Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/Uoj5XcZ-XgGt-LZESw7zNTjhOzE.roa
File: Uoj5XcZ-XgGt-LZESw7zNTjhOzE.roa (raw, json)
Hash identifier: yphX0Rc85dROnn0YfUAQHUP0E037YrICgG8uZzBvZto=
Subject key identifier: 52:88:F9:5D:C6:7E:5E:01:AD:F8:B6:44:4B:0E:F3:35:38:E1:3B:31
Certificate issuer: /CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Certificate serial: 018BB35A3C38CD54DB898F7FE2E249B09F1B
Authority key identifier: E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/Uoj5XcZ-XgGt-LZESw7zNTjhOzE.roa
Signing time: Thu 09 Nov 2023 09:11:57 +0000
ROA not before: Thu 09 Nov 2023 09:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34643
IP address blocks: 5.253.128.0/24 maxlen: 24
5.253.131.0/24 maxlen: 24
5.253.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:5a:3c:38:cd:54:db:89:8f:7f:e2:e2:49:b0:9f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Validity
Not Before: Nov 9 09:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5288f95dc67e5e01adf8b6444b0ef33538e13b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:aa:6f:8c:f7:97:b0:39:a2:bf:9d:be:cc:aa:
bc:b6:cf:8f:e9:d5:f5:77:22:30:5f:ee:fa:ac:40:
38:90:cb:e2:5d:df:9b:81:37:75:9e:67:cc:6b:82:
7a:c6:bd:5e:ed:4c:21:70:f7:2c:9f:c9:6d:ad:ec:
0c:1b:1b:1c:e4:c8:a4:1d:1d:8f:2d:28:89:bc:20:
c1:6f:d0:5e:a5:3e:fa:67:45:8a:fc:f8:c9:00:47:
b9:2b:e4:d6:69:17:4a:6e:b9:09:d0:aa:23:93:48:
93:73:73:7e:30:14:cf:9e:ea:1c:3d:fa:41:85:af:
fd:72:cc:44:fa:01:d7:39:23:5b:83:31:8a:22:db:
47:0f:ba:d4:41:24:05:37:0a:73:bc:69:05:aa:dc:
c9:c5:dc:82:c4:ab:0c:f2:a6:57:1f:fe:a4:59:8c:
1c:81:a0:9e:fc:8b:89:2c:44:42:0d:6f:32:71:0f:
7f:2e:4b:03:e3:2d:b6:5a:96:f6:0d:9b:11:f7:98:
63:6d:d7:2b:2a:fd:a0:48:48:f3:bb:08:a9:ba:ca:
de:74:bd:fe:3c:48:d1:06:6e:90:ba:23:cd:93:75:
c6:5f:24:03:bf:5f:12:fa:b5:b0:4b:f3:6e:69:7d:
44:ce:37:1e:a9:56:a8:91:1c:5f:ee:ca:4a:8a:ee:
37:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:88:F9:5D:C6:7E:5E:01:AD:F8:B6:44:4B:0E:F3:35:38:E1:3B:31
X509v3 Authority Key Identifier:
keyid:E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/Uoj5XcZ-XgGt-LZESw7zNTjhOzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.128.0/23
5.253.131.0/24
Signature Algorithm: sha256WithRSAEncryption
56:42:d9:bc:73:41:0c:cd:21:ef:a0:7f:f6:3d:fc:1f:c5:c1:
39:76:ad:71:de:fa:60:a9:cd:51:27:23:fd:92:18:c3:73:3b:
53:4a:e1:9c:f2:0f:eb:e6:4e:08:64:8a:04:8d:20:b2:98:64:
ab:47:22:a7:21:89:a8:f8:43:bb:b8:c4:16:ba:05:4b:1e:e8:
14:b7:8d:6a:e2:46:15:48:de:bd:22:cc:31:53:27:10:0c:ce:
35:2f:d8:22:27:7d:bf:71:66:9e:5f:0c:95:03:bd:29:0c:58:
16:dc:d5:5c:ad:99:5f:28:81:8b:f8:a5:b3:8e:b2:81:97:5c:
ec:a9:4a:5c:cc:f6:03:94:13:67:15:06:d4:e1:f9:18:b1:28:
38:13:01:d0:48:83:09:80:9a:58:41:86:b7:d6:64:61:3c:43:
97:1f:5e:23:17:5c:81:3a:ce:74:1d:2b:7c:2e:3d:ea:84:40:
41:73:22:39:58:2f:ba:34:a3:69:15:57:d6:99:bb:1d:b7:ba:
72:42:b8:85:16:19:bd:e7:ca:04:ae:a5:71:39:f1:69:6f:16:
6e:97:3a:77:45:3f:0a:c9:58:91:dd:f2:95:70:aa:7c:59:d6:
13:e7:68:c0:ae:09:da:42:1a:d1:6e:26:73:01:54:98:28:1d:
66:aa:09:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuzWjw4zVTbiY9/4uJJsJ8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNmI2MTg1MTY1MmZjOGZlZGMwMTFhNmYyMmY3YWU5YjZi
ZWIwYTMwHhcNMjMxMTA5MDkxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg4Zjk1ZGM2N2U1ZTAxYWRmOGI2NDQ0YjBlZjMzNTM4ZTEzYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgapvjPeXsDmiv52+zKq8ts+P6dX1
dyIwX+76rEA4kMviXd+bgTd1nmfMa4J6xr1e7UwhcPcsn8ltrewMGxsc5MikHR2P
LSiJvCDBb9BepT76Z0WK/PjJAEe5K+TWaRdKbrkJ0Kojk0iTc3N+MBTPnuocPfpB
ha/9csxE+gHXOSNbgzGKIttHD7rUQSQFNwpzvGkFqtzJxdyCxKsM8qZXH/6kWYwc
gaCe/IuJLERCDW8ycQ9/LksD4y22Wpb2DZsR95hjbdcrKv2gSEjzuwipusredL3+
PEjRBm6QuiPNk3XGXyQDv18S+rWwS/NuaX1EzjceqVaokRxf7spKiu43NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKI+V3Gfl4Brfi2REsO8zU44TsxMB8GA1UdIwQY
MBaAFOJrYYUWUvyP7cARpvIveum2vrCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMt
OTRlMWFiNTc1MDk0LzEvVW9qNVhjWi1YZ0d0LUxaRVN3N3pOVGpoT3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMtOTRlMWFiNTc1MDk0
LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBf2AAwQA
Bf2DMA0GCSqGSIb3DQEBCwUAA4IBAQBWQtm8c0EMzSHvoH/2PfwfxcE5dq1x3vpg
qc1RJyP9khjDcztTSuGc8g/r5k4IZIoEjSCymGSrRyKnIYmo+EO7uMQWugVLHugU
t41q4kYVSN69IswxUycQDM41L9giJ32/cWaeXwyVA70pDFgW3NVcrZlfKIGL+KWz
jrKBl1zsqUpczPYDlBNnFQbU4fkYsSg4EwHQSIMJgJpYQYa31mRhPEOXH14jF1yB
Os50HSt8Lj3qhEBBcyI5WC+6NKNpFVfWmbsdt7pyQriFFhm958oErqVxOfFpbxZu
lzp3RT8KyViR3fKVcKp8WdYT52jArgnaQhrRbiZzAVSYKB1mqglO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:46 2025 by rpki-client