Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/59GZ_rkdr63cg6vy8Go9PnKDwWs.roa
File: 59GZ_rkdr63cg6vy8Go9PnKDwWs.roa (raw, json)
Hash identifier: m6t1U9c5193RCrWD1Oync+9S5PCTyryi9AIUBysnvnQ=
Subject key identifier: E7:D1:99:FE:B9:1D:AF:AD:DC:83:AB:F2:F0:6A:3D:3E:72:83:C1:6B
Certificate issuer: /CN=fb70de840fd6bf4b0afd1274e44efd1b8665762c
Certificate serial: 018572DF11662367F38038E0E2443686AC3D
Authority key identifier: FB:70:DE:84:0F:D6:BF:4B:0A:FD:12:74:E4:4E:FD:1B:86:65:76:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/59GZ_rkdr63cg6vy8Go9PnKDwWs.roa
Signing time: Mon 02 Jan 2023 14:24:59 +0000
ROA not before: Mon 02 Jan 2023 14:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 46.254.111.0/24 maxlen: 24
2a11:c900::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:11:66:23:67:f3:80:38:e0:e2:44:36:86:ac:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb70de840fd6bf4b0afd1274e44efd1b8665762c
Validity
Not Before: Jan 2 14:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7d199feb91dafaddc83abf2f06a3d3e7283c16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:76:25:c8:47:4e:26:91:d5:ef:e6:45:b2:b1:
24:1d:97:de:e2:22:06:d4:55:cc:4d:c1:a7:6e:6d:
eb:a3:66:e3:66:8c:83:07:da:b5:4c:60:80:e4:80:
7f:fb:84:f2:77:6c:61:b9:1a:6f:c3:f3:43:8b:45:
d9:d2:ec:e5:29:78:31:1f:82:6f:97:67:a1:68:3f:
3a:59:34:d6:14:29:d2:7d:89:83:81:1c:ac:80:93:
f5:c1:56:87:67:b2:f7:e8:c7:af:6c:da:4f:56:f9:
51:9d:23:ad:74:5e:d5:35:d2:7a:6c:9d:4f:f1:7c:
c5:b9:c8:0f:4f:49:03:90:8b:de:b4:6f:a2:31:06:
4f:93:2c:dc:c7:02:39:98:e2:8a:7e:b0:29:db:e4:
c9:d5:4e:ab:51:43:dc:5c:04:dd:26:99:c6:f6:5c:
b1:4b:84:63:1d:82:3a:b1:65:b3:93:d1:4a:35:51:
df:58:76:8b:83:33:00:f8:b6:c4:9c:0b:19:fc:b8:
27:2e:ca:18:64:aa:64:4f:41:df:cb:bd:53:16:6f:
89:43:1d:36:26:8d:29:32:dc:15:cb:a7:08:83:41:
fa:6d:92:26:a1:6e:ad:67:f0:15:44:62:6f:e2:ec:
66:20:54:b9:bb:79:7c:90:17:aa:8a:71:70:1a:ac:
b2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D1:99:FE:B9:1D:AF:AD:DC:83:AB:F2:F0:6A:3D:3E:72:83:C1:6B
X509v3 Authority Key Identifier:
keyid:FB:70:DE:84:0F:D6:BF:4B:0A:FD:12:74:E4:4E:FD:1B:86:65:76:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/59GZ_rkdr63cg6vy8Go9PnKDwWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/1-3DehA_Wv0sK_RJ05E79G4Zldiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.111.0/24
IPv6:
2a11:c900::/29
Signature Algorithm: sha256WithRSAEncryption
40:dd:8c:77:c2:59:50:f1:46:31:52:79:13:15:b2:be:cb:ec:
80:d5:af:d1:84:19:ef:e6:5c:4d:b0:8b:b9:d6:bc:a7:bf:0e:
27:bd:d7:0d:55:56:d6:e3:e8:01:b1:b9:a3:61:1f:77:ad:7d:
80:bb:b9:51:d2:80:59:1b:0b:6c:ee:1f:45:e8:21:1e:d5:36:
8c:4d:15:35:e4:68:93:88:6a:a3:8a:55:c1:d7:92:1b:e3:17:
1b:9a:b4:f6:28:33:8a:6e:76:d1:5a:ee:29:b4:49:90:3c:13:
46:9a:95:c7:d2:2f:76:71:f2:4e:af:1c:da:3a:51:c2:ef:af:
44:33:bf:11:7d:cf:15:08:af:f8:0a:16:37:30:2c:c6:35:c6:
cf:92:a0:9a:b8:3d:86:75:03:7d:71:33:f5:d6:e9:c9:04:76:
c5:c4:8a:a6:6b:76:15:67:80:ca:cf:7a:0d:71:8b:65:2b:e8:
07:10:f7:6e:66:b9:8d:70:fc:d0:b2:5d:89:e5:0c:da:7e:d1:
9b:69:35:92:31:c9:f2:af:cb:c6:6e:17:9d:39:de:6d:4f:73:
85:55:80:26:a4:4c:7f:21:91:ce:87:f8:ce:97:a5:85:dd:59:
3b:42:66:de:a1:d5:f5:a2:be:83:d2:da:d0:fe:99:2f:3c:cd:
57:de:5e:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVy3xFmI2fzgDjg4kQ2hqw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzBkZTg0MGZkNmJmNGIwYWZkMTI3NGU0NGVmZDFiODY2
NTc2MmMwHhcNMjMwMTAyMTQyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QxOTlmZWI5MWRhZmFkZGM4M2FiZjJmMDZhM2QzZTcyODNjMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHYlyEdOJpHV7+ZFsrEkHZfe4iIG
1FXMTcGnbm3ro2bjZoyDB9q1TGCA5IB/+4Tyd2xhuRpvw/NDi0XZ0uzlKXgxH4Jv
l2ehaD86WTTWFCnSfYmDgRysgJP1wVaHZ7L36MevbNpPVvlRnSOtdF7VNdJ6bJ1P
8XzFucgPT0kDkIvetG+iMQZPkyzcxwI5mOKKfrAp2+TJ1U6rUUPcXATdJpnG9lyx
S4RjHYI6sWWzk9FKNVHfWHaLgzMA+LbEnAsZ/LgnLsoYZKpkT0Hfy71TFm+JQx02
Jo0pMtwVy6cIg0H6bZImoW6tZ/AVRGJv4uxmIFS5u3l8kBeqinFwGqyyEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOfRmf65Ha+t3IOr8vBqPT5yg8FrMB8GA1UdIwQY
MBaAFPtw3oQP1r9LCv0SdORO/RuGZXYsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zRGVoQV9XdjBzS19SSjA1RTc5RzRabGRpdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvOWEzZWFjLWY4NjItNDc4OS1hYzIx
LWQ5NDQ0YTNkMGNlMC8xLzU5R1pfcmtkcjYzY2c2dnk4R285UG5LRHdXcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGEvOWEzZWFjLWY4NjItNDc4OS1hYzIxLWQ5NDQ0YTNkMGNl
MC8xLzEtM0RlaEFfV3Ywc0tfUkowNUU3OUc0WmxkaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAAu/m8w
DQQCAAIwBwMFAyoRyQAwDQYJKoZIhvcNAQELBQADggEBAEDdjHfCWVDxRjFSeRMV
sr7L7IDVr9GEGe/mXE2wi7nWvKe/Die91w1VVtbj6AGxuaNhH3etfYC7uVHSgFkb
C2zuH0XoIR7VNoxNFTXkaJOIaqOKVcHXkhvjFxuatPYoM4pudtFa7im0SZA8E0aa
lcfSL3Zx8k6vHNo6UcLvr0QzvxF9zxUIr/gKFjcwLMY1xs+SoJq4PYZ1A31xM/XW
6ckEdsXEiqZrdhVngMrPeg1xi2Ur6AcQ925muY1w/NCyXYnlDNp+0ZtpNZIxyfKv
y8ZuF5053m1Pc4VVgCakTH8hkc6H+M6XpYXdWTtCZt6h1fWivoPS2tD+mS88zVfe
Xgk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:49 2025 by rpki-client