Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Ax5Hj9LWEdASKwHVoLswG5U9jPI.roa
File: Ax5Hj9LWEdASKwHVoLswG5U9jPI.roa (raw, json)
Hash identifier: aU5FHoiizl9MntwtfVD3b97DexaZ2p+DImkOTke4v6c=
Subject key identifier: 03:1E:47:8F:D2:D6:11:D0:12:2B:01:D5:A0:BB:30:1B:95:3D:8C:F2
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018501874513A8D6F95C636B490C1FD684B2
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Ax5Hj9LWEdASKwHVoLswG5U9jPI.roa
Signing time: Sun 11 Dec 2022 14:12:00 +0000
ROA not before: Sun 11 Dec 2022 14:12:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 2.58.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:87:45:13:a8:d6:f9:5c:63:6b:49:0c:1f:d6:84:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Dec 11 14:12:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=031e478fd2d611d0122b01d5a0bb301b953d8cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8f:90:ca:14:7a:ac:b6:ae:8b:a7:09:51:9e:
e0:df:0e:79:1a:8e:21:6e:7b:4e:29:d9:a7:cf:1a:
ca:87:f3:f7:40:c6:38:aa:ef:d3:d4:5f:6f:55:36:
25:ce:4b:72:be:79:d7:1c:32:95:fa:0f:59:db:e6:
a8:6a:bd:26:36:65:f9:12:d7:52:13:2c:14:36:7b:
3a:63:c4:75:b0:4d:47:fe:7d:4c:64:8c:0d:88:7c:
15:d1:3c:23:7f:2a:1d:66:64:3c:41:2b:de:e6:db:
b6:85:d5:f9:07:2b:15:b1:d8:7a:16:78:70:d9:72:
bf:b8:c3:b5:bc:46:42:f6:84:bb:7e:0a:14:c0:5f:
86:3f:cb:d6:91:86:d4:e7:c1:43:3f:9a:36:0b:fe:
0d:b9:f8:56:16:b7:c1:1c:44:94:1a:6a:48:77:a6:
65:32:66:e7:f0:6e:c6:42:c5:ea:db:a0:c6:75:23:
c1:74:54:ca:46:4b:1b:bb:bd:92:c2:41:e6:70:57:
cf:9d:c7:e1:b6:f9:11:95:cf:89:8b:da:2e:6e:dc:
f7:7e:c5:c4:67:8c:e3:dc:53:29:13:46:c7:d3:44:
20:e3:46:02:3f:e8:15:ed:0a:05:da:8d:cd:f0:99:
2d:ab:9d:e7:eb:d8:38:a1:ce:4f:59:ca:e4:62:3c:
86:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1E:47:8F:D2:D6:11:D0:12:2B:01:D5:A0:BB:30:1B:95:3D:8C:F2
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Ax5Hj9LWEdASKwHVoLswG5U9jPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.54.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:b0:2b:18:77:c7:4d:29:23:43:93:f6:3b:f9:28:c6:49:dd:
5c:b3:80:f7:4a:b7:3e:6b:e5:a0:06:22:d2:28:ed:6c:42:fd:
7f:ab:9c:ef:f1:cf:ae:ed:8f:a1:13:48:20:39:4e:ac:44:ed:
b1:fe:d3:00:2b:10:a2:86:35:bc:60:8f:9b:c8:21:da:cf:d3:
ea:97:ef:eb:dd:a1:f9:fa:41:69:ea:ba:b0:5a:7d:84:f6:04:
f8:eb:5a:08:7d:55:c2:b4:eb:75:66:bb:b9:e5:09:54:22:2b:
d6:88:e7:15:95:7d:30:40:91:a3:1d:35:13:61:be:7c:f0:bf:
e4:3d:3e:a5:dc:9d:4c:01:e2:0b:b0:a6:eb:84:f3:85:30:c3:
0e:66:ea:8c:27:e9:78:4e:67:fa:e1:d3:e5:b5:fc:60:6f:23:
fc:2b:45:42:41:a9:d3:fb:cf:1e:5d:77:49:6e:c5:f5:4c:e1:
62:b2:ed:af:03:45:48:e6:e4:00:51:54:48:20:a4:45:76:79:
6b:fe:c0:97:66:36:5e:43:8b:d0:ae:a6:5e:6a:51:d6:ae:6f:
32:cd:80:03:4e:65:9a:b7:46:b2:1f:70:af:a8:a8:d5:13:09:
21:cc:fc:78:a6:14:4f:53:e3:7d:96:fb:94:6e:68:41:07:59:
5d:f3:de:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUBh0UTqNb5XGNrSQwf1oSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIxMjExMTQxMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFlNDc4ZmQyZDYxMWQwMTIyYjAxZDVhMGJiMzAxYjk1M2Q4Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY+QyhR6rLaui6cJUZ7g3w55Go4h
bntOKdmnzxrKh/P3QMY4qu/T1F9vVTYlzktyvnnXHDKV+g9Z2+aoar0mNmX5EtdS
EywUNns6Y8R1sE1H/n1MZIwNiHwV0TwjfyodZmQ8QSve5tu2hdX5BysVsdh6Fnhw
2XK/uMO1vEZC9oS7fgoUwF+GP8vWkYbU58FDP5o2C/4NufhWFrfBHESUGmpId6Zl
Mmbn8G7GQsXq26DGdSPBdFTKRksbu72SwkHmcFfPncfhtvkRlc+Ji9oubtz3fsXE
Z4zj3FMpE0bH00Qg40YCP+gV7QoF2o3N8Jktq53n69g4oc5PWcrkYjyGkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMeR4/S1hHQEisB1aC7MBuVPYzyMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvQXg1SGo5TFdFZEFTS3dIVm9Mc3dHNVU5alBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjo2MA0G
CSqGSIb3DQEBCwUAA4IBAQC5sCsYd8dNKSNDk/Y7+SjGSd1cs4D3Src+a+WgBiLS
KO1sQv1/q5zv8c+u7Y+hE0ggOU6sRO2x/tMAKxCihjW8YI+byCHaz9Pql+/r3aH5
+kFp6rqwWn2E9gT461oIfVXCtOt1Zru55QlUIivWiOcVlX0wQJGjHTUTYb588L/k
PT6l3J1MAeILsKbrhPOFMMMOZuqMJ+l4Tmf64dPltfxgbyP8K0VCQanT+88eXXdJ
bsX1TOFisu2vA0VI5uQAUVRIIKRFdnlr/sCXZjZeQ4vQrqZealHWrm8yzYADTmWa
t0ayH3CvqKjVEwkhzPx4phRPU+N9lvuUbmhBB1ld896Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org