Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/kdKsdPhAAJkn41VpmDepvnr6aHM.roa
File: kdKsdPhAAJkn41VpmDepvnr6aHM.roa (raw, json)
Hash identifier: 5ejYTLpWjAp4GNRYKNDXwJbTsTV1c5OXQuAGjgefdSs=
Subject key identifier: 91:D2:AC:74:F8:40:00:99:27:E3:55:69:98:37:A9:BE:7A:FA:68:73
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 0185711E6837D8FF4EE7BCAC17E23B834487
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/kdKsdPhAAJkn41VpmDepvnr6aHM.roa
Signing time: Mon 02 Jan 2023 06:14:56 +0000
ROA not before: Mon 02 Jan 2023 06:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 2.59.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:68:37:d8:ff:4e:e7:bc:ac:17:e2:3b:83:44:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 2 06:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91d2ac74f840009927e355699837a9be7afa6873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d2:13:8c:73:83:34:97:d5:9a:21:b1:82:a4:
ab:f2:ae:4d:78:7a:cf:77:23:ba:59:45:58:3c:7e:
70:c6:2f:ca:8f:11:52:52:a0:2b:38:03:e4:ab:e5:
2e:3b:8d:39:1b:fe:e2:20:8a:3d:40:ea:04:0b:4d:
8d:0f:f5:17:48:42:53:a8:0f:c0:5f:bb:f7:27:8d:
78:3c:e1:32:7e:2e:6a:f9:80:ce:64:86:75:2f:53:
1f:da:29:d9:34:57:a9:18:75:3d:24:2b:c8:c3:f2:
85:e9:6f:69:a9:79:f3:df:06:9f:b8:b1:cb:08:13:
83:8e:37:a0:0c:75:e0:6e:63:a2:75:45:fd:a5:bb:
bc:59:df:a9:65:ea:39:11:52:4e:81:ee:65:0f:2b:
68:36:9f:58:d5:dd:67:01:97:95:75:56:01:46:bd:
73:08:19:01:e6:9b:5c:18:1d:28:a7:2d:f5:e7:22:
8b:dc:07:d2:ea:e4:d3:77:ad:f1:11:ed:3a:89:f1:
a1:8e:6e:fd:4b:26:b8:a7:5c:13:78:19:0d:43:5b:
6a:3d:d0:1b:78:81:91:91:a9:28:05:dd:f5:02:32:
aa:a6:aa:4c:cf:e4:49:61:de:6e:7a:36:91:2a:16:
cd:35:37:9b:06:f2:48:ab:5f:43:be:04:43:8c:bb:
31:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D2:AC:74:F8:40:00:99:27:E3:55:69:98:37:A9:BE:7A:FA:68:73
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/kdKsdPhAAJkn41VpmDepvnr6aHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.183.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:2f:c2:c7:0a:a5:5b:88:18:25:4b:72:38:6a:19:5c:08:be:
33:02:18:65:93:07:6c:9f:06:18:c8:e3:97:8b:26:20:49:03:
05:02:ed:fa:a3:d4:da:d5:bd:62:51:8e:27:91:eb:4b:1e:a4:
e3:51:b6:36:cd:4c:de:92:a6:2d:37:ca:8a:35:ba:53:02:80:
be:ce:ed:f3:2f:7e:f4:7c:7e:64:24:96:4a:61:66:7e:93:84:
19:85:8a:6b:6b:f3:fc:e3:a4:16:4b:60:a4:9a:77:94:be:f0:
19:4b:6e:90:bb:ca:44:1f:97:11:0c:2b:8d:1a:2f:bc:43:20:
68:c2:32:55:3b:be:bf:83:ed:47:c4:5f:2c:be:2b:5b:cd:b6:
3e:61:24:27:7a:dd:7b:35:46:66:17:92:b9:16:28:2b:35:10:
ee:98:6b:71:44:e2:50:31:c8:b6:e2:0a:21:0c:24:54:6e:cf:
e5:76:bc:3d:82:bf:04:57:9c:18:76:18:68:80:16:ef:9e:fe:
fa:55:68:b0:ce:7b:f7:7b:fa:72:23:90:1e:46:60:b6:8f:55:
0f:78:b9:c9:58:7d:9e:05:6d:55:a5:91:72:52:d6:9d:a8:e8:
03:d7:66:a7:d2:70:26:ea:16:d9:4b:74:4d:ad:fc:1b:0b:8a:
35:0a:7d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHmg32P9O57ysF+I7g0SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwMTAyMDYxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQyYWM3NGY4NDAwMDk5MjdlMzU1Njk5ODM3YTliZTdhZmE2ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9ITjHODNJfVmiGxgqSr8q5NeHrP
dyO6WUVYPH5wxi/KjxFSUqArOAPkq+UuO405G/7iIIo9QOoEC02ND/UXSEJTqA/A
X7v3J414POEyfi5q+YDOZIZ1L1Mf2inZNFepGHU9JCvIw/KF6W9pqXnz3wafuLHL
CBODjjegDHXgbmOidUX9pbu8Wd+pZeo5EVJOge5lDytoNp9Y1d1nAZeVdVYBRr1z
CBkB5ptcGB0opy315yKL3AfS6uTTd63xEe06ifGhjm79Sya4p1wTeBkNQ1tqPdAb
eIGRkakoBd31AjKqpqpMz+RJYd5uejaRKhbNNTebBvJIq19DvgRDjLsxpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHSrHT4QACZJ+NVaZg3qb56+mhzMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEva2RLc2RQaEFBSmtuNDFWcG1EZXB2bnI2YUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju3MA0G
CSqGSIb3DQEBCwUAA4IBAQDAL8LHCqVbiBglS3I4ahlcCL4zAhhlkwdsnwYYyOOX
iyYgSQMFAu36o9Ta1b1iUY4nketLHqTjUbY2zUzekqYtN8qKNbpTAoC+zu3zL370
fH5kJJZKYWZ+k4QZhYpra/P846QWS2CkmneUvvAZS26Qu8pEH5cRDCuNGi+8QyBo
wjJVO76/g+1HxF8svitbzbY+YSQnet17NUZmF5K5FigrNRDumGtxROJQMci24goh
DCRUbs/ldrw9gr8EV5wYdhhogBbvnv76VWiwznv3e/pyI5AeRmC2j1UPeLnJWH2e
BW1VpZFyUtadqOgD12an0nAm6hbZS3RNrfwbC4o1Cn20
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:02:41 2025 by rpki-client