Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/yGWCpOyt_8m4sm81VTalR0mFO_w.roa
File: yGWCpOyt_8m4sm81VTalR0mFO_w.roa (raw, json)
Hash identifier: jfm+jalBJFtCX8qC3wMNosgI2cd4hINUkRULpibwKpU=
Subject key identifier: C8:65:82:A4:EC:AD:FF:C9:B8:B2:6F:35:55:36:A5:47:49:85:3B:FC
Certificate issuer: /CN=fab796d980fa60fe2514fce62646f45d12c95165
Certificate serial: 01856D53BCD56E228AD5BA325D334D35020A
Authority key identifier: FA:B7:96:D9:80:FA:60:FE:25:14:FC:E6:26:46:F4:5D:12:C9:51:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-reW2YD6YP4lFPzmJkb0XRLJUWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/yGWCpOyt_8m4sm81VTalR0mFO_w.roa
Signing time: Sun 01 Jan 2023 12:34:42 +0000
ROA not before: Sun 01 Jan 2023 12:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209435
IP address blocks: 5.253.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:bc:d5:6e:22:8a:d5:ba:32:5d:33:4d:35:02:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fab796d980fa60fe2514fce62646f45d12c95165
Validity
Not Before: Jan 1 12:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c86582a4ecadffc9b8b26f355536a54749853bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:6e:bf:f9:9e:3a:6c:f3:ab:05:db:4b:2a:
09:67:d0:ba:a3:dc:52:62:bf:05:83:85:c2:07:94:
a4:ae:78:a4:98:a5:89:07:2f:18:b4:5c:8a:b5:a9:
f6:6e:27:9d:a5:1c:f5:47:a7:a5:78:66:cb:69:a5:
e9:31:b6:1c:45:b4:24:c5:61:77:d3:ab:43:c1:46:
f4:b8:4b:39:06:19:41:f0:e5:fb:b6:f0:de:9f:63:
61:34:92:04:b7:92:11:fd:84:37:fd:a2:41:c1:81:
c9:ae:84:62:d1:12:7e:da:39:0a:92:82:14:39:d8:
dd:5e:49:59:ea:ec:d1:70:c3:e3:d3:9b:f6:40:eb:
e3:6f:0e:bf:ce:92:18:15:57:1f:d5:58:cd:1c:b7:
12:03:f5:8e:83:f2:e6:4d:13:df:6d:eb:8e:86:90:
92:7f:22:1f:2a:75:cb:a5:21:e8:81:ee:94:6e:81:
c9:6d:ca:86:4d:27:6b:56:55:e2:87:a5:f6:f1:d8:
cc:28:50:61:a0:3f:a2:32:b7:7f:cc:ef:eb:6d:20:
5b:c6:02:b2:26:50:7f:aa:5f:21:df:26:b6:87:0c:
6a:51:e6:12:1d:f0:fe:5b:6f:8b:66:bf:7f:e2:6a:
77:53:95:34:f6:4e:5b:8b:82:64:a5:87:b3:85:c8:
74:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:65:82:A4:EC:AD:FF:C9:B8:B2:6F:35:55:36:A5:47:49:85:3B:FC
X509v3 Authority Key Identifier:
keyid:FA:B7:96:D9:80:FA:60:FE:25:14:FC:E6:26:46:F4:5D:12:C9:51:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-reW2YD6YP4lFPzmJkb0XRLJUWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/yGWCpOyt_8m4sm81VTalR0mFO_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/97f89e-82b5-442b-b672-5d192fbfcb0b/1/1-reW2YD6YP4lFPzmJkb0XRLJUWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.172.0/22
Signature Algorithm: sha256WithRSAEncryption
09:99:b4:aa:81:be:a7:8c:45:66:34:12:c0:89:71:74:b9:c4:
c1:a0:4b:64:da:d1:dd:ce:36:e1:7d:da:de:b4:5e:cf:92:94:
c3:5c:c1:09:05:dd:1e:59:41:63:7a:72:20:d7:02:72:bd:39:
04:88:5b:07:9f:30:e6:e8:9d:f1:1c:dc:0c:3e:14:5d:fc:a9:
23:df:2c:cd:60:c0:06:28:97:6d:1c:dc:08:5f:c1:f8:ff:ad:
c1:3d:95:32:22:f9:e5:ec:d6:2a:07:96:dc:65:f3:02:56:33:
91:bb:61:32:10:89:d7:74:95:03:dc:25:21:22:0d:8c:d4:87:
0f:f2:84:07:79:c3:e0:2e:a0:37:da:4f:f9:91:4d:f7:af:02:
7d:25:ff:a9:a7:3b:5b:87:02:55:f9:73:b0:0c:08:c9:4c:81:
73:20:ad:a2:7b:8d:35:ab:f4:ab:01:ed:cd:74:43:62:8b:3a:
27:ee:1a:2c:b3:ad:3a:78:ba:46:61:22:c1:81:f2:10:c3:09:
93:07:78:c3:c8:e9:2f:e3:3f:a6:d1:4d:a5:41:29:98:fc:d1:
af:f4:b2:6a:65:2a:24:2d:e1:98:59:22:37:de:2f:3e:ea:81:
74:fc:01:e8:75:5e:b2:f9:f4:07:ec:89:9d:80:a3:04:74:a6:
73:90:a4:2b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtU7zVbiKK1boyXTNNNQIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYjc5NmQ5ODBmYTYwZmUyNTE0ZmNlNjI2NDZmNDVkMTJj
OTUxNjUwHhcNMjMwMTAxMTIzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY1ODJhNGVjYWRmZmM5YjhiMjZmMzU1NTM2YTU0NzQ5ODUzYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOpuv/meOmzzqwXbSyoJZ9C6o9xS
Yr8Fg4XCB5SkrnikmKWJBy8YtFyKtan2biedpRz1R6eleGbLaaXpMbYcRbQkxWF3
06tDwUb0uEs5BhlB8OX7tvDen2NhNJIEt5IR/YQ3/aJBwYHJroRi0RJ+2jkKkoIU
OdjdXklZ6uzRcMPj05v2QOvjbw6/zpIYFVcf1VjNHLcSA/WOg/LmTRPfbeuOhpCS
fyIfKnXLpSHoge6UboHJbcqGTSdrVlXih6X28djMKFBhoD+iMrd/zO/rbSBbxgKy
JlB/ql8h3ya2hwxqUeYSHfD+W2+LZr9/4mp3U5U09k5bi4JkpYezhch0yQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMhlgqTsrf/JuLJvNVU2pUdJhTv8MB8GA1UdIwQY
MBaAFPq3ltmA+mD+JRT85iZG9F0SyVFlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1yZVcyWUQ2WVA0bEZQem1Ka2IwWFJMSlVXVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvOTdmODllLTgyYjUtNDQyYi1iNjcy
LTVkMTkyZmJmY2IwYi8xL3lHV0NwT3l0XzhtNHNtODFWVGFsUjBtRk9fdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTgvOTdmODllLTgyYjUtNDQyYi1iNjcyLTVkMTkyZmJmY2Iw
Yi8xLzEtcmVXMllENllQNGxGUHptSmtiMFhSTEpVV1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIF/aww
DQYJKoZIhvcNAQELBQADggEBAAmZtKqBvqeMRWY0EsCJcXS5xMGgS2Ta0d3ONuF9
2t60Xs+SlMNcwQkF3R5ZQWN6ciDXAnK9OQSIWwefMObonfEc3Aw+FF38qSPfLM1g
wAYol20c3Ahfwfj/rcE9lTIi+eXs1ioHltxl8wJWM5G7YTIQidd0lQPcJSEiDYzU
hw/yhAd5w+AuoDfaT/mRTfevAn0l/6mnO1uHAlX5c7AMCMlMgXMgraJ7jTWr9KsB
7c10Q2KLOifuGiyzrTp4ukZhIsGB8hDDCZMHeMPI6S/jP6bRTaVBKZj80a/0smpl
KiQt4ZhZIjfeLz7qgXT8Aeh1XrL59AfsiZ2AowR0pnOQpCs=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:05:03 2025 by rpki-client