Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/SrcdxyJ0JZuL4dn03xpqytUCavM.roa
File: SrcdxyJ0JZuL4dn03xpqytUCavM.roa (raw, json)
Hash identifier: sKo50FTNSl2LmJA38jMh+2nrSvuL9ngdxskfMLDfAjg=
Subject key identifier: 4A:B7:1D:C7:22:74:25:9B:8B:E1:D9:F4:DF:1A:6A:CA:D5:02:6A:F3
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018570CBD20FCC37E67D7BB5DB1A058AB8F2
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/SrcdxyJ0JZuL4dn03xpqytUCavM.roa
Signing time: Mon 02 Jan 2023 04:44:43 +0000
ROA not before: Mon 02 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d2:0f:cc:37:e6:7d:7b:b5:db:1a:05:8a:b8:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ab71dc72274259b8be1d9f4df1a6acad5026af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:ff:bf:b4:36:bf:ee:f1:ac:a9:6e:fc:54:
80:6e:a8:50:52:ee:24:48:d2:cf:a8:a9:ad:d2:d1:
c4:bb:46:91:79:c3:4b:8e:63:84:a8:3b:a7:cf:8c:
87:15:84:c9:e5:fc:c4:71:bb:75:06:0a:65:42:bf:
d3:b1:a7:95:41:f0:6a:1b:a7:42:da:68:81:4e:19:
01:c2:bb:80:1c:e7:c8:b5:3f:4f:f2:c8:5d:9b:5b:
10:ac:4d:79:22:74:3b:28:5c:a6:bd:a5:d9:ee:c0:
e5:a2:a8:b5:35:e3:e2:a9:35:52:8c:86:82:34:88:
52:9f:0f:1d:58:dc:f2:2d:11:25:1b:58:85:d8:45:
8f:5f:07:c7:ef:0f:0f:70:c7:26:11:e8:a5:f8:54:
02:95:f5:e1:68:18:e9:ab:49:24:bb:12:5a:fb:29:
6b:54:f3:80:d7:f6:ff:0b:66:4b:23:07:75:19:0c:
a7:9d:b6:00:9a:d6:7a:5d:bb:96:cb:78:24:46:a2:
1b:90:0b:00:6a:f1:eb:49:b0:f2:52:3d:12:46:8e:
a3:43:96:b8:a9:67:82:32:aa:c0:f3:26:e4:27:5c:
1b:80:02:7a:d2:26:66:ec:c8:11:dc:93:52:b7:35:
1c:6d:63:3e:a1:22:f0:8d:0f:0f:83:32:e2:ff:d7:
49:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B7:1D:C7:22:74:25:9B:8B:E1:D9:F4:DF:1A:6A:CA:D5:02:6A:F3
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/SrcdxyJ0JZuL4dn03xpqytUCavM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.255.190.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:93:6f:9d:70:f1:67:2b:57:1f:30:64:60:04:ef:64:c7:20:
96:6d:45:8a:82:1d:4a:b7:2e:d3:ce:fe:64:09:5c:06:50:c3:
7e:bd:33:65:02:d1:82:0c:03:64:4c:51:5d:34:e1:09:fb:5e:
15:92:d2:a0:9a:b8:47:0b:25:9b:47:c5:6c:4d:9e:85:bf:6c:
7d:cb:ff:d7:60:7f:1a:d6:36:94:af:d4:14:9b:0f:2c:bf:dd:
1b:64:9b:83:0f:a5:a3:19:ea:19:14:ee:a7:49:5f:6c:b0:92:
08:8b:fe:fd:a3:0c:ac:4b:80:ae:46:6c:aa:d8:af:97:f0:2a:
22:b3:1c:5d:7d:1f:99:8a:2d:b7:61:b4:04:01:42:99:e6:83:
a7:a3:87:65:58:89:5c:ce:bb:8d:78:75:21:d6:89:3c:96:71:
34:8c:60:21:0a:c2:7a:0e:5a:19:aa:be:88:ea:0a:a4:d0:31:
86:2e:e4:66:48:7d:77:c5:fa:3f:5d:6f:05:7c:2c:60:1a:6e:
5d:a4:e0:51:7d:09:32:42:c2:06:6e:c3:42:7f:48:b4:74:cf:
ff:0e:dd:29:94:ea:18:1e:9e:03:8a:31:36:31:e1:a3:f1:62:
a8:e1:5e:5c:ae:c8:f0:92:87:ee:e9:e4:e4:96:6b:23:66:94:
9e:45:ac:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9IPzDfmfXu12xoFirjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTAyMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWI3MWRjNzIyNzQyNTliOGJlMWQ5ZjRkZjFhNmFjYWQ1MDI2YWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvz/v7Q2v+7xrKlu/FSAbqhQUu4k
SNLPqKmt0tHEu0aRecNLjmOEqDunz4yHFYTJ5fzEcbt1BgplQr/TsaeVQfBqG6dC
2miBThkBwruAHOfItT9P8shdm1sQrE15InQ7KFymvaXZ7sDloqi1NePiqTVSjIaC
NIhSnw8dWNzyLRElG1iF2EWPXwfH7w8PcMcmEeil+FQClfXhaBjpq0kkuxJa+ylr
VPOA1/b/C2ZLIwd1GQynnbYAmtZ6XbuWy3gkRqIbkAsAavHrSbDyUj0SRo6jQ5a4
qWeCMqrA8ybkJ1wbgAJ60iZm7MgR3JNStzUcbWM+oSLwjQ8PgzLi/9dJ3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEq3HccidCWbi+HZ9N8aasrVAmrzMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvU3JjZHh5SjBKWnVMNGRuMDN4cHF5dFVDYXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAv++MA0G
CSqGSIb3DQEBCwUAA4IBAQBMk2+dcPFnK1cfMGRgBO9kxyCWbUWKgh1Kty7Tzv5k
CVwGUMN+vTNlAtGCDANkTFFdNOEJ+14VktKgmrhHCyWbR8VsTZ6Fv2x9y//XYH8a
1jaUr9QUmw8sv90bZJuDD6WjGeoZFO6nSV9ssJIIi/79owysS4CuRmyq2K+X8Coi
sxxdfR+Zii23YbQEAUKZ5oOno4dlWIlczruNeHUh1ok8lnE0jGAhCsJ6DloZqr6I
6gqk0DGGLuRmSH13xfo/XW8FfCxgGm5dpOBRfQkyQsIGbsNCf0i0dM//Dt0plOoY
Hp4DijE2MeGj8WKo4V5crsjwkofu6eTklmsjZpSeRazF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:43 2025 by rpki-client