Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/SjVEfHUbvvvsbsLOGktLBAPJDB0.roa
File: SjVEfHUbvvvsbsLOGktLBAPJDB0.roa (raw, json)
Hash identifier: QJMTWrNc5jczVJ3gOD4WQ3j2sCB38aciWWdH/Mi1oyo=
Subject key identifier: 4A:35:44:7C:75:1B:BE:FB:EC:6E:C2:CE:1A:4B:4B:04:03:C9:0C:1D
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018A1D549FF17EC9BC3F8E1D8E727FC1F959
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/SjVEfHUbvvvsbsLOGktLBAPJDB0.roa
Signing time: Tue 22 Aug 2023 12:59:59 +0000
ROA not before: Tue 22 Aug 2023 12:59:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 2.59.180.0/24 maxlen: 24
45.156.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:54:9f:f1:7e:c9:bc:3f:8e:1d:8e:72:7f:c1:f9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Aug 22 12:59:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a35447c751bbefbec6ec2ce1a4b4b0403c90c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:24:70:62:7f:a7:f5:ea:38:d1:af:11:a2:b4:
9c:9d:d9:e3:b1:19:d5:1f:b2:b5:3d:e8:6c:f3:ca:
22:5a:8d:42:0f:43:e5:de:ea:12:79:8c:13:d6:7c:
c4:f8:c9:82:79:bd:d0:5d:96:16:06:82:5a:db:4c:
48:5a:ac:02:8e:31:65:e7:06:d8:39:c8:bb:ff:03:
b9:15:13:54:ac:02:9e:a1:fd:91:db:36:a6:6e:5c:
3c:56:27:e0:6d:85:8c:3a:06:8e:13:9e:70:01:d3:
cb:2e:bd:14:71:52:d4:9d:48:d0:cb:ca:db:d2:39:
a7:93:20:18:36:b9:a3:2b:ce:97:98:2c:bf:d9:2f:
4b:87:14:32:78:df:b2:92:9e:cd:80:ea:3b:9f:4e:
bf:8a:7e:7f:83:a2:12:70:14:5c:24:5d:f1:ef:22:
46:d9:fe:ba:57:9e:bf:af:c4:ae:20:b8:17:67:b6:
3f:3f:18:ad:3c:2a:b4:41:2a:a9:24:bb:f8:7b:84:
5d:02:2f:85:e3:34:a3:6e:fc:f9:58:75:64:dc:4b:
91:4a:0c:d3:88:81:0f:51:65:dd:0d:80:4e:91:30:
a5:44:8d:aa:1a:e5:5d:12:f6:e8:f8:f4:c1:de:84:
d3:fb:bd:0a:30:82:1b:3e:dc:8c:9e:a2:f4:5e:19:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:35:44:7C:75:1B:BE:FB:EC:6E:C2:CE:1A:4B:4B:04:03:C9:0C:1D
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/SjVEfHUbvvvsbsLOGktLBAPJDB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/24
45.156.144.0/24
Signature Algorithm: sha256WithRSAEncryption
22:30:28:bc:8b:16:52:1f:81:38:ae:1f:95:ae:93:62:6f:b3:
af:7c:99:12:de:04:03:df:d8:83:4f:1b:ab:38:ed:8c:56:c0:
be:7d:bd:88:a4:e0:85:7b:3c:db:2d:8d:ef:da:21:42:cb:83:
03:59:79:71:9a:f0:28:95:93:ca:ab:0b:92:d2:3a:ee:4d:5f:
10:a4:94:55:f3:3f:89:6b:d7:e3:f8:d8:dd:10:3b:f3:3f:2b:
42:69:18:1d:53:9b:11:b7:d9:9d:fb:c4:fc:74:ce:d7:2e:b4:
34:ea:11:45:8d:18:92:6a:7c:3e:66:f6:af:e2:50:31:39:32:
6f:eb:7b:5a:8a:b2:22:6e:e2:1e:e9:cf:3e:76:c0:16:c6:a3:
1b:fa:94:1b:86:1f:89:66:55:9d:2f:f3:6e:b5:45:4a:09:4d:
07:2d:90:29:27:2f:a4:9e:fd:51:84:9b:45:0b:5d:67:15:d6:
29:46:19:2d:39:b5:f3:d6:24:69:d5:9d:c0:52:8f:26:5f:e5:
72:e6:0d:0c:4e:16:88:ef:97:09:81:d7:b8:03:9d:e6:55:5c:
61:c3:6b:51:28:28:49:f0:f6:1f:15:aa:1a:86:32:bf:7e:f5:
c2:b7:0d:9c:46:aa:26:9d:5f:c3:f3:b7:39:fa:2f:56:1b:0b:
96:6f:63:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYodVJ/xfsm8P44djnJ/wflZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwODIyMTI1OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTM1NDQ3Yzc1MWJiZWZiZWM2ZWMyY2UxYTRiNGIwNDAzYzkwYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiRwYn+n9eo40a8RorScndnjsRnV
H7K1Pehs88oiWo1CD0Pl3uoSeYwT1nzE+MmCeb3QXZYWBoJa20xIWqwCjjFl5wbY
Oci7/wO5FRNUrAKeof2R2zamblw8VifgbYWMOgaOE55wAdPLLr0UcVLUnUjQy8rb
0jmnkyAYNrmjK86XmCy/2S9LhxQyeN+ykp7NgOo7n06/in5/g6IScBRcJF3x7yJG
2f66V56/r8SuILgXZ7Y/PxitPCq0QSqpJLv4e4RdAi+F4zSjbvz5WHVk3EuRSgzT
iIEPUWXdDYBOkTClRI2qGuVdEvbo+PTB3oTT+70KMIIbPtyMnqL0XhmtIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEo1RHx1G7777G7CzhpLSwQDyQwdMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvU2pWRWZIVWJ2dnZzYnNMT0drdExCQVBKREIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAju0AwQA
LZyQMA0GCSqGSIb3DQEBCwUAA4IBAQAiMCi8ixZSH4E4rh+VrpNib7OvfJkS3gQD
39iDTxurOO2MVsC+fb2IpOCFezzbLY3v2iFCy4MDWXlxmvAolZPKqwuS0jruTV8Q
pJRV8z+Ja9fj+NjdEDvzPytCaRgdU5sRt9md+8T8dM7XLrQ06hFFjRiSanw+Zvav
4lAxOTJv63tairIibuIe6c8+dsAWxqMb+pQbhh+JZlWdL/NutUVKCU0HLZApJy+k
nv1RhJtFC11nFdYpRhktObXz1iRp1Z3AUo8mX+Vy5g0MThaI75cJgde4A53mVVxh
w2tRKChJ8PYfFaoahjK/fvXCtw2cRqomnV/D87c5+i9WGwuWb2NF
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:19 2025 by rpki-client