Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/vrB6OlrIkgFpgGsaEJHMp1z03VQ.roa
File: vrB6OlrIkgFpgGsaEJHMp1z03VQ.roa (raw, json)
Hash identifier: GHZofh2qX4O+MblUgAMm2rrh9zk7OL/ITjPO5PRGHAM=
Subject key identifier: BE:B0:7A:3A:5A:C8:92:01:69:80:6B:1A:10:91:CC:A7:5C:F4:DD:54
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 0183F56AF9ACA17FEC9E2CDF20E0211CA968
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/vrB6OlrIkgFpgGsaEJHMp1z03VQ.roa
Signing time: Thu 20 Oct 2022 12:42:52 +0000
ROA not before: Thu 20 Oct 2022 12:42:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142111
IP address blocks: 2.59.182.0/24 maxlen: 24
45.156.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:6a:f9:ac:a1:7f:ec:9e:2c:df:20:e0:21:1c:a9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Oct 20 12:42:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=beb07a3a5ac8920169806b1a1091cca75cf4dd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:2b:0d:83:42:0e:b3:c3:59:8a:da:38:a5:
63:ee:08:c8:c5:a9:d9:68:b4:c9:3e:06:53:2e:5b:
55:4c:35:30:30:25:04:8f:c6:17:c7:ac:82:55:cf:
58:2a:c9:3c:ee:50:33:b5:19:b2:be:61:a6:78:dd:
b0:24:b5:c9:e2:17:da:bf:86:a0:a5:e0:8b:ea:bf:
34:66:86:20:1b:55:b0:57:da:52:f6:58:65:2a:ea:
24:49:48:29:f8:81:e4:2c:63:04:f6:76:73:4a:22:
f8:d4:83:02:f0:f1:74:5c:6b:4a:9c:38:c0:36:89:
69:58:d2:97:b5:87:b0:50:d6:1d:49:fc:82:f5:6e:
b6:30:92:b8:08:90:bc:76:9d:31:ae:a4:8d:c5:ba:
6f:03:27:1c:99:c4:96:8d:2d:a4:fe:b2:60:34:b2:
bf:a2:1d:98:41:b2:68:38:18:52:d1:08:f0:72:81:
86:fa:3e:33:36:de:b9:40:e6:28:aa:ed:0d:76:ef:
fc:5a:ca:91:d7:23:25:66:14:cc:1a:9c:84:3f:40:
67:bf:2b:48:be:9b:a0:7f:b2:f4:b3:45:40:d6:b3:
c9:eb:ff:bd:08:02:a7:b7:c1:94:1c:6e:1e:ff:8a:
00:bc:77:0a:ae:28:92:d5:26:7f:7c:29:25:06:92:
60:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B0:7A:3A:5A:C8:92:01:69:80:6B:1A:10:91:CC:A7:5C:F4:DD:54
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/vrB6OlrIkgFpgGsaEJHMp1z03VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.182.0/24
45.156.146.0/24
Signature Algorithm: sha256WithRSAEncryption
35:12:a5:30:17:8f:fd:a8:40:c2:8f:75:9e:49:67:4b:8f:ef:
cd:65:37:e1:f9:a3:53:f0:03:33:9e:c2:ef:c1:9e:a2:1f:72:
3c:9c:93:a3:ec:85:ee:dd:c6:87:1c:65:1d:ae:5d:df:1d:08:
de:08:ed:1d:19:27:58:22:de:16:f9:59:eb:27:3f:c4:24:8c:
c0:b6:99:a0:bd:16:8e:83:c1:64:53:3d:ac:65:fb:73:99:c4:
76:d2:91:23:69:10:8f:1d:1a:83:1f:0f:7a:a1:58:92:00:f2:
3a:2a:ac:1a:ce:b9:d4:41:ee:93:ae:91:bd:78:0d:a0:a0:f7:
cf:51:2c:10:fc:13:3c:1c:e7:c8:91:02:62:4b:e5:9b:68:7b:
34:25:2b:b4:37:81:0c:6d:c5:df:e9:0c:b4:12:3c:88:ea:e7:
09:cc:9c:6f:50:e2:79:ae:a0:2b:64:34:19:ff:36:6a:d0:08:
d4:c7:a5:18:d4:c6:5d:f8:46:98:d3:b9:a3:23:08:1e:64:a0:
8f:16:6c:66:b8:64:59:51:21:f3:1b:bb:81:5e:9e:bb:6d:1f:
48:5b:89:a4:01:e2:e6:bc:f4:94:78:99:51:6a:35:40:4e:f0:
ab:91:e6:35:da:ef:48:56:8e:31:d2:77:99:5e:07:4a:22:8e:
72:3b:58:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP1avmsoX/snizfIOAhHKloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjIxMDIwMTI0MjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIwN2EzYTVhYzg5MjAxNjk4MDZiMWExMDkxY2NhNzVjZjRkZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDErDYNCDrPDWYraOKVj7gjIxanZ
aLTJPgZTLltVTDUwMCUEj8YXx6yCVc9YKsk87lAztRmyvmGmeN2wJLXJ4hfav4ag
peCL6r80ZoYgG1WwV9pS9lhlKuokSUgp+IHkLGME9nZzSiL41IMC8PF0XGtKnDjA
NolpWNKXtYewUNYdSfyC9W62MJK4CJC8dp0xrqSNxbpvAyccmcSWjS2k/rJgNLK/
oh2YQbJoOBhS0QjwcoGG+j4zNt65QOYoqu0Ndu/8WsqR1yMlZhTMGpyEP0BnvytI
vpugf7L0s0VA1rPJ6/+9CAKnt8GUHG4e/4oAvHcKriiS1SZ/fCklBpJgZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL6wejpayJIBaYBrGhCRzKdc9N1UMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvdnJCNk9scklrZ0ZwZ0dzYUVKSE1wMXowM1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAju2AwQA
LZySMA0GCSqGSIb3DQEBCwUAA4IBAQA1EqUwF4/9qEDCj3WeSWdLj+/NZTfh+aNT
8AMznsLvwZ6iH3I8nJOj7IXu3caHHGUdrl3fHQjeCO0dGSdYIt4W+VnrJz/EJIzA
tpmgvRaOg8FkUz2sZftzmcR20pEjaRCPHRqDHw96oViSAPI6KqwazrnUQe6TrpG9
eA2goPfPUSwQ/BM8HOfIkQJiS+WbaHs0JSu0N4EMbcXf6Qy0EjyI6ucJzJxvUOJ5
rqArZDQZ/zZq0AjUx6UY1MZd+EaY07mjIwgeZKCPFmxmuGRZUSHzG7uBXp67bR9I
W4mkAeLmvPSUeJlRajVATvCrkeY12u9IVo4x0neZXgdKIo5yO1jP
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:24:57 2025 by rpki-client