Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/zVkWEKna9KxuiN-fjTfuQ9Zch1A.roa
File: zVkWEKna9KxuiN-fjTfuQ9Zch1A.roa (raw, json)
Hash identifier: +XK5HT73NWj+EKnAh5s/jaYgW7Og44RoxADrXb6UIVM=
Subject key identifier: CD:59:16:10:A9:DA:F4:AC:6E:88:DF:9F:8D:37:EE:43:D6:5C:87:50
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 01856E6FACDEC9058B55B1D9D913CD94850B
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/zVkWEKna9KxuiN-fjTfuQ9Zch1A.roa
Signing time: Sun 01 Jan 2023 17:44:50 +0000
ROA not before: Sun 01 Jan 2023 17:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59494
IP address blocks: 5.59.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:ac:de:c9:05:8b:55:b1:d9:d9:13:cd:94:85:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 1 17:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd591610a9daf4ac6e88df9f8d37ee43d65c8750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:8a:18:cd:fd:ef:e9:9d:e9:77:de:af:00:
5a:ff:03:6c:6d:0c:28:a3:54:b2:d9:1b:57:ef:ef:
41:a1:0d:af:14:da:4a:02:21:67:86:ec:bf:a9:45:
2b:85:51:22:d5:a8:9e:69:54:d7:93:3a:82:1d:e6:
32:de:7f:13:67:5d:96:1a:1a:01:9c:b5:3f:85:af:
02:ab:9a:2a:f2:65:48:e9:d6:d4:aa:b0:03:30:4d:
53:46:25:f5:ad:29:03:2c:cd:ed:4c:a0:e8:8c:c3:
4d:ae:9f:37:fb:21:d3:ab:eb:66:5d:9e:a5:cc:26:
cd:37:9b:63:d1:97:5b:45:3c:43:78:45:a7:4c:eb:
d9:ff:d9:70:35:3a:da:7e:2f:3d:80:36:b9:92:c3:
92:a7:cf:73:9c:39:d2:d5:2b:d7:78:39:94:48:bd:
29:f4:a0:cc:47:87:d1:d9:1e:1a:b1:37:cb:db:c7:
39:74:76:99:69:fa:e1:7d:18:c1:62:a9:29:50:c0:
ce:39:99:ff:bb:51:fb:a2:96:03:3b:07:8e:3a:55:
f6:9a:02:51:45:7e:63:46:74:d8:cd:e0:cf:81:58:
f5:c6:72:b7:a0:64:dd:f6:fe:51:fa:4d:94:14:51:
0f:ec:b6:df:9c:60:b4:e3:d7:e0:a2:06:02:73:91:
f5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:59:16:10:A9:DA:F4:AC:6E:88:DF:9F:8D:37:EE:43:D6:5C:87:50
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/zVkWEKna9KxuiN-fjTfuQ9Zch1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.44.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:9d:f7:50:7e:c5:89:25:99:61:d3:ed:c1:81:11:21:b9:db:
5d:13:93:2b:f6:ab:ff:df:61:3d:47:f7:57:8d:33:24:f6:53:
8a:48:31:b4:88:ca:f1:05:df:9d:db:7a:02:c7:15:b5:6d:6d:
d9:0a:c0:77:92:bd:a6:e4:11:8c:74:e9:e9:e8:37:d5:ee:d3:
d5:a5:f2:dd:50:9b:4d:28:ae:8f:ec:9f:dc:e2:13:78:b6:74:
4b:40:d5:77:74:f2:20:43:30:36:dd:70:05:ef:b9:37:5e:9b:
20:07:2f:bd:ef:d9:fa:3d:86:fd:de:7c:11:d1:46:6d:34:b8:
61:ce:85:3b:28:ad:6e:b6:20:99:a9:3b:79:65:6f:54:e4:c7:
77:fc:83:29:80:9e:ff:2c:b5:bf:23:cd:f1:68:4a:a1:11:23:
6c:d7:29:95:22:74:83:48:0e:a0:15:6c:a1:8a:14:d0:3b:8f:
62:7c:b9:86:c4:7b:81:b1:ea:8b:60:96:fc:17:f7:26:64:a3:
77:cf:e5:cc:7d:f0:04:dc:4f:5e:40:ad:2c:b0:e2:e1:51:5e:
2a:49:8e:f7:8c:93:24:f2:06:d1:04:ac:9c:8e:d4:97:bb:e4:
e1:91:80:9a:0f:90:f3:54:83:02:48:bc:d8:9f:9c:3e:ac:28:
de:37:45:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub6zeyQWLVbHZ2RPNlIULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjMwMTAxMTc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU5MTYxMGE5ZGFmNGFjNmU4OGRmOWY4ZDM3ZWU0M2Q2NWM4NzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2WKGM397+md6XferwBa/wNsbQwo
o1Sy2RtX7+9BoQ2vFNpKAiFnhuy/qUUrhVEi1aieaVTXkzqCHeYy3n8TZ12WGhoB
nLU/ha8Cq5oq8mVI6dbUqrADME1TRiX1rSkDLM3tTKDojMNNrp83+yHTq+tmXZ6l
zCbNN5tj0ZdbRTxDeEWnTOvZ/9lwNTrafi89gDa5ksOSp89znDnS1SvXeDmUSL0p
9KDMR4fR2R4asTfL28c5dHaZafrhfRjBYqkpUMDOOZn/u1H7opYDOweOOlX2mgJR
RX5jRnTYzeDPgVj1xnK3oGTd9v5R+k2UFFEP7LbfnGC049fgogYCc5H1eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1ZFhCp2vSsbojfn4037kPWXIdQMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvelZrV0VLbmE5S3h1aU4tZmpUZnVROVpjaDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBTssMA0G
CSqGSIb3DQEBCwUAA4IBAQCnnfdQfsWJJZlh0+3BgREhudtdE5Mr9qv/32E9R/dX
jTMk9lOKSDG0iMrxBd+d23oCxxW1bW3ZCsB3kr2m5BGMdOnp6DfV7tPVpfLdUJtN
KK6P7J/c4hN4tnRLQNV3dPIgQzA23XAF77k3XpsgBy+979n6PYb93nwR0UZtNLhh
zoU7KK1utiCZqTt5ZW9U5Md3/IMpgJ7/LLW/I83xaEqhESNs1ymVInSDSA6gFWyh
ihTQO49ifLmGxHuBseqLYJb8F/cmZKN3z+XMffAE3E9eQK0ssOLhUV4qSY73jJMk
8gbRBKycjtSXu+ThkYCaD5DzVIMCSLzYn5w+rCjeN0Xd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:40 2025 by rpki-client