Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/uVad-4uUbF24YTAw02Wi0prlnPI.roa
File: uVad-4uUbF24YTAw02Wi0prlnPI.roa (raw, json)
Hash identifier: 90LUgFvFNjc4y1k+/pddsQbSfLHyyq887b4bKsClQhc=
Subject key identifier: B9:56:9D:FB:8B:94:6C:5D:B8:61:30:30:D3:65:A2:D2:9A:E5:9C:F2
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 01875A3C1EF56D567AAF21ABEB2585C466E9
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/uVad-4uUbF24YTAw02Wi0prlnPI.roa
Signing time: Fri 07 Apr 2023 05:41:42 +0000
ROA not before: Fri 07 Apr 2023 05:41:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142111
IP address blocks: 2.59.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:3c:1e:f5:6d:56:7a:af:21:ab:eb:25:85:c4:66:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Apr 7 05:41:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9569dfb8b946c5db8613030d365a2d29ae59cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7e:30:7c:e7:88:f9:c6:ab:c2:97:fd:77:53:
60:68:3b:96:7c:a7:99:38:ab:bb:6f:2a:dc:68:9c:
3d:f0:5f:9d:f0:6a:ad:e4:f5:41:d4:c9:f9:b0:03:
70:af:dd:29:49:94:f4:c4:3a:e1:21:06:06:f8:59:
8e:51:70:57:1c:c4:5b:f5:98:f6:aa:7a:1e:b6:9d:
a9:a9:63:40:05:0e:a4:53:38:69:64:57:52:49:f9:
f2:8c:e9:1a:fc:6e:9c:9b:d9:7c:63:c2:ed:13:63:
a9:92:a2:33:b6:54:cd:a3:b3:8d:80:e1:e3:86:c6:
c6:77:f1:98:e5:b7:f6:e7:70:74:ce:50:82:96:46:
b4:f3:50:ad:28:dc:70:48:74:8b:40:a7:2b:5e:cc:
47:c4:94:80:ee:31:ca:9e:a4:40:b5:79:0b:9d:8b:
7c:e8:3d:03:0f:e0:7b:8c:d8:fb:6d:46:af:8b:4e:
6d:1b:bc:ad:c7:71:40:cd:22:6d:f7:45:ff:ae:7f:
48:37:da:d7:72:a9:af:89:75:6a:15:9a:a9:c4:7a:
47:28:f9:3c:6c:88:96:51:1d:15:18:a6:9f:2d:23:
06:45:e9:4c:50:1b:b5:7e:75:86:c1:4f:cc:e2:15:
30:17:4f:4b:fe:06:1a:84:e6:e4:ea:52:37:fd:93:
e7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:56:9D:FB:8B:94:6C:5D:B8:61:30:30:D3:65:A2:D2:9A:E5:9C:F2
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/uVad-4uUbF24YTAw02Wi0prlnPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.182.0/24
Signature Algorithm: sha256WithRSAEncryption
34:19:84:80:ec:65:f4:c8:65:54:fa:7e:4c:ce:84:4f:45:09:
42:b2:8f:bc:29:4f:a5:9f:16:7a:37:79:c8:29:3a:d9:b6:7e:
ed:c7:00:c8:b5:ce:a7:d6:87:0e:0d:04:9a:d7:9f:07:8b:6b:
8b:12:1e:26:62:3e:1d:c0:92:4a:e1:61:21:44:17:fe:00:25:
50:83:89:39:a1:a9:3e:28:28:32:fb:28:4e:1f:13:3d:43:e2:
42:ef:e5:ac:99:2c:1d:8c:78:f5:fa:20:b6:9c:36:9d:47:13:
77:85:00:34:48:a0:72:7f:04:ea:a0:c1:ee:02:c9:ca:b9:ab:
2f:42:50:37:41:8c:d4:32:e4:76:cb:41:7e:44:9c:33:08:9b:
25:e7:62:3c:bc:6f:78:66:3d:ff:d1:ab:9f:9f:d0:db:5c:c8:
44:f6:1c:85:45:4a:93:e1:ec:e0:05:b3:73:75:4b:ee:ea:2b:
ec:3f:66:fb:5f:b8:cd:5b:49:52:79:71:3a:a4:b3:e8:e7:8b:
35:c5:fa:83:46:43:45:71:d0:82:65:71:ac:33:d8:41:f3:23:
d6:66:09:2b:8a:90:b8:ee:ef:90:a7:f4:27:a1:69:8b:0c:9f:
85:4c:6d:1d:70:f6:12:5e:8d:c6:fa:2a:8b:50:7d:78:78:e5:
60:ef:83:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdaPB71bVZ6ryGr6yWFxGbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwNDA3MDU0MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTU2OWRmYjhiOTQ2YzVkYjg2MTMwMzBkMzY1YTJkMjlhZTU5Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6X4wfOeI+carwpf9d1NgaDuWfKeZ
OKu7byrcaJw98F+d8Gqt5PVB1Mn5sANwr90pSZT0xDrhIQYG+FmOUXBXHMRb9Zj2
qnoetp2pqWNABQ6kUzhpZFdSSfnyjOka/G6cm9l8Y8LtE2OpkqIztlTNo7ONgOHj
hsbGd/GY5bf253B0zlCClka081CtKNxwSHSLQKcrXsxHxJSA7jHKnqRAtXkLnYt8
6D0DD+B7jNj7bUavi05tG7ytx3FAzSJt90X/rn9IN9rXcqmviXVqFZqpxHpHKPk8
bIiWUR0VGKafLSMGRelMUBu1fnWGwU/M4hUwF09L/gYahObk6lI3/ZPnQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlWnfuLlGxduGEwMNNlotKa5ZzyMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvdVZhZC00dVViRjI0WVRBdzAyV2kwcHJsblBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju2MA0G
CSqGSIb3DQEBCwUAA4IBAQA0GYSA7GX0yGVU+n5MzoRPRQlCso+8KU+lnxZ6N3nI
KTrZtn7txwDItc6n1ocODQSa158Hi2uLEh4mYj4dwJJK4WEhRBf+ACVQg4k5oak+
KCgy+yhOHxM9Q+JC7+WsmSwdjHj1+iC2nDadRxN3hQA0SKByfwTqoMHuAsnKuasv
QlA3QYzUMuR2y0F+RJwzCJsl52I8vG94Zj3/0aufn9DbXMhE9hyFRUqT4ezgBbNz
dUvu6ivsP2b7X7jNW0lSeXE6pLPo54s1xfqDRkNFcdCCZXGsM9hB8yPWZgkripC4
7u+Qp/QnoWmLDJ+FTG0dcPYSXo3G+iqLUH14eOVg74OW
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:32:24 2025 by rpki-client