Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3Gye2Lq41AKtDr01D0V2zq97aeM.roa
File: 3Gye2Lq41AKtDr01D0V2zq97aeM.roa (raw, json)
Hash identifier: 5vV6IWFv1Faz8cyzH0vDzGXGAjzdYH8GG13se4wzEyI=
Subject key identifier: DC:6C:9E:D8:BA:B8:D4:02:AD:0E:BD:35:0F:45:76:CE:AF:7B:69:E3
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018AAC25260658DB2CE3B6002CBE18E491FA
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3Gye2Lq41AKtDr01D0V2zq97aeM.roa
Signing time: Tue 19 Sep 2023 06:33:50 +0000
ROA not before: Tue 19 Sep 2023 06:33:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 2.59.180.0/24 maxlen: 24
45.156.144.0/24 maxlen: 24
45.156.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:25:26:06:58:db:2c:e3:b6:00:2c:be:18:e4:91:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Sep 19 06:33:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc6c9ed8bab8d402ad0ebd350f4576ceaf7b69e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:48:29:e7:28:f7:76:1d:b6:69:6f:26:b8:86:
de:83:21:6a:ff:42:9a:1b:92:c9:cf:1e:56:59:cd:
56:63:ff:63:dd:bb:6b:c3:29:0c:c6:e2:3f:df:b6:
77:8d:c2:fc:a0:37:65:d5:b9:ec:81:95:b7:26:18:
63:ec:c9:da:ba:80:7d:00:06:9d:27:97:f1:60:ef:
4f:16:19:f0:c1:6c:f9:c6:89:7e:e0:73:93:b4:fb:
5a:45:9c:38:c3:7c:90:d6:e6:c2:b4:c5:55:2b:bd:
cb:20:b2:11:06:8c:6e:17:d7:bc:30:26:77:1d:c5:
74:ce:bf:28:a4:11:1b:aa:53:66:97:d4:b2:4f:23:
2a:86:7b:88:90:be:93:c5:e1:13:61:fa:76:50:d6:
75:0a:61:84:c6:48:93:fc:11:a9:52:f1:6b:38:76:
da:fb:cd:a8:ce:41:f9:69:de:b5:01:cd:b4:4e:eb:
01:bc:56:1e:4d:76:a0:8a:84:ae:70:ec:f9:37:ac:
19:c9:43:6a:37:77:2b:d1:ab:13:e5:a1:f9:9c:90:
d2:2d:02:39:30:a7:a1:6b:6a:29:99:ab:15:19:6d:
67:06:e0:f4:e9:90:ef:d6:d2:6b:09:06:30:8e:a3:
a7:23:db:ab:3c:ee:b3:66:43:83:02:07:9b:6a:b5:
a0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6C:9E:D8:BA:B8:D4:02:AD:0E:BD:35:0F:45:76:CE:AF:7B:69:E3
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3Gye2Lq41AKtDr01D0V2zq97aeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/24
45.156.144.0/24
45.156.146.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:cd:15:d7:58:ce:d8:2d:e4:bc:0e:b0:50:7e:37:b8:68:25:
67:81:9d:04:8b:00:4f:f5:e5:9b:9c:04:16:2a:23:00:a4:8c:
bc:cf:ec:db:60:ef:96:40:3d:a9:4f:38:c5:95:91:fc:2b:a7:
0f:80:81:c6:06:e8:cc:b6:b2:27:09:d0:76:60:cd:2d:9e:73:
16:be:66:94:e6:ca:d8:a8:e2:68:64:7d:f6:a6:e6:38:90:db:
3c:ad:20:7d:20:56:87:5f:2e:42:01:fc:50:dc:de:31:46:6b:
83:3f:21:64:4d:72:6b:70:df:63:6b:bd:3e:4f:e7:6f:4b:ed:
14:c6:25:8c:b7:3b:6a:ba:9d:9e:c5:b6:86:31:b5:f9:15:08:
6b:24:9d:16:8f:53:c4:13:b5:66:48:8b:3c:51:ba:93:77:63:
7a:c3:82:bf:62:c7:e2:d6:9f:a6:1d:38:2a:3b:91:4d:d5:00:
d3:af:76:98:20:27:48:32:69:30:f0:16:cf:d3:cb:98:8d:06:
10:46:19:64:cc:65:92:98:f2:9e:8f:5b:9c:c3:22:63:d3:f5:
72:d8:e0:8e:83:7c:58:f5:9a:ec:c0:17:ec:6e:05:db:a5:6e:
7a:5f:ec:b9:07:c9:d0:90:2c:a2:89:a7:83:9e:66:12:41:c9:
cf:fd:91:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqsJSYGWNss47YALL4Y5JH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwOTE5MDYzMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZjOWVkOGJhYjhkNDAyYWQwZWJkMzUwZjQ1NzZjZWFmN2I2OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEgp5yj3dh22aW8muIbegyFq/0Ka
G5LJzx5WWc1WY/9j3btrwykMxuI/37Z3jcL8oDdl1bnsgZW3Jhhj7MnauoB9AAad
J5fxYO9PFhnwwWz5xol+4HOTtPtaRZw4w3yQ1ubCtMVVK73LILIRBoxuF9e8MCZ3
HcV0zr8opBEbqlNml9SyTyMqhnuIkL6TxeETYfp2UNZ1CmGExkiT/BGpUvFrOHba
+82ozkH5ad61Ac20TusBvFYeTXagioSucOz5N6wZyUNqN3cr0asT5aH5nJDSLQI5
MKeha2opmasVGW1nBuD06ZDv1tJrCQYwjqOnI9urPO6zZkODAgebarWgDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNxsnti6uNQCrQ69NQ9Fds6ve2njMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvM0d5ZTJMcTQxQUt0RHIwMUQwVjJ6cTk3YWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAju0AwQA
LZyQAwQALZySMA0GCSqGSIb3DQEBCwUAA4IBAQA8zRXXWM7YLeS8DrBQfje4aCVn
gZ0EiwBP9eWbnAQWKiMApIy8z+zbYO+WQD2pTzjFlZH8K6cPgIHGBujMtrInCdB2
YM0tnnMWvmaU5srYqOJoZH32puY4kNs8rSB9IFaHXy5CAfxQ3N4xRmuDPyFkTXJr
cN9ja70+T+dvS+0UxiWMtztqup2exbaGMbX5FQhrJJ0Wj1PEE7VmSIs8UbqTd2N6
w4K/Ysfi1p+mHTgqO5FN1QDTr3aYICdIMmkw8BbP08uYjQYQRhlkzGWSmPKej1uc
wyJj0/Vy2OCOg3xY9ZrswBfsbgXbpW56X+y5B8nQkCyiiaeDnmYSQcnP/ZE+
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:27:24 2025 by rpki-client