Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/PVU2d8eujH0BryRnJh6bNlXuJto.roa
File: PVU2d8eujH0BryRnJh6bNlXuJto.roa (raw, json)
Hash identifier: GOGstLByZJaM35VfCpgooWMpl9cn26V2jbHGfRslTdY=
Subject key identifier: 3D:55:36:77:C7:AE:8C:7D:01:AF:24:67:26:1E:9B:36:55:EE:26:DA
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 01856C1C827AD6B41A0CD229C8ABB445BD34
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/PVU2d8eujH0BryRnJh6bNlXuJto.roa
Signing time: Sun 01 Jan 2023 06:54:45 +0000
ROA not before: Sun 01 Jan 2023 06:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42599
IP address blocks: 2.59.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:82:7a:d6:b4:1a:0c:d2:29:c8:ab:b4:45:bd:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Jan 1 06:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d553677c7ae8c7d01af2467261e9b3655ee26da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:41:e7:7c:d8:9a:de:6f:85:45:46:3e:31:21:
ce:ab:a3:75:6c:5c:23:24:a2:f0:b8:c6:06:28:84:
93:5c:5c:55:2d:cc:72:44:4c:1d:13:8d:1c:2b:77:
16:b1:08:b8:4c:12:65:ee:33:9c:28:92:27:a3:ec:
f1:eb:67:15:73:85:ae:fd:08:3b:9c:06:e9:a3:85:
5b:54:d8:cc:6d:b0:46:ef:a5:f1:4a:53:da:9e:c2:
50:20:4a:5c:00:aa:e9:9c:f8:11:c7:3a:84:a4:88:
c4:0a:ab:6c:f2:02:7a:45:74:1b:61:c3:2b:55:fb:
a4:9f:94:48:a0:4c:d7:1b:08:77:56:b8:29:7f:f9:
03:26:cd:f8:e8:ed:e9:5d:81:3c:e4:2a:ed:12:b4:
77:2f:ae:10:01:f3:fe:b9:ba:5f:96:00:6e:9e:9f:
07:74:db:13:a7:fb:90:4d:82:de:18:e9:b0:24:a5:
6b:73:fc:67:af:cb:e3:d2:82:13:38:cc:0f:95:4d:
6d:11:82:2c:b5:17:d0:1d:fa:15:2f:1b:07:55:ad:
67:fa:49:6b:8e:52:53:f9:ad:53:d3:e6:17:0f:a6:
0f:d1:7a:fc:37:ed:1e:6f:bf:ad:d3:90:1b:43:a3:
7a:50:b2:d0:3f:84:b7:ed:20:1e:b4:5c:ad:57:af:
f0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:55:36:77:C7:AE:8C:7D:01:AF:24:67:26:1E:9B:36:55:EE:26:DA
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/PVU2d8eujH0BryRnJh6bNlXuJto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.13.0/24
Signature Algorithm: sha256WithRSAEncryption
16:2d:50:01:53:f9:e5:ec:17:91:bc:0d:c0:a7:ad:c3:f8:a7:
6b:3a:ff:21:b4:01:12:c9:c6:c4:c9:fc:92:3f:d0:0a:13:20:
5a:08:a1:54:6b:3d:2f:28:55:45:2a:1f:79:74:67:60:9d:73:
1c:ad:11:a4:d3:e9:2e:70:f5:82:db:28:8d:7b:f0:0a:81:12:
24:59:1e:f7:0c:b5:d5:ae:10:f9:c7:f5:5c:63:f5:64:2e:a2:
09:a6:16:8a:1f:28:c4:90:5d:a2:90:16:e1:4e:ae:59:e1:eb:
97:93:dc:ef:d5:4a:73:99:ae:c3:41:a2:18:bd:29:b2:38:01:
b7:a9:32:90:de:e6:82:d3:9c:82:3d:28:5e:7d:fb:6a:35:31:
f6:b0:0f:76:df:cc:63:64:ab:28:c8:15:f3:94:0c:4b:06:1b:
fb:ee:fa:90:50:bb:b9:44:db:88:de:31:b8:af:05:55:a4:10:
97:24:0e:c7:ea:0e:d4:bb:47:e7:86:4a:29:78:57:2b:0b:32:
91:af:4a:11:2b:3f:2a:b7:61:79:1d:58:e6:b4:88:2d:fe:6d:
d0:15:c1:81:6e:a0:8f:0f:34:c1:1a:fc:83:b0:d7:40:c2:e1:
57:ba:5f:f9:b7:88:b2:7d:2a:01:52:ca:c4:ec:ed:28:f3:47:
0a:1f:0a:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHIJ61rQaDNIpyKu0Rb00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjMwMTAxMDY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDU1MzY3N2M3YWU4YzdkMDFhZjI0NjcyNjFlOWIzNjU1ZWUyNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUHnfNia3m+FRUY+MSHOq6N1bFwj
JKLwuMYGKISTXFxVLcxyREwdE40cK3cWsQi4TBJl7jOcKJIno+zx62cVc4Wu/Qg7
nAbpo4VbVNjMbbBG76XxSlPansJQIEpcAKrpnPgRxzqEpIjECqts8gJ6RXQbYcMr
Vfukn5RIoEzXGwh3Vrgpf/kDJs346O3pXYE85CrtErR3L64QAfP+ubpflgBunp8H
dNsTp/uQTYLeGOmwJKVrc/xnr8vj0oITOMwPlU1tEYIstRfQHfoVLxsHVa1n+klr
jlJT+a1T0+YXD6YP0Xr8N+0eb7+t05AbQ6N6ULLQP4S37SAetFytV6/wEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1VNnfHrox9Aa8kZyYemzZV7ibaMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvUFZVMmQ4ZXVqSDBCcnlSbkpoNmJObFh1SnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjsNMA0G
CSqGSIb3DQEBCwUAA4IBAQAWLVABU/nl7BeRvA3Ap63D+KdrOv8htAESycbEyfyS
P9AKEyBaCKFUaz0vKFVFKh95dGdgnXMcrRGk0+kucPWC2yiNe/AKgRIkWR73DLXV
rhD5x/VcY/VkLqIJphaKHyjEkF2ikBbhTq5Z4euXk9zv1Upzma7DQaIYvSmyOAG3
qTKQ3uaC05yCPShefftqNTH2sA9238xjZKsoyBXzlAxLBhv77vqQULu5RNuI3jG4
rwVVpBCXJA7H6g7Uu0fnhkopeFcrCzKRr0oRKz8qt2F5HVjmtIgt/m3QFcGBbqCP
DzTBGvyDsNdAwuFXul/5t4iyfSoBUsrE7O0o80cKHwr9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:50 2025 by rpki-client