Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/40d2bOToNI3Ny1pXjk5qUw4sT5I.roa
File: 40d2bOToNI3Ny1pXjk5qUw4sT5I.roa (raw, json)
Hash identifier: C9QRsfBjG7eKQ5SHp3TXT3Qk/ILtzwupdOT1UcqU1sU=
Subject key identifier: E3:47:76:6C:E4:E8:34:8D:CD:CB:5A:57:8E:4E:6A:53:0E:2C:4F:92
Certificate issuer: /CN=fab796d980fa60fe2514fce62646f45d12c95165
Certificate serial: 0183F55E27606069D17905F24B802018EB47
Authority key identifier: FA:B7:96:D9:80:FA:60:FE:25:14:FC:E6:26:46:F4:5D:12:C9:51:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-reW2YD6YP4lFPzmJkb0XRLJUWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/40d2bOToNI3Ny1pXjk5qUw4sT5I.roa
Signing time: Thu 20 Oct 2022 12:28:51 +0000
ROA not before: Thu 20 Oct 2022 12:28:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209435
IP address blocks: 5.253.173.0/24 maxlen: 24
5.253.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:5e:27:60:60:69:d1:79:05:f2:4b:80:20:18:eb:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fab796d980fa60fe2514fce62646f45d12c95165
Validity
Not Before: Oct 20 12:28:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e347766ce4e8348dcdcb5a578e4e6a530e2c4f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1c:01:b6:98:7d:22:3a:86:6c:d4:61:70:c5:
aa:c3:17:50:88:f8:95:46:28:0a:eb:02:5c:9f:4c:
81:e0:59:3e:bc:ae:85:cd:91:08:0d:0c:33:c6:a0:
21:59:ac:10:37:c4:69:13:7c:ae:54:07:d5:e6:a7:
1b:8f:61:6b:d0:fa:6e:1b:7f:91:51:28:bf:93:5d:
ca:77:8f:96:8d:56:e1:c1:4a:c7:a1:0d:65:2c:2e:
14:61:89:f6:b0:96:93:53:97:bb:ed:5f:08:1f:40:
52:2d:de:6e:85:62:52:b1:73:4a:e0:23:b6:aa:4e:
24:81:bf:29:16:41:78:4c:d5:3d:d5:b9:68:00:2e:
20:dc:ae:f6:e7:76:41:d5:eb:f7:a0:85:82:ff:fd:
1a:49:bc:f8:64:4a:7a:6f:d4:3c:53:34:4b:19:d0:
33:1d:7a:34:b3:ab:f2:b1:ab:90:2a:22:0d:d3:3d:
f3:12:76:da:29:af:c9:ae:2b:a2:25:f7:2e:61:de:
17:75:a8:7a:3e:2f:53:1d:ae:ce:c4:c2:b8:c5:00:
4f:fb:35:3d:f4:39:10:d8:8a:c6:ec:aa:04:7b:c2:
b1:e5:d6:72:dc:46:0c:ef:29:c0:2f:ba:27:fa:3f:
6f:90:c9:1a:a1:56:a3:5a:a8:18:34:c9:8d:e2:76:
34:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:47:76:6C:E4:E8:34:8D:CD:CB:5A:57:8E:4E:6A:53:0E:2C:4F:92
X509v3 Authority Key Identifier:
keyid:FA:B7:96:D9:80:FA:60:FE:25:14:FC:E6:26:46:F4:5D:12:C9:51:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-reW2YD6YP4lFPzmJkb0XRLJUWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/40d2bOToNI3Ny1pXjk5qUw4sT5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/1-reW2YD6YP4lFPzmJkb0XRLJUWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:73:3d:2a:1a:89:82:44:d4:79:f8:06:6b:70:e6:5f:6f:73:
17:88:e2:d5:c2:f9:2d:c1:13:68:1e:61:81:f5:a6:ed:b2:dd:
f6:eb:b2:30:ca:5c:c5:4b:bb:30:bf:7e:37:36:96:22:13:37:
98:0c:c5:15:3d:79:11:82:f9:2e:ab:49:f0:7c:04:72:97:74:
54:c6:e1:1c:33:25:15:88:a2:05:12:f2:f2:f8:90:c9:88:b5:
8a:69:b8:3c:a9:52:9b:0b:87:d0:09:9b:12:29:1b:b9:89:5b:
0e:93:90:e0:1c:51:8b:e2:e0:14:fa:ef:46:9e:28:9c:9e:d6:
77:54:12:a5:5b:e1:7e:bb:f4:7e:58:e8:a7:8a:e0:4b:37:8c:
d7:ca:09:a9:b7:d0:90:8d:e2:38:44:17:da:97:7d:16:6c:15:
1a:87:81:38:a1:f1:6d:54:e5:2f:f2:f7:46:81:d0:2e:54:0a:
b1:a0:23:68:e8:33:5e:53:24:42:93:69:b7:6e:f2:9f:1a:01:
f7:71:12:09:44:04:66:d8:e7:bb:49:1b:b4:34:76:b5:ec:21:
7e:8d:b8:da:98:aa:c0:db:37:4e:fb:cc:45:3f:c0:1e:88:e8:
95:99:0e:a2:82:f4:ba:e7:91:22:77:b1:e8:50:0f:41:2f:1d:
c9:1c:47:77
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYP1XidgYGnReQXyS4AgGOtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYjc5NmQ5ODBmYTYwZmUyNTE0ZmNlNjI2NDZmNDVkMTJj
OTUxNjUwHhcNMjIxMDIwMTIyODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ3NzY2Y2U0ZTgzNDhkY2RjYjVhNTc4ZTRlNmE1MzBlMmM0ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRwBtph9IjqGbNRhcMWqwxdQiPiV
RigK6wJcn0yB4Fk+vK6FzZEIDQwzxqAhWawQN8RpE3yuVAfV5qcbj2Fr0PpuG3+R
USi/k13Kd4+WjVbhwUrHoQ1lLC4UYYn2sJaTU5e77V8IH0BSLd5uhWJSsXNK4CO2
qk4kgb8pFkF4TNU91bloAC4g3K7253ZB1ev3oIWC//0aSbz4ZEp6b9Q8UzRLGdAz
HXo0s6vysauQKiIN0z3zEnbaKa/JriuiJfcuYd4Xdah6Pi9THa7OxMK4xQBP+zU9
9DkQ2IrG7KoEe8Kx5dZy3EYM7ynAL7on+j9vkMkaoVajWqgYNMmN4nY0rwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFONHdmzk6DSNzctaV45OalMOLE+SMB8GA1UdIwQY
MBaAFPq3ltmA+mD+JRT85iZG9F0SyVFlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1yZVcyWUQ2WVA0bEZQem1Ka2IwWFJMSlVXVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvOTdmODllLTgyYjUtNDQyYi1iNjcy
LTVkMTkyZmJmY2IwYi8xLzQwZDJiT1RvTkkzTnkxcFhqazVxVXc0c1Q1SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTgvOTdmODllLTgyYjUtNDQyYi1iNjcyLTVkMTkyZmJmY2Iw
Yi8xLzEtcmVXMllENllQNGxGUHptSmtiMFhSTEpVV1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIF/aww
DQYJKoZIhvcNAQELBQADggEBAB5zPSoaiYJE1Hn4Bmtw5l9vcxeI4tXC+S3BE2ge
YYH1pu2y3fbrsjDKXMVLuzC/fjc2liITN5gMxRU9eRGC+S6rSfB8BHKXdFTG4Rwz
JRWIogUS8vL4kMmItYppuDypUpsLh9AJmxIpG7mJWw6TkOAcUYvi4BT670aeKJye
1ndUEqVb4X679H5Y6KeK4Es3jNfKCam30JCN4jhEF9qXfRZsFRqHgTih8W1U5S/y
90aB0C5UCrGgI2joM15TJEKTabdu8p8aAfdxEglEBGbY57tJG7Q0drXsIX6NuNqY
qsDbN077zEU/wB6I6JWZDqKC9LrnkSJ3sehQD0EvHckcR3c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:47 2024 by rpki-client on console-ams.rpki-client.org