Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/arGOoy8dh01VFgqHxD_dnWzeecU.roa
File: arGOoy8dh01VFgqHxD_dnWzeecU.roa (raw, json)
Hash identifier: D4Iz5jLjFH32Zn5scns8yI/26duohKoCAdoRBKRrIMc=
Subject key identifier: 6A:B1:8E:A3:2F:1D:87:4D:55:16:0A:87:C4:3F:DD:9D:6C:DE:79:C5
Certificate issuer: /CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Certificate serial: 01856F1D9F1748B0A086E969479AF10AE2B3
Authority key identifier: E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/arGOoy8dh01VFgqHxD_dnWzeecU.roa
Signing time: Sun 01 Jan 2023 20:54:50 +0000
ROA not before: Sun 01 Jan 2023 20:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34643
IP address blocks: 5.253.128.0/24 maxlen: 24
5.253.131.0/24 maxlen: 24
5.253.129.0/24 maxlen: 24
5.253.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9f:17:48:b0:a0:86:e9:69:47:9a:f1:0a:e2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Validity
Not Before: Jan 1 20:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ab18ea32f1d874d55160a87c43fdd9d6cde79c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:d6:6f:63:57:91:e5:82:42:ec:52:bc:5d:
eb:4b:ae:e2:98:6e:52:d9:81:03:20:b6:a3:16:aa:
a3:4e:16:14:ab:7c:16:23:83:08:35:d3:ba:57:54:
b6:5a:65:8c:ea:4d:cf:45:7b:c3:f0:1c:a2:9a:19:
41:56:67:aa:97:d1:80:cb:fe:e6:e9:73:f2:e8:92:
f9:69:2e:3c:96:6e:54:aa:5f:37:f2:1c:20:7c:c5:
a6:31:3a:99:c0:a0:1d:32:fc:82:08:ca:75:73:55:
2b:8b:c2:da:fd:22:bf:f3:53:eb:4a:54:2b:77:01:
4d:01:be:d4:9e:11:ca:70:75:4c:ef:c3:a8:4e:47:
be:db:ad:9e:b9:c2:35:35:55:9a:15:06:3f:4f:0e:
03:35:4c:75:80:dc:0b:ab:59:56:05:8f:2d:dc:bd:
68:1c:9b:7f:58:49:a0:c0:ef:12:b3:41:b1:87:08:
46:ad:a9:94:b1:16:cd:01:84:11:34:d3:c1:95:8d:
68:51:d1:e9:66:a9:b0:cc:af:2d:21:2b:34:a0:ae:
be:70:87:31:04:f7:bb:88:22:51:83:53:84:da:4c:
f6:a6:6c:b8:04:bb:56:e2:2d:f2:9f:69:42:b4:51:
e3:a9:6d:b1:c3:82:0e:d2:5f:05:45:29:9f:b2:08:
4b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B1:8E:A3:2F:1D:87:4D:55:16:0A:87:C4:3F:DD:9D:6C:DE:79:C5
X509v3 Authority Key Identifier:
keyid:E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/arGOoy8dh01VFgqHxD_dnWzeecU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.128.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:a8:19:7f:a7:f1:cc:ec:d3:90:9f:f0:49:a6:aa:76:ee:71:
f9:71:e8:4f:85:ed:d6:6a:57:0c:e2:8b:41:41:a2:18:57:8d:
65:24:32:1d:46:22:27:71:e7:57:b6:d0:ab:ad:c9:48:11:cd:
3d:b1:7a:73:10:9e:50:02:e5:88:51:c8:30:ed:79:03:c0:ee:
11:3e:f6:7e:ad:3e:fe:19:3e:f8:3c:63:e1:0a:41:d3:f3:2e:
80:ac:c2:b2:fe:8e:33:d6:33:c5:f3:04:06:25:f0:99:42:78:
9c:2d:f9:e7:91:37:71:7e:4b:2d:db:82:83:d8:f4:6e:fd:38:
20:13:83:95:cf:43:cc:c2:d0:9c:44:f4:95:b7:2d:bc:a9:3b:
06:31:09:00:d3:a0:8e:10:d2:66:74:01:41:24:ef:8e:76:10:
94:8b:32:18:5c:57:b4:72:63:00:d5:f6:52:0a:b1:8d:c3:c4:
13:cc:df:47:ec:78:db:92:a9:73:6d:f4:3f:4e:16:f9:24:58:
8a:c4:5d:bc:f8:e6:ab:55:11:17:54:db:cb:ca:73:88:00:f6:
67:79:58:e3:31:3a:b3:25:8b:f9:d2:da:91:f9:98:ca:e2:e9:
a5:eb:ef:57:c2:0a:79:5a:e3:01:6d:29:3d:4c:50:84:df:d4:
ef:a7:c4:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZ8XSLCghulpR5rxCuKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNmI2MTg1MTY1MmZjOGZlZGMwMTFhNmYyMmY3YWU5YjZi
ZWIwYTMwHhcNMjMwMTAxMjA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWIxOGVhMzJmMWQ4NzRkNTUxNjBhODdjNDNmZGQ5ZDZjZGU3OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltTWb2NXkeWCQuxSvF3rS67imG5S
2YEDILajFqqjThYUq3wWI4MINdO6V1S2WmWM6k3PRXvD8ByimhlBVmeql9GAy/7m
6XPy6JL5aS48lm5Uql838hwgfMWmMTqZwKAdMvyCCMp1c1Uri8La/SK/81PrSlQr
dwFNAb7UnhHKcHVM78OoTke+262eucI1NVWaFQY/Tw4DNUx1gNwLq1lWBY8t3L1o
HJt/WEmgwO8Ss0GxhwhGramUsRbNAYQRNNPBlY1oUdHpZqmwzK8tISs0oK6+cIcx
BPe7iCJRg1OE2kz2pmy4BLtW4i3yn2lCtFHjqW2xw4IO0l8FRSmfsghLwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqxjqMvHYdNVRYKh8Q/3Z1s3nnFMB8GA1UdIwQY
MBaAFOJrYYUWUvyP7cARpvIveum2vrCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMt
OTRlMWFiNTc1MDk0LzEvYXJHT295OGRoMDFWRmdxSHhEX2RuV3plZWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMtOTRlMWFiNTc1MDk0
LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf2AMA0G
CSqGSIb3DQEBCwUAA4IBAQCOqBl/p/HM7NOQn/BJpqp27nH5cehPhe3WalcM4otB
QaIYV41lJDIdRiIncedXttCrrclIEc09sXpzEJ5QAuWIUcgw7XkDwO4RPvZ+rT7+
GT74PGPhCkHT8y6ArMKy/o4z1jPF8wQGJfCZQnicLfnnkTdxfkst24KD2PRu/Tgg
E4OVz0PMwtCcRPSVty28qTsGMQkA06COENJmdAFBJO+OdhCUizIYXFe0cmMA1fZS
CrGNw8QTzN9H7HjbkqlzbfQ/Thb5JFiKxF28+OarVREXVNvLynOIAPZneVjjMTqz
JYv50tqR+ZjK4uml6+9Xwgp5WuMBbSk9TFCE39Tvp8Qn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:06 2025 by rpki-client