Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/cp4JIWKa-5IQUZprKwrj9WKKFCc.roa
File: cp4JIWKa-5IQUZprKwrj9WKKFCc.roa (raw, json)
Hash identifier: 45SFNRdmV4WXkzFuIiAmLDKNaIbHdUbZ4/EgrJpcD+Q=
Subject key identifier: 72:9E:09:21:62:9A:FB:92:10:51:9A:6B:2B:0A:E3:F5:62:8A:14:27
Certificate issuer: /CN=6eef3973d6e07681419bae867bd514545e7df5da
Certificate serial: 0189744290A0EAFCF6E069211025FEAA4C43
Authority key identifier: 6E:EF:39:73:D6:E0:76:81:41:9B:AE:86:7B:D5:14:54:5E:7D:F5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bu85c9bgdoFBm66Ge9UUVF599do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/cp4JIWKa-5IQUZprKwrj9WKKFCc.roa
Signing time: Thu 20 Jul 2023 17:04:26 +0000
ROA not before: Thu 20 Jul 2023 17:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 2.58.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:42:90:a0:ea:fc:f6:e0:69:21:10:25:fe:aa:4c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eef3973d6e07681419bae867bd514545e7df5da
Validity
Not Before: Jul 20 17:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=729e0921629afb9210519a6b2b0ae3f5628a1427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ac:2e:8e:f4:33:cc:d0:ab:f2:1e:64:00:7b:
af:85:6a:63:ad:b3:be:a4:7d:de:74:15:87:03:d4:
41:af:96:b2:4b:76:00:c0:67:81:81:a8:e5:1e:b5:
87:83:d9:18:35:9f:6a:7c:c1:af:63:5f:52:17:13:
7a:27:e7:df:89:47:41:d8:ca:8a:18:e6:ba:3e:04:
4f:9d:d7:21:1d:ca:24:e9:3d:c0:a8:8e:43:ed:87:
48:34:d8:bd:93:d4:f3:b1:ed:e8:40:be:2c:4c:d3:
73:5a:d0:4b:91:3a:71:6a:14:96:38:23:4c:6b:29:
bf:dd:b2:cb:d8:ba:07:d3:24:4b:7d:2a:0a:ff:cc:
da:60:dd:69:80:78:a5:d1:a0:49:70:43:e2:8e:9e:
2b:be:e1:66:03:4a:63:e6:02:13:91:85:18:b7:3a:
3d:7a:a2:61:ab:39:a9:36:3e:91:1f:e2:dd:c8:58:
e7:00:3f:85:41:54:30:58:e6:9f:10:3f:62:5c:f6:
c0:a0:f4:92:27:04:1c:8a:93:16:63:d0:17:94:16:
9b:1c:b7:af:45:ca:24:3c:e4:c9:37:47:c9:38:6e:
60:d0:e6:27:6d:4d:94:5b:64:5a:4a:cf:76:ce:19:
29:81:45:18:7a:80:42:3d:d3:58:3f:b8:dd:1a:d1:
c2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9E:09:21:62:9A:FB:92:10:51:9A:6B:2B:0A:E3:F5:62:8A:14:27
X509v3 Authority Key Identifier:
keyid:6E:EF:39:73:D6:E0:76:81:41:9B:AE:86:7B:D5:14:54:5E:7D:F5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bu85c9bgdoFBm66Ge9UUVF599do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/cp4JIWKa-5IQUZprKwrj9WKKFCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/bu85c9bgdoFBm66Ge9UUVF599do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.102.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9d:dd:93:d1:48:47:9c:ad:0a:52:3d:92:37:b4:69:45:a0:
03:0d:3b:2c:96:aa:2a:5c:51:78:fc:e3:2e:44:0e:1e:8b:db:
7a:fc:ac:3b:48:aa:51:63:59:99:5f:1d:a1:9b:d2:7b:c6:c4:
a1:83:b1:ed:b8:3c:a6:f5:7d:1a:d6:b8:76:c4:25:dc:53:50:
44:d1:ef:26:49:26:4d:33:80:b8:45:6a:f2:17:e3:5d:b7:b2:
b4:b5:19:cf:b0:bc:1c:34:a1:98:a9:c5:1e:70:34:e4:05:55:
a4:bd:f6:e9:a7:98:28:4a:a6:35:e1:83:8f:e8:72:93:f7:e3:
2f:7a:2d:a8:72:fe:82:84:53:a1:ff:5b:80:1f:97:f6:36:64:
67:12:ee:90:69:13:ea:31:d1:d9:58:65:ac:af:a2:00:c8:e6:
84:64:5b:ad:36:33:a3:48:72:12:f6:8b:d1:9a:e8:f8:79:84:
20:91:2b:5f:01:c6:ef:d3:1a:a2:14:01:73:0a:a0:4d:9c:8a:
d1:83:16:d2:8a:4b:8a:0f:94:fb:ef:7a:a7:b1:47:f5:62:a6:
c5:fa:1e:e5:9c:ce:a5:00:a2:39:29:8c:28:97:f8:e6:9e:d9:
d9:bb:e9:57:14:f6:89:c1:6e:c8:14:f3:c5:eb:c8:94:9b:7e:
e5:17:c3:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0QpCg6vz24GkhECX+qkxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZWYzOTczZDZlMDc2ODE0MTliYWU4NjdiZDUxNDU0NWU3
ZGY1ZGEwHhcNMjMwNzIwMTcwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjllMDkyMTYyOWFmYjkyMTA1MTlhNmIyYjBhZTNmNTYyOGExNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6wujvQzzNCr8h5kAHuvhWpjrbO+
pH3edBWHA9RBr5ayS3YAwGeBgajlHrWHg9kYNZ9qfMGvY19SFxN6J+ffiUdB2MqK
GOa6PgRPndchHcok6T3AqI5D7YdINNi9k9Tzse3oQL4sTNNzWtBLkTpxahSWOCNM
aym/3bLL2LoH0yRLfSoK/8zaYN1pgHil0aBJcEPijp4rvuFmA0pj5gITkYUYtzo9
eqJhqzmpNj6RH+LdyFjnAD+FQVQwWOafED9iXPbAoPSSJwQcipMWY9AXlBabHLev
RcokPOTJN0fJOG5g0OYnbU2UW2RaSs92zhkpgUUYeoBCPdNYP7jdGtHCWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKeCSFimvuSEFGaaysK4/ViihQnMB8GA1UdIwQY
MBaAFG7vOXPW4HaBQZuuhnvVFFReffXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnU4NWM5Ymdkb0ZCbTY2R2U5VVVWRjU5OWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8wODc1MTMtZDJkNi00M2M2LTliNzkt
MjJmMGFhYTgxMzI3LzEvY3A0SklXS2EtNUlRVVpwckt3cmo5V0tLRkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8wODc1MTMtZDJkNi00M2M2LTliNzktMjJmMGFhYTgxMzI3
LzEvYnU4NWM5Ymdkb0ZCbTY2R2U5VVVWRjU5OWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpmMA0G
CSqGSIb3DQEBCwUAA4IBAQCXnd2T0UhHnK0KUj2SN7RpRaADDTsslqoqXFF4/OMu
RA4ei9t6/Kw7SKpRY1mZXx2hm9J7xsShg7HtuDym9X0a1rh2xCXcU1BE0e8mSSZN
M4C4RWryF+Ndt7K0tRnPsLwcNKGYqcUecDTkBVWkvfbpp5goSqY14YOP6HKT9+Mv
ei2ocv6ChFOh/1uAH5f2NmRnEu6QaRPqMdHZWGWsr6IAyOaEZFutNjOjSHIS9ovR
muj4eYQgkStfAcbv0xqiFAFzCqBNnIrRgxbSikuKD5T773qnsUf1YqbF+h7lnM6l
AKI5KYwol/jmntnZu+lXFPaJwW7IFPPF68iUm37lF8Nc
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:56:56 2025 by rpki-client