Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/idUX4_D2w_Eh5Tmx78KiID78KJg.roa
File: idUX4_D2w_Eh5Tmx78KiID78KJg.roa (raw, json)
Hash identifier: Pwrw1HrcuPHDAy9epSC3XW1sN/Ri24TiF1NYwreeU8Q=
Subject key identifier: 89:D5:17:E3:F0:F6:C3:F1:21:E5:39:B1:EF:C2:A2:20:3E:FC:28:98
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 0182F45EFF43F2F5FE4206827ACAA2C900F8
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/idUX4_D2w_Eh5Tmx78KiID78KJg.roa
Signing time: Wed 31 Aug 2022 14:47:22 +0000
ROA not before: Wed 31 Aug 2022 14:47:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 2.59.182.0/24 maxlen: 24
45.156.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f4:5e:ff:43:f2:f5:fe:42:06:82:7a:ca:a2:c9:00:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Aug 31 14:47:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89d517e3f0f6c3f121e539b1efc2a2203efc2898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fd:48:bb:f2:b0:1f:7a:16:9f:06:0a:6b:68:
57:6b:3c:8b:f2:54:37:ac:b1:9e:7b:f9:e8:da:b5:
72:82:7a:cb:59:fd:21:a6:fa:26:5f:52:d5:6d:96:
3f:38:44:81:a7:f1:5a:f9:c6:19:ad:e3:5a:8d:df:
35:c5:22:53:ec:c6:d1:e1:16:5d:b3:b7:df:c7:41:
5c:27:e6:54:60:28:cc:fc:b3:84:8b:08:8c:1b:e4:
59:cd:f9:fd:e8:d7:6d:8f:ec:4c:f1:a9:36:70:b3:
b6:ae:8b:f4:4a:04:53:97:68:63:aa:8a:02:bf:e6:
43:5c:82:d9:35:0c:63:3a:0c:62:9a:dd:0a:eb:da:
5e:bb:c1:05:de:b1:d9:ce:dc:6c:2f:e3:49:ed:56:
cd:74:ee:c7:ab:7f:db:51:a7:80:a5:aa:a7:26:24:
5c:b9:d6:34:29:ce:6b:15:93:0f:04:08:f6:a6:06:
98:42:11:d1:19:a5:d0:3a:4d:aa:75:7b:dc:e4:85:
42:3e:74:27:5d:05:8d:25:f1:c2:03:2f:65:25:c2:
d2:35:62:03:20:4d:9c:60:cd:22:a5:6a:03:71:77:
2e:0a:79:6c:f7:1b:6c:17:86:14:49:c0:12:0e:89:
5e:0b:dc:1f:72:b3:64:31:55:5e:21:42:4c:61:cd:
41:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D5:17:E3:F0:F6:C3:F1:21:E5:39:B1:EF:C2:A2:20:3E:FC:28:98
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/idUX4_D2w_Eh5Tmx78KiID78KJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.182.0/24
45.156.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ca:e8:48:9e:38:57:da:4a:4d:1c:2d:0a:a5:fa:82:f3:94:
c3:5f:5b:74:89:ad:55:c7:7c:51:89:09:d8:b6:69:41:62:f6:
5f:b8:87:94:c1:95:c8:1c:75:1f:7a:d5:f5:33:1e:0e:b0:71:
c2:aa:44:c4:88:4f:4a:20:cc:6a:29:f5:28:40:a4:ae:c5:14:
64:68:06:79:63:a9:03:3b:c2:25:12:a1:18:e2:7a:2f:22:e7:
46:14:ab:eb:84:74:11:f1:ec:54:cc:fb:94:cd:02:99:2d:b2:
d8:ce:40:e5:ff:3a:ee:56:64:39:14:e0:cc:49:5d:1e:26:22:
9d:96:cf:6f:e8:55:1c:bd:af:a1:ce:8c:36:3d:0d:98:d8:7a:
64:32:a6:a0:34:1a:b7:9c:ed:8e:4f:b1:27:31:54:f9:d6:16:
02:79:ec:07:c5:f6:b8:5a:c7:6f:83:fe:ec:8b:7a:c6:6b:36:
64:a4:a5:d9:89:b4:4c:dc:b4:65:d8:23:30:23:12:af:64:64:
c3:3e:64:94:f0:73:57:b8:71:1a:bc:61:15:32:d4:6f:10:72:
7e:6d:50:69:cd:c8:5b:03:67:92:76:48:32:15:0e:88:d0:4a:
2a:7e:c9:19:94:b2:8d:1d:cc:c9:ff:02:b1:9e:f8:ff:15:40:
41:eb:3a:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYL0Xv9D8vX+QgaCesqiyQD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjIwODMxMTQ0NzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ1MTdlM2YwZjZjM2YxMjFlNTM5YjFlZmMyYTIyMDNlZmMyODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv1Iu/KwH3oWnwYKa2hXazyL8lQ3
rLGee/no2rVygnrLWf0hpvomX1LVbZY/OESBp/Fa+cYZreNajd81xSJT7MbR4RZd
s7ffx0FcJ+ZUYCjM/LOEiwiMG+RZzfn96Ndtj+xM8ak2cLO2rov0SgRTl2hjqooC
v+ZDXILZNQxjOgximt0K69peu8EF3rHZztxsL+NJ7VbNdO7Hq3/bUaeApaqnJiRc
udY0Kc5rFZMPBAj2pgaYQhHRGaXQOk2qdXvc5IVCPnQnXQWNJfHCAy9lJcLSNWID
IE2cYM0ipWoDcXcuCnls9xtsF4YUScASDoleC9wfcrNkMVVeIUJMYc1BJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFInVF+Pw9sPxIeU5se/CoiA+/CiYMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvaWRVWDRfRDJ3X0VoNVRteDc4S2lJRDc4S0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAju2AwQA
LZyTMA0GCSqGSIb3DQEBCwUAA4IBAQBqyuhInjhX2kpNHC0KpfqC85TDX1t0ia1V
x3xRiQnYtmlBYvZfuIeUwZXIHHUfetX1Mx4OsHHCqkTEiE9KIMxqKfUoQKSuxRRk
aAZ5Y6kDO8IlEqEY4novIudGFKvrhHQR8exUzPuUzQKZLbLYzkDl/zruVmQ5FODM
SV0eJiKdls9v6FUcva+hzow2PQ2Y2HpkMqagNBq3nO2OT7EnMVT51hYCeewHxfa4
Wsdvg/7si3rGazZkpKXZibRM3LRl2CMwIxKvZGTDPmSU8HNXuHEavGEVMtRvEHJ+
bVBpzchbA2eSdkgyFQ6I0EoqfskZlLKNHczJ/wKxnvj/FUBB6zoW
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:50:43 2025 by rpki-client