Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tD21wO1KQVb_WOieho67pFdRmCg.roa
File: tD21wO1KQVb_WOieho67pFdRmCg.roa (raw, json)
Hash identifier: CsOeEjXiRL3EDWZTpvkXNdOdtyQaZwSvOwHSyovl2dg=
Subject key identifier: B4:3D:B5:C0:ED:4A:41:56:FF:58:E8:9E:86:8E:BB:A4:57:51:98:28
Certificate issuer: /CN=b464e0af28b755c4ec88010d94298697d1883933
Certificate serial: 018963E9561AC60C27F9EBAB1E77A9229B95
Authority key identifier: B4:64:E0:AF:28:B7:55:C4:EC:88:01:0D:94:29:86:97:D1:88:39:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tD21wO1KQVb_WOieho67pFdRmCg.roa
Signing time: Mon 17 Jul 2023 12:53:03 +0000
ROA not before: Mon 17 Jul 2023 12:53:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31083
IP address blocks: 2.56.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:e9:56:1a:c6:0c:27:f9:eb:ab:1e:77:a9:22:9b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b464e0af28b755c4ec88010d94298697d1883933
Validity
Not Before: Jul 17 12:53:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b43db5c0ed4a4156ff58e89e868ebba457519828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5c:22:f7:89:0c:8c:1a:65:c8:fb:81:18:c4:
85:cc:1d:fb:32:0c:85:07:32:cc:88:fd:fd:e5:1c:
f7:31:f0:79:b6:80:0c:e7:87:f2:63:07:9b:a2:bc:
97:8d:20:9f:59:62:ac:2b:fa:da:17:3d:fa:05:15:
02:e1:2a:18:fa:9e:d7:4e:5d:af:a2:b1:12:4f:35:
0c:64:f3:aa:6a:06:61:85:3d:25:d2:d4:8e:f2:36:
c5:c6:6c:b3:98:ff:c6:d4:ff:c2:94:43:12:bc:f2:
3b:4a:54:21:74:d8:68:12:ac:45:90:5b:7b:b0:6e:
3f:35:32:7f:cf:ce:d4:42:49:2d:db:09:f6:0e:97:
9f:30:8e:43:99:ab:37:ce:ee:d0:85:45:48:a1:aa:
88:77:c2:0d:90:db:42:05:4a:a4:4b:5a:e1:da:17:
44:59:9a:f2:e3:43:b8:b8:56:cd:d1:fa:66:06:e9:
7b:e5:96:49:58:63:be:2a:74:9d:69:cd:36:80:4b:
67:9f:4f:e8:37:06:06:2c:bd:72:c2:d5:9c:25:87:
86:32:29:4e:24:3e:0e:94:21:cb:8a:1f:96:2c:e6:
27:63:e0:ea:d1:ce:55:e1:1f:11:0c:17:19:f2:2c:
18:59:b7:b5:44:c5:77:59:eb:bc:fa:c5:e0:3c:78:
f6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3D:B5:C0:ED:4A:41:56:FF:58:E8:9E:86:8E:BB:A4:57:51:98:28
X509v3 Authority Key Identifier:
keyid:B4:64:E0:AF:28:B7:55:C4:EC:88:01:0D:94:29:86:97:D1:88:39:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tD21wO1KQVb_WOieho67pFdRmCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tGTgryi3VcTsiAENlCmGl9GIOTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.15.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ab:e2:c0:90:28:d3:70:92:22:7b:84:b9:f2:ca:a1:4c:93:
da:2f:1a:ab:fe:26:46:8b:b0:4d:56:fc:2d:73:39:07:ac:96:
fd:2f:a3:35:a4:af:76:d0:b0:e3:c1:6f:2e:92:15:d6:a1:97:
e1:2e:1e:6d:d9:56:8c:59:b3:b9:d9:fe:41:93:5b:ee:06:3e:
de:d8:07:7d:33:71:17:b4:92:6f:01:d9:37:19:61:ee:ff:32:
40:14:be:4c:ad:96:af:34:89:79:27:bb:b3:41:0c:56:c1:6d:
ea:78:a7:50:b1:8f:83:52:5b:da:48:93:fe:31:5b:03:24:4e:
69:31:55:e2:f9:b5:c0:82:2e:40:b4:04:59:5b:8b:00:f4:b4:
92:cf:e9:43:99:47:62:b5:88:d2:44:9e:1a:03:df:c6:df:53:
1a:9e:18:e7:1b:2a:d6:c2:34:20:38:88:37:10:43:d2:34:13:
1b:2a:10:08:85:f2:1f:31:b3:a1:64:46:76:5f:8f:83:b9:12:
f4:ec:89:14:38:ec:bf:3b:c0:95:54:b1:77:5e:db:c2:15:a7:
20:90:56:5f:85:38:60:7b:76:1f:94:4d:aa:d4:8d:25:f9:23:
2e:f3:87:00:02:21:fd:d3:3c:60:1b:1f:cd:49:30:b6:c3:ad:
a2:00:fb:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlj6VYaxgwn+eurHnepIpuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjRlMGFmMjhiNzU1YzRlYzg4MDEwZDk0Mjk4Njk3ZDE4
ODM5MzMwHhcNMjMwNzE3MTI1MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNkYjVjMGVkNGE0MTU2ZmY1OGU4OWU4NjhlYmJhNDU3NTE5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1wi94kMjBplyPuBGMSFzB37MgyF
BzLMiP395Rz3MfB5toAM54fyYweboryXjSCfWWKsK/raFz36BRUC4SoY+p7XTl2v
orESTzUMZPOqagZhhT0l0tSO8jbFxmyzmP/G1P/ClEMSvPI7SlQhdNhoEqxFkFt7
sG4/NTJ/z87UQkkt2wn2DpefMI5Dmas3zu7QhUVIoaqId8INkNtCBUqkS1rh2hdE
WZry40O4uFbN0fpmBul75ZZJWGO+KnSdac02gEtnn0/oNwYGLL1ywtWcJYeGMilO
JD4OlCHLih+WLOYnY+Dq0c5V4R8RDBcZ8iwYWbe1RMV3Weu8+sXgPHj2VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQ9tcDtSkFW/1jonoaOu6RXUZgoMB8GA1UdIwQY
MBaAFLRk4K8ot1XE7IgBDZQphpfRiDkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdUZ3J5aTNWY1RzaUFFTmxDbUdsOUdJT1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wY2FhNmQtMTA5ZS00NWYzLWE5MzIt
NDc1YzVjOTFmNDc0LzEvdEQyMXdPMUtRVmJfV09pZWhvNjdwRmRSbUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wY2FhNmQtMTA5ZS00NWYzLWE5MzItNDc1YzVjOTFmNDc0
LzEvdEdUZ3J5aTNWY1RzaUFFTmxDbUdsOUdJT1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjgPMA0G
CSqGSIb3DQEBCwUAA4IBAQCcq+LAkCjTcJIie4S58sqhTJPaLxqr/iZGi7BNVvwt
czkHrJb9L6M1pK920LDjwW8ukhXWoZfhLh5t2VaMWbO52f5Bk1vuBj7e2Ad9M3EX
tJJvAdk3GWHu/zJAFL5MrZavNIl5J7uzQQxWwW3qeKdQsY+DUlvaSJP+MVsDJE5p
MVXi+bXAgi5AtARZW4sA9LSSz+lDmUditYjSRJ4aA9/G31ManhjnGyrWwjQgOIg3
EEPSNBMbKhAIhfIfMbOhZEZ2X4+DuRL07IkUOOy/O8CVVLF3XtvCFacgkFZfhThg
e3YflE2q1I0l+SMu84cAAiH90zxgGx/NSTC2w62iAPsV
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:50 2025 by rpki-client