Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/pe9gYNVUUZGFcH9zDBD5vm9wA-0.roa
File: pe9gYNVUUZGFcH9zDBD5vm9wA-0.roa (raw, json)
Hash identifier: nv5SK6/bM4XxxqODE4A/BhoQIhnq2B7vwYBoMV/CTkA=
Subject key identifier: A5:EF:60:60:D5:54:51:91:85:70:7F:73:0C:10:F9:BE:6F:70:03:ED
Certificate issuer: /CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Certificate serial: 01842F5A7B2D19D7A7BDF539B5145A5BE4F1
Authority key identifier: FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/pe9gYNVUUZGFcH9zDBD5vm9wA-0.roa
Signing time: Mon 31 Oct 2022 18:42:49 +0000
ROA not before: Mon 31 Oct 2022 18:42:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35133
IP address blocks: 2.58.59.0/24 maxlen: 24
2a09:e240:2::/48 maxlen: 48
2a09:e240:22::/48 maxlen: 48
2a09:e240:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:5a:7b:2d:19:d7:a7:bd:f5:39:b5:14:5a:5b:e4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Validity
Not Before: Oct 31 18:42:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5ef6060d554519185707f730c10f9be6f7003ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0b:2c:38:9b:89:21:8a:44:e7:b2:70:0b:19:
66:2b:66:d8:e5:8e:39:fc:6e:29:22:28:65:f9:55:
62:c4:d6:4b:20:42:52:c5:ea:09:3a:e0:fb:f8:15:
02:42:8c:6c:eb:2b:2b:ad:eb:27:3a:59:0f:1d:19:
69:95:b2:15:9e:29:80:54:77:ac:96:3f:8a:14:89:
b9:d3:03:0b:cb:90:0b:57:86:7a:ae:74:d9:ff:9e:
cd:fb:e0:28:cf:10:d6:55:72:95:10:c4:8d:62:f6:
4a:bf:04:a6:e7:db:c0:93:4e:d4:1d:ea:88:af:f7:
78:7b:e2:c4:a7:ac:20:66:73:04:d8:ba:41:b6:cc:
1d:25:65:d2:7d:2f:cb:16:8d:77:91:7e:43:e9:16:
b0:f8:57:b0:e8:d6:ae:b7:37:35:e1:1a:06:e6:0e:
a6:e8:86:68:a7:0b:33:d5:10:2e:71:72:12:e7:46:
ce:d9:df:27:84:b5:c4:43:7c:c8:57:29:6a:85:72:
21:29:a9:1b:fb:ed:71:a6:38:72:c2:05:da:0d:0b:
e3:1f:60:ce:17:51:50:13:21:f3:bf:11:e1:d7:1e:
8a:2c:d9:ea:d7:4f:92:0b:9a:37:87:db:ec:d0:d8:
5f:19:2c:6b:08:49:54:48:67:68:bd:31:78:50:20:
51:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:EF:60:60:D5:54:51:91:85:70:7F:73:0C:10:F9:BE:6F:70:03:ED
X509v3 Authority Key Identifier:
keyid:FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/pe9gYNVUUZGFcH9zDBD5vm9wA-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1-3RABurDCEv4jxKDSbDnM7s9eeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.59.0/24
IPv6:
2a09:e240:1::-2a09:e240:2:ffff:ffff:ffff:ffff:ffff
2a09:e240:22::/48
Signature Algorithm: sha256WithRSAEncryption
0b:02:f4:12:13:84:33:b7:97:c9:be:b7:cd:b1:7d:7d:59:de:
f2:f7:d6:7b:d1:7a:1a:c7:36:5f:5b:36:5e:c0:bd:6f:41:ea:
9b:5c:27:27:45:f0:4b:79:b6:8e:be:f4:dc:7c:4f:26:79:4a:
7c:ea:9e:e4:3e:8c:43:4b:d5:40:13:f1:16:0b:c0:ec:8b:c4:
3c:3c:5c:fa:94:71:b6:7e:70:79:ab:26:54:af:1f:6f:4b:e6:
86:e0:cb:91:d2:eb:c2:38:67:f6:23:b2:63:a8:83:fc:a8:3c:
32:fd:1d:05:52:98:a7:ca:3f:81:67:e5:de:e6:cb:86:86:86:
63:6a:f6:35:db:00:e0:c7:09:55:57:ff:19:c1:80:97:9d:52:
f4:82:e5:68:0e:b6:0d:4b:5a:8e:97:17:2e:fa:f8:fb:0e:a0:
96:f8:7d:91:43:0f:4f:11:39:63:ab:e8:1d:33:0e:5e:1a:c3:
9b:01:b6:f3:2d:09:2a:cf:6f:74:23:78:52:64:07:52:3f:46:
c2:68:42:49:8a:dc:45:3a:ad:09:e9:69:fa:ad:2b:bc:ba:d4:
0c:45:ce:73:28:5c:48:4c:6a:b7:88:4d:59:b6:8c:2b:54:94:
37:d1:49:c5:ef:64:c0:f7:1e:2f:5f:82:8c:f5:54:a4:93:c5:
b3:b7:0b:a0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYQvWnstGdenvfU5tRRaW+TxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzQ0MDA2ZWFjMzA4NGJmODhmMTI4MzQ5YjBlNzMzYmIz
ZDc5ZTMwHhcNMjIxMDMxMTg0MjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWVmNjA2MGQ1NTQ1MTkxODU3MDdmNzMwYzEwZjliZTZmNzAwM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwssOJuJIYpE57JwCxlmK2bY5Y45
/G4pIihl+VVixNZLIEJSxeoJOuD7+BUCQoxs6ysrresnOlkPHRlplbIVnimAVHes
lj+KFIm50wMLy5ALV4Z6rnTZ/57N++AozxDWVXKVEMSNYvZKvwSm59vAk07UHeqI
r/d4e+LEp6wgZnME2LpBtswdJWXSfS/LFo13kX5D6Raw+Few6Nautzc14RoG5g6m
6IZopwsz1RAucXIS50bO2d8nhLXEQ3zIVylqhXIhKakb++1xpjhywgXaDQvjH2DO
F1FQEyHzvxHh1x6KLNnq10+SC5o3h9vs0NhfGSxrCElUSGdovTF4UCBRWwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKXvYGDVVFGRhXB/cwwQ+b5vcAPtMB8GA1UdIwQY
MBaAFPt0QAbqwwhL+I8Sg0mw5zO7PXnjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zUkFCdXJEQ0V2NGp4S0RTYkRuTTdzOWVlTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMTc4MzZhLWQ2NzgtNDFjYS04ZmIy
LTVlYjdiZWY5YTdhOC8xL3BlOWdZTlZVVVpHRmNIOXpEQkQ1dm05d0EtMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMTc4MzZhLWQ2NzgtNDFjYS04ZmIyLTVlYjdiZWY5YTdh
OC8xLzEtM1JBQnVyRENFdjRqeEtEU2JEbk03czllZU0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUHAQcBAf8ENTAzMAwEAgABMAYDBAACOjsw
IwQCAAIwHTASAwcAKgniQAABAwcAKgniQAACAwcAKgniQAAiMA0GCSqGSIb3DQEB
CwUAA4IBAQALAvQSE4Qzt5fJvrfNsX19Wd7y99Z70XoaxzZfWzZewL1vQeqbXCcn
RfBLebaOvvTcfE8meUp86p7kPoxDS9VAE/EWC8Dsi8Q8PFz6lHG2fnB5qyZUrx9v
S+aG4MuR0uvCOGf2I7JjqIP8qDwy/R0FUpinyj+BZ+Xe5suGhoZjavY12wDgxwlV
V/8ZwYCXnVL0guVoDrYNS1qOlxcu+vj7DqCW+H2RQw9PETljq+gdMw5eGsObAbbz
LQkqz290I3hSZAdSP0bCaEJJitxFOq0J6Wn6rSu8utQMRc5zKFxITGq3iE1Ztowr
VJQ30UnF72TA9x4vX4KM9VSkk8Wztwug
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org