Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/1T_pDBjNvNW2YcZv2yUxX0MddwQ.roa
File: 1T_pDBjNvNW2YcZv2yUxX0MddwQ.roa (raw, json)
Hash identifier: ZQtj+ZhNtfE2At31cxYVs4JxGszt618ycbAh+Zf+ANg=
Subject key identifier: D5:3F:E9:0C:18:CD:BC:D5:B6:61:C6:6F:DB:25:31:5F:43:1D:77:04
Certificate issuer: /CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Certificate serial: 017A13CD
Authority key identifier: 91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/1T_pDBjNvNW2YcZv2yUxX0MddwQ.roa
Signing time: Sun 24 Apr 2022 11:27:23 +0000
ROA not before: Sun 24 Apr 2022 11:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209835
IP address blocks: 2.59.232.0/24 maxlen: 24
2.59.232.0/22 maxlen: 22
2.59.233.0/24 maxlen: 24
2.59.234.0/24 maxlen: 24
2.59.235.0/24 maxlen: 24
2a09:fc40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24777677 (0x17a13cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Validity
Not Before: Apr 24 11:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d53fe90c18cdbcd5b661c66fdb25315f431d7704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:db:fb:9e:01:cc:c4:17:3e:fd:d8:81:47:
f5:7d:46:e4:c4:3e:62:f3:d5:48:9d:d7:c2:f5:31:
cf:51:22:e2:0a:18:d0:8d:0f:98:16:c2:39:84:77:
31:62:5a:d3:48:86:d0:94:c3:c4:7b:6a:21:3e:d3:
40:f8:f7:01:36:32:11:be:b8:e9:63:d1:0e:23:52:
54:d6:cb:47:d8:f6:1e:8f:bb:87:01:dc:d3:16:bd:
e0:0e:11:77:6e:f4:a6:c3:0d:64:a0:e2:29:de:be:
3d:b6:93:4a:15:2a:3c:15:79:ef:e9:ed:d2:70:13:
76:b6:27:ec:4a:67:4f:f6:ab:4f:16:ee:96:a9:83:
8e:30:94:0b:44:a8:7e:41:1e:aa:52:29:46:c6:4b:
91:54:1f:81:f0:f9:88:76:fa:d9:71:3c:16:34:b7:
40:bd:09:ea:4b:35:a4:df:67:78:a0:74:d9:01:6e:
b9:95:c2:6e:bd:ab:ac:be:da:27:44:2f:d7:1f:cf:
39:c8:ed:67:89:89:1a:bb:a8:40:12:09:fa:82:10:
20:6c:a1:d3:3d:ca:2c:05:61:90:7f:79:71:c8:44:
ff:e1:1f:32:6d:bf:f4:ca:5f:e6:cc:88:46:04:bc:
66:c4:a7:61:5c:79:f2:30:22:c7:8d:73:35:48:70:
9b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3F:E9:0C:18:CD:BC:D5:B6:61:C6:6F:DB:25:31:5F:43:1D:77:04
X509v3 Authority Key Identifier:
keyid:91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/1T_pDBjNvNW2YcZv2yUxX0MddwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/kbP11vQ-gwcfp35tPru3k1L5YbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.232.0/22
IPv6:
2a09:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
ac:f5:12:52:ee:97:aa:af:6e:67:74:48:38:51:db:11:db:79:
d6:04:0f:76:8e:cd:d2:64:bd:ff:0d:15:f9:db:f1:9f:19:8e:
33:f7:8d:46:93:12:c8:59:d6:1e:c3:b2:6a:13:bb:66:17:06:
42:7c:48:c5:36:e8:b6:ea:eb:32:b0:97:d3:7d:dd:07:67:c3:
d3:2d:a8:f5:45:4d:a4:5d:0e:3a:6e:2c:15:44:8b:10:78:64:
96:f3:7a:43:ee:f9:8d:2e:cb:e4:d8:2c:97:ce:94:ee:ea:5e:
57:b9:99:cf:a6:0b:af:85:bf:bd:47:06:3b:53:89:3c:fd:a9:
40:0b:70:5a:e8:86:8b:a3:3f:d1:27:e3:15:8f:16:96:be:05:
41:9a:18:53:fe:7d:1b:20:4b:01:01:4d:52:4b:aa:8b:06:32:
1f:ce:2d:a3:57:e9:24:b8:e3:80:09:2c:36:82:f0:15:b2:ef:
9d:1b:4a:c5:23:f2:ca:f9:bf:32:e4:e9:c8:a9:06:8b:15:e9:
0d:da:90:a0:6c:e3:96:e6:79:3d:e6:31:58:32:3c:5a:e7:1d:
87:69:ca:c1:7f:6d:9f:06:9c:c9:3d:d6:6d:e2:01:6d:5b:9a:
ff:37:e7:38:f7:0c:bd:43:ba:ef:0b:21:43:92:45:95:7d:36:
a9:75:a3:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAXoTzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWIzZjVkNmY0M2U4MzA3MWZhNzdlNmQzZWJiYjc5MzUyZjk2MWI1MB4XDTIyMDQy
NDExMjcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUzZmU5MGMxOGNk
YmNkNWI2NjFjNjZmZGIyNTMxNWY0MzFkNzcwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcM2/ueAczEFz792IFH9X1G5MQ+YvPVSJ3XwvUxz1Ei4goY
0I0PmBbCOYR3MWJa00iG0JTDxHtqIT7TQPj3ATYyEb646WPRDiNSVNbLR9j2Ho+7
hwHc0xa94A4Rd270psMNZKDiKd6+PbaTShUqPBV57+nt0nATdrYn7EpnT/arTxbu
lqmDjjCUC0SofkEeqlIpRsZLkVQfgfD5iHb62XE8FjS3QL0J6ks1pN9neKB02QFu
uZXCbr2rrL7aJ0Qv1x/POcjtZ4mJGruoQBIJ+oIQIGyh0z3KLAVhkH95cchE/+Ef
Mm2/9Mpf5syIRgS8ZsSnYVx58jAix41zNUhwm4ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTVP+kMGM281bZhxm/bJTFfQx13BDAfBgNVHSMEGDAWgBSRs/XW9D6DBx+n
fm0+u7eTUvlhtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tiUDExdlEtZ3djZnAzNXRQcnUzazFMNVliVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvODdhODYzLWRhNmYtNDk4MS05Mzc4LWIyY2Q0ZTU4MTAwZS8x
LzFUX3BEQmpOdk5XMlljWnYyeVV4WDBNZGR3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
ODdhODYzLWRhNmYtNDk4MS05Mzc4LWIyY2Q0ZTU4MTAwZS8xL2tiUDExdlEtZ3dj
ZnAzNXRQcnUzazFMNVliVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAgI76DANBAIAAjAHAwUDKgn8QDAN
BgkqhkiG9w0BAQsFAAOCAQEArPUSUu6Xqq9uZ3RIOFHbEdt51gQPdo7N0mS9/w0V
+dvxnxmOM/eNRpMSyFnWHsOyahO7ZhcGQnxIxTboturrMrCX033dB2fD0y2o9UVN
pF0OOm4sFUSLEHhklvN6Q+75jS7L5Ngsl86U7upeV7mZz6YLr4W/vUcGO1OJPP2p
QAtwWuiGi6M/0SfjFY8Wlr4FQZoYU/59GyBLAQFNUkuqiwYyH84to1fpJLjjgAks
NoLwFbLvnRtKxSPyyvm/MuTpyKkGixXpDdqQoGzjluZ5PeYxWDI8Wucdh2nKwX9t
nwacyT3WbeIBbVua/zfnOPcMvUO67wshQ5JFlX02qXWjSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:51 2024 by rpki-client on console-ams.rpki-client.org