Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/d7hjYxH4rZ6vl5SyLXNJJ52u594.roa
File: d7hjYxH4rZ6vl5SyLXNJJ52u594.roa (raw, json)
Hash identifier: rK4D+g6XPm10sn2NEBzrCiA2EOf1bgKAI4puGEcRIyI=
Subject key identifier: 77:B8:63:63:11:F8:AD:9E:AF:97:94:B2:2D:73:49:27:9D:AE:E7:DE
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 055E02CD
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/d7hjYxH4rZ6vl5SyLXNJJ52u594.roa
Signing time: Tue 25 Jan 2022 07:42:37 +0000
ROA not before: Tue 25 Jan 2022 07:42:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 5.252.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90047181 (0x55e02cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 25 07:42:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77b8636311f8ad9eaf9794b22d7349279daee7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:67:d9:94:e6:bd:4b:27:db:79:ac:a6:88:4c:
bb:74:32:a6:52:22:7a:0f:03:aa:66:65:37:db:e3:
aa:8e:0d:4a:a3:b4:e6:2f:cc:76:cb:14:3e:e2:76:
24:e0:27:8c:a0:e3:68:84:f1:dc:85:ab:37:29:e4:
cb:45:fd:93:9d:1b:9d:a6:a7:6f:98:54:56:6c:85:
3a:05:4c:2d:21:d8:92:06:88:97:f5:f5:de:05:d1:
ff:3b:7d:a2:dc:ef:82:0d:a3:78:6b:63:96:c3:77:
2d:de:43:31:9b:90:64:ee:a9:87:68:8d:0b:eb:de:
3a:5d:3c:b2:75:8e:4d:bd:7a:93:41:1c:c4:a9:be:
09:df:d4:ac:4e:6b:15:56:f2:08:89:09:c1:f5:ae:
f0:72:cf:8a:20:d2:83:e3:92:0e:69:91:ed:0c:b2:
d2:69:50:da:d2:d2:45:8c:72:c6:57:dd:e6:18:d4:
b6:1c:20:0d:60:7d:a9:2e:78:72:c8:ab:cb:28:d8:
d0:18:fc:d1:9d:1f:d2:0f:3c:6e:68:d2:05:c1:d0:
f2:68:4d:5e:b5:09:4b:67:dc:a7:8a:a6:5b:0b:ee:
8b:e7:b4:e3:36:99:98:d3:07:45:c6:53:14:7d:91:
24:3f:ca:db:63:b8:7e:d3:e2:de:a5:61:da:ad:f6:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B8:63:63:11:F8:AD:9E:AF:97:94:B2:2D:73:49:27:9D:AE:E7:DE
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/d7hjYxH4rZ6vl5SyLXNJJ52u594.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.20.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:e7:f1:69:df:12:48:d8:c9:bf:96:ba:ac:6d:60:c6:26:02:
74:a1:a7:34:c1:73:01:9c:cc:8e:a2:1e:db:a4:43:31:2e:49:
b6:9d:86:e3:5f:4e:4f:fb:fa:2c:45:d8:79:e8:fe:c4:96:f8:
a7:6f:22:3d:5b:3e:f0:3d:d9:7e:19:64:ac:6c:bd:74:da:69:
db:04:93:79:6c:12:fa:94:3e:c3:2f:24:85:70:75:ab:2b:37:
05:36:49:d3:f8:d2:00:32:3a:eb:cd:15:b0:7b:92:de:5e:fe:
3a:3a:34:92:d1:43:6d:c9:da:03:f9:fb:64:1f:79:18:34:6a:
b3:b5:95:07:ea:ed:a2:b7:f1:6f:94:e9:a8:28:68:94:dc:85:
0a:9d:1b:7a:3d:79:f7:a5:65:f4:94:8f:0a:cb:8a:4f:3f:80:
91:7c:c8:73:3d:e7:92:2d:db:e8:87:d7:28:8b:af:00:70:15:
94:6e:ec:b7:49:43:82:be:0c:dd:a1:74:1f:06:b1:2a:c6:b8:
21:fc:e7:d0:07:b1:38:e4:d6:ad:22:cd:a2:d0:a6:9b:54:65:
27:da:a4:a6:c4:c3:0f:d6:8f:d0:7c:49:12:b8:f1:3f:c8:e9:
ab:d3:49:22:46:55:96:9c:ce:67:4e:a0:44:0d:0b:cf:ab:4a:
9c:70:43:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBV4CzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDIwZGRkMzk4ZGFjOGY2MmNjMTI1MjYzMjVmMTgyMWZiNzI0Zjc1MB4XDTIyMDEy
NTA3NDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdiODYzNjMxMWY4
YWQ5ZWFmOTc5NGIyMmQ3MzQ5Mjc5ZGFlZTdkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5n2ZTmvUsn23mspohMu3QyplIieg8DqmZlN9vjqo4NSqO0
5i/MdssUPuJ2JOAnjKDjaITx3IWrNynky0X9k50bnaanb5hUVmyFOgVMLSHYkgaI
l/X13gXR/zt9otzvgg2jeGtjlsN3Ld5DMZuQZO6ph2iNC+veOl08snWOTb16k0Ec
xKm+Cd/UrE5rFVbyCIkJwfWu8HLPiiDSg+OSDmmR7Qyy0mlQ2tLSRYxyxlfd5hjU
thwgDWB9qS54csiryyjY0Bj80Z0f0g88bmjSBcHQ8mhNXrUJS2fcp4qmWwvui+e0
4zaZmNMHRcZTFH2RJD/K22O4ftPi3qVh2q32yiUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3uGNjEfitnq+XlLItc0knna7n3jAfBgNVHSMEGDAWgBRtIN3TmNrI9izB
JSYyXxgh+3JPdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JTRGQwNWpheVBZc3dTVW1NbDhZSWZ0eVQzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8x
L2Q3aGpZeEg0clo2dmw1U3lMWE5KSjUydTU5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
YTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8xL2JTRGQwNWpheVBZ
c3dTVW1NbDhZSWZ0eVQzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAX8FDANBgkqhkiG9w0BAQsFAAOC
AQEAL+fxad8SSNjJv5a6rG1gxiYCdKGnNMFzAZzMjqIe26RDMS5Jtp2G419OT/v6
LEXYeej+xJb4p28iPVs+8D3ZfhlkrGy9dNpp2wSTeWwS+pQ+wy8khXB1qys3BTZJ
0/jSADI6680VsHuS3l7+Ojo0ktFDbcnaA/n7ZB95GDRqs7WVB+rtorfxb5TpqCho
lNyFCp0bej1596Vl9JSPCsuKTz+AkXzIcz3nki3b6IfXKIuvAHAVlG7st0lDgr4M
3aF0HwaxKsa4Ifzn0AexOOTWrSLNotCmm1RlJ9qkpsTDD9aP0HxJErjxP8jpq9NJ
IkZVlpzOZ06gRA0Lz6tKnHBDbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org