Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/j-Upo58Qw38VLawEYezSSAI7G5s.roa
File: j-Upo58Qw38VLawEYezSSAI7G5s.roa (raw, json)
Hash identifier: 1ynoayw2TE25n4Fa84F1eg7b9QySbctBuk53LHrE8bM=
Subject key identifier: 8F:E5:29:A3:9F:10:C3:7F:15:2D:AC:04:61:EC:D2:48:02:3B:1B:9B
Certificate issuer: /CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Certificate serial: 018A6F51EB42D4FDA6135F4AF4029BE55CF2
Authority key identifier: E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/j-Upo58Qw38VLawEYezSSAI7G5s.roa
Signing time: Thu 07 Sep 2023 11:05:54 +0000
ROA not before: Thu 07 Sep 2023 11:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203937
IP address blocks: 2.58.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:51:eb:42:d4:fd:a6:13:5f:4a:f4:02:9b:e5:5c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Validity
Not Before: Sep 7 11:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fe529a39f10c37f152dac0461ecd248023b1b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:60:e9:08:41:3a:c0:08:68:96:9c:12:03:8f:
27:d2:2f:8a:76:e2:eb:96:d7:c4:70:62:45:56:7a:
7e:49:72:42:9c:a5:22:42:6c:ab:af:73:58:56:16:
c9:d9:79:d2:35:61:1f:ae:d3:18:ba:aa:b8:2f:27:
e8:84:56:c9:cf:8a:21:65:d4:de:e6:03:1b:f0:82:
73:f2:f7:08:eb:2d:d6:5c:51:37:fe:77:79:e6:c6:
8b:c0:bf:e1:bf:04:df:45:f3:3b:e1:bb:0c:97:e2:
81:c5:b9:0b:dd:c8:ed:f1:d7:e3:99:9a:cc:ab:b5:
87:3d:55:76:af:aa:98:bb:79:be:b0:d0:b4:98:3d:
90:b2:0b:f6:77:27:88:6a:20:ec:b7:bb:b6:09:e0:
ae:40:af:4b:ad:5b:9d:d6:24:dc:69:1d:10:bc:25:
8e:8c:28:9b:1e:11:e4:d2:17:8b:17:ac:c1:b2:94:
23:46:08:5a:f0:8c:82:39:8d:ba:92:1b:15:6e:8e:
42:82:b8:ad:1a:fa:b7:83:e2:14:6a:a4:fe:af:af:
63:11:d8:6f:39:10:75:0e:80:a8:e0:49:4d:65:58:
38:d1:99:c5:d3:d9:50:d1:de:0f:93:63:9d:3a:07:
96:72:a0:34:47:90:9b:bb:79:1c:48:fd:c2:01:01:
bc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E5:29:A3:9F:10:C3:7F:15:2D:AC:04:61:EC:D2:48:02:3B:1B:9B
X509v3 Authority Key Identifier:
keyid:E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/j-Upo58Qw38VLawEYezSSAI7G5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.217.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:9a:c1:2e:64:22:21:f0:f1:58:73:59:c8:03:90:fd:29:17:
44:61:08:28:a9:02:6d:95:46:94:8e:7a:7b:4a:b5:44:3b:27:
fb:bf:6e:d2:3b:3d:4a:f6:24:18:a1:33:9c:cf:4d:61:38:ad:
89:57:e0:2a:85:f3:42:97:97:bf:6a:9d:c9:98:ea:ef:fb:5c:
b0:5e:c9:2c:62:21:71:f8:07:d3:d9:e9:41:0b:98:e2:80:48:
71:61:4f:20:d1:06:fb:bd:7d:cc:30:70:2f:e4:e0:cb:00:94:
c5:e8:f0:fb:da:e8:61:a4:c0:4e:ad:2a:d1:c3:4b:5e:42:fc:
d5:9f:f8:8a:7f:10:33:ce:c4:2f:f0:dc:1b:fd:14:47:b9:ab:
6d:9c:da:3a:3e:5a:e3:35:64:73:81:29:e3:1d:71:21:b7:9d:
88:92:cc:9f:57:4c:43:8f:82:8b:fb:e6:b1:7a:d9:70:42:4e:
48:91:b8:20:0d:2c:32:a7:be:b4:2a:49:3a:1d:98:91:84:10:
35:fb:49:bb:57:fa:94:42:70:5b:e6:8d:4f:56:a9:34:3d:12:
58:27:c5:55:3f:94:55:a2:a6:29:4d:a4:1d:0b:d3:dd:fd:49:
34:a3:83:ff:d4:3c:cb:e9:7b:b6:06:c7:79:67:25:57:6c:68:
e7:58:88:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpvUetC1P2mE19K9AKb5VzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmU4ZWZlYzFmYjAzZDhhZjk3OWFmMWNiYTEzYTA4NDVh
N2IwYmEwHhcNMjMwOTA3MTEwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU1MjlhMzlmMTBjMzdmMTUyZGFjMDQ2MWVjZDI0ODAyM2IxYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGDpCEE6wAholpwSA48n0i+KduLr
ltfEcGJFVnp+SXJCnKUiQmyrr3NYVhbJ2XnSNWEfrtMYuqq4LyfohFbJz4ohZdTe
5gMb8IJz8vcI6y3WXFE3/nd55saLwL/hvwTfRfM74bsMl+KBxbkL3cjt8dfjmZrM
q7WHPVV2r6qYu3m+sNC0mD2Qsgv2dyeIaiDst7u2CeCuQK9LrVud1iTcaR0QvCWO
jCibHhHk0heLF6zBspQjRgha8IyCOY26khsVbo5CgritGvq3g+IUaqT+r69jEdhv
ORB1DoCo4ElNZVg40ZnF09lQ0d4Pk2OdOgeWcqA0R5Cbu3kcSP3CAQG89QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/lKaOfEMN/FS2sBGHs0kgCOxubMB8GA1UdIwQY
MBaAFOS+jv7B+wPYr5ea8cuhOghFp7C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUt
ZGZiZmEzZmNmMDIxLzEvai1VcG81OFF3MzhWTGF3RVllelNTQUk3RzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUtZGZiZmEzZmNmMDIx
LzEvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjrZMA0G
CSqGSIb3DQEBCwUAA4IBAQA8msEuZCIh8PFYc1nIA5D9KRdEYQgoqQJtlUaUjnp7
SrVEOyf7v27SOz1K9iQYoTOcz01hOK2JV+AqhfNCl5e/ap3JmOrv+1ywXsksYiFx
+AfT2elBC5jigEhxYU8g0Qb7vX3MMHAv5ODLAJTF6PD72uhhpMBOrSrRw0teQvzV
n/iKfxAzzsQv8Nwb/RRHuattnNo6PlrjNWRzgSnjHXEht52IksyfV0xDj4KL++ax
etlwQk5IkbggDSwyp760Kkk6HZiRhBA1+0m7V/qUQnBb5o1PVqk0PRJYJ8VVP5RV
oqYpTaQdC9Pd/Uk0o4P/1DzL6Xu2Bsd5ZyVXbGjnWIhc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:39 2025 by rpki-client