifier: 6Gh/kG0p1ZJGSeSZFfe7WkCJdXqmnfQGERRki5JJ0e0=
Subject key identifier: AE:10:03:B5:60:4E:C6:12:1F:81:C2:F1:12:85:60:AA:EE:F7:49:AC
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 01856ECBAAFBD632DFD3C490A5FEF923BC55
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/rhADtWBOxhIfgcLxEoVgqu73Saw.roa
Signing time: Sun 01 Jan 2023 19:25:19 +0000
ROA not before: Sun 01 Jan 2023 19:25:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62375
IP address blocks: 158.58.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:aa:fb:d6:32:df:d3:c4:90:a5:fe:f9:23:bc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 1 19:25:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae1003b5604ec6121f81c2f1128560aaeef749ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d9:12:0e:66:27:5a:43:07:45:d2:36:b2:9c:
91:e7:db:a8:bc:58:5f:34:21:55:70:53:72:ea:7b:
88:c5:be:2a:5e:c8:aa:17:4a:17:9a:6f:c5:23:fb:
8d:33:b3:83:b7:9e:56:8d:8e:e2:dc:65:76:e0:4c:
0a:7c:4d:61:dd:fd:12:e1:70:c5:aa:7c:c6:a3:61:
d9:8f:1c:06:58:d5:6e:e5:7d:2d:cf:e7:3c:4d:a0:
e2:9a:d4:a2:43:f4:0a:1c:64:56:2b:7f:d2:27:33:
d1:53:18:5a:36:e9:f7:cc:03:a9:36:e6:b6:ce:9a:
3e:2c:97:74:cb:5a:07:9c:21:23:a9:83:b4:62:af:
57:5a:f9:31:4c:2c:96:f3:e8:49:29:d4:be:1a:b2:
63:4c:28:54:12:10:ab:96:72:39:0a:25:81:8c:df:
00:f6:65:3d:07:00:13:42:0d:85:ce:48:36:49:74:
f1:6e:e3:7a:cf:7e:70:40:4e:1e:b3:73:bc:6d:03:
91:4b:90:d1:07:72:d7:42:0c:20:19:c9:b5:45:12:
db:a6:b5:48:71:5a:99:2d:86:cd:bb:00:ec:81:df:
d1:8b:8b:ba:d2:f0:38:f5:9b:0c:01:75:77:cb:a5:
87:92:a6:1c:cb:31:45:d4:11:44:37:54:7d:c6:c2:
7d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:10:03:B5:60:4E:C6:12:1F:81:C2:F1:12:85:60:AA:EE:F7:49:AC
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/rhADtWBOxhIfgcLxEoVgqu73Saw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.58.187.0/24
Signature Algorithm: sha256WithRSAEncryption
77:e1:f5:eb:a8:d9:66:21:4e:c6:2c:c1:5f:36:f1:fd:8e:64:
18:be:9e:cf:c4:92:d1:3e:86:22:88:21:df:04:69:a1:d2:2e:
3c:97:a9:65:91:30:96:12:3d:d0:98:45:b4:18:f6:a6:4d:73:
d8:4d:b9:47:9c:c1:85:31:9e:b3:99:35:76:53:ad:fa:8f:cc:
b0:d5:a8:b0:41:71:aa:d3:e1:26:7c:9a:2a:ff:22:b1:b6:a7:
65:82:d0:b4:90:f4:78:f5:b1:6d:da:a3:24:e8:58:6d:1a:a2:
48:62:67:fa:34:1c:fd:e9:b7:4d:2f:24:e6:42:81:85:35:0e:
f3:e7:8b:1d:40:8f:4f:de:bd:85:11:85:81:fd:fe:5a:84:0d:
ea:82:73:e5:1f:4e:90:ae:84:58:41:66:ae:f5:ff:84:dd:54:
18:d5:55:6e:71:f1:82:a0:d7:a9:40:43:aa:1b:9c:22:a3:4c:
e7:c8:e8:cf:a2:4c:5c:3d:2c:69:e0:e0:9d:4d:c5:39:07:69:
d2:65:40:19:1f:0d:74:6e:8c:a7:7d:fe:2a:26:1c:78:bf:bf:
18:a8:75:a9:46:76:0b:1b:fa:95:57:b0:58:43:77:96:de:06:
f2:99:81:70:e6:d4:89:5e:d5:fd:74:66:f2:99:88:5b:54:ce:
0e:4d:c8:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy6r71jLf08SQpf75I7xVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjMwMTAxMTkyNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTEwMDNiNTYwNGVjNjEyMWY4MWMyZjExMjg1NjBhYWVlZjc0OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidkSDmYnWkMHRdI2spyR59uovFhf
NCFVcFNy6nuIxb4qXsiqF0oXmm/FI/uNM7ODt55WjY7i3GV24EwKfE1h3f0S4XDF
qnzGo2HZjxwGWNVu5X0tz+c8TaDimtSiQ/QKHGRWK3/SJzPRUxhaNun3zAOpNua2
zpo+LJd0y1oHnCEjqYO0Yq9XWvkxTCyW8+hJKdS+GrJjTChUEhCrlnI5CiWBjN8A
9mU9BwATQg2Fzkg2SXTxbuN6z35wQE4es3O8bQORS5DRB3LXQgwgGcm1RRLbprVI
cVqZLYbNuwDsgd/Ri4u60vA49ZsMAXV3y6WHkqYcyzFF1BFEN1R9xsJ9KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4QA7VgTsYSH4HC8RKFYKru90msMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvcmhBRHRXQk94aElmZ2NMeEVvVmdxdTczU2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnjq7MA0G
CSqGSIb3DQEBCwUAA4IBAQB34fXrqNlmIU7GLMFfNvH9jmQYvp7PxJLRPoYiiCHf
BGmh0i48l6llkTCWEj3QmEW0GPamTXPYTblHnMGFMZ6zmTV2U636j8yw1aiwQXGq
0+EmfJoq/yKxtqdlgtC0kPR49bFt2qMk6FhtGqJIYmf6NBz96bdNLyTmQoGFNQ7z
54sdQI9P3r2FEYWB/f5ahA3qgnPlH06QroRYQWau9f+E3VQY1VVucfGCoNepQEOq
G5wio0znyOjPokxcPSxp4OCdTcU5B2nSZUAZHw10boynff4qJhx4v78YqHWpRnYL
G/qVV7BYQ3eW3gbymYFw5tSJXtX9dGbymYhbVM4OTch2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:23 2025 by rpki-client