Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/jJYmNUjF6E6xDfqis6SaafiS5pA.roa
File: jJYmNUjF6E6xDfqis6SaafiS5pA.roa (raw, json)
Hash identifier: IDkZEq5I/ilw0zq2UPOLM6TdVc8LldzOHlrQ5Mk4jLk=
Subject key identifier: 8C:96:26:35:48:C5:E8:4E:B1:0D:FA:A2:B3:A4:9A:69:F8:92:E6:90
Certificate issuer: /CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Certificate serial: 0185355EE986ABE3FF005ABF556E4D2ABC01
Authority key identifier: E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/jJYmNUjF6E6xDfqis6SaafiS5pA.roa
Signing time: Wed 21 Dec 2022 15:48:10 +0000
ROA not before: Wed 21 Dec 2022 15:48:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34643
IP address blocks: 5.253.128.0/24 maxlen: 24
5.253.131.0/24 maxlen: 24
5.253.129.0/24 maxlen: 24
5.253.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:5e:e9:86:ab:e3:ff:00:5a:bf:55:6e:4d:2a:bc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Validity
Not Before: Dec 21 15:48:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c96263548c5e84eb10dfaa2b3a49a69f892e690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:95:b3:b4:48:59:37:cb:69:34:a4:aa:bb:a7:
90:bd:ba:d7:13:e7:be:31:3f:5c:c6:6e:98:8b:b8:
17:87:4c:a0:3d:b9:86:3f:40:47:ac:ac:9d:97:8b:
46:07:8e:51:87:51:da:1e:53:93:4c:6b:70:30:47:
d6:be:07:d4:a1:8e:ec:1b:b2:92:40:34:18:de:33:
8b:be:01:ff:da:5c:cb:d2:6a:54:ae:b7:52:86:ef:
44:8d:ab:68:f3:fe:6a:49:ee:78:4d:3a:a8:0d:4f:
8b:51:46:ed:68:d1:d5:0f:3a:6c:90:b9:ed:02:34:
4b:da:5b:85:36:75:7a:22:56:c3:df:83:66:c7:f6:
52:13:42:76:c3:4f:35:e2:01:5d:fd:18:75:b4:f9:
cb:af:23:ed:05:7e:48:c1:21:27:49:68:80:6c:16:
31:b0:a0:29:c0:32:25:1b:ab:2b:bd:af:87:e1:06:
b0:39:2d:6c:3a:f3:4d:c9:c7:55:f5:27:ec:a2:aa:
97:54:75:24:96:77:84:db:10:5d:74:e0:ca:22:b6:
22:41:d5:1b:bb:1d:bb:0e:95:c9:83:81:d2:8c:16:
c1:cd:c9:18:23:04:26:76:aa:35:05:d7:96:65:ee:
b6:9f:0f:7a:b4:65:e7:a2:92:3a:37:e7:a5:fe:33:
94:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:96:26:35:48:C5:E8:4E:B1:0D:FA:A2:B3:A4:9A:69:F8:92:E6:90
X509v3 Authority Key Identifier:
keyid:E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/jJYmNUjF6E6xDfqis6SaafiS5pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.128.0/22
Signature Algorithm: sha256WithRSAEncryption
33:b1:a9:e5:79:b9:6e:90:f7:80:62:ad:64:c8:f7:2d:97:0d:
e2:1e:1e:54:63:f6:04:e7:94:f3:19:b1:3d:bd:f8:ea:f6:7f:
28:27:bc:9d:50:70:14:17:dd:b2:62:a2:75:e0:fc:00:78:af:
ab:fa:32:68:b6:d0:46:2d:c7:d8:01:46:4c:30:5e:2b:f4:43:
79:ee:c8:46:ac:87:62:5e:54:1f:53:d9:46:8c:2a:d2:dd:c7:
fb:5d:50:51:77:39:1c:77:6e:6d:b5:7a:b9:af:66:6b:76:d5:
4b:37:38:ad:82:5e:3a:3b:14:13:b1:d0:c6:3c:6c:4c:37:d4:
7a:32:fc:db:c0:79:dd:1e:50:cf:9d:5e:30:11:11:27:70:77:
20:a8:39:f6:b7:31:86:85:95:e2:ee:d8:0d:32:25:6e:61:84:
be:f0:ef:96:02:33:38:24:02:b0:f0:f5:fc:7e:86:70:c1:de:
33:97:a1:d7:a6:2d:09:49:ed:ff:68:9c:93:7f:8c:9a:b8:b9:
e6:1a:d4:19:be:99:2f:91:06:f9:bf:37:03:f4:82:47:68:d7:
75:72:39:61:e2:2c:2d:5f:d5:ca:c1:e6:72:02:fd:0e:ea:f9:
b3:cc:fd:6a:e1:ec:29:cd:09:9a:22:53:ac:52:a7:4c:1e:5d:
6c:c2:b2:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU1XumGq+P/AFq/VW5NKrwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNmI2MTg1MTY1MmZjOGZlZGMwMTFhNmYyMmY3YWU5YjZi
ZWIwYTMwHhcNMjIxMjIxMTU0ODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzk2MjYzNTQ4YzVlODRlYjEwZGZhYTJiM2E0OWE2OWY4OTJlNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJWztEhZN8tpNKSqu6eQvbrXE+e+
MT9cxm6Yi7gXh0ygPbmGP0BHrKydl4tGB45Rh1HaHlOTTGtwMEfWvgfUoY7sG7KS
QDQY3jOLvgH/2lzL0mpUrrdShu9Ejato8/5qSe54TTqoDU+LUUbtaNHVDzpskLnt
AjRL2luFNnV6IlbD34Nmx/ZSE0J2w0814gFd/Rh1tPnLryPtBX5IwSEnSWiAbBYx
sKApwDIlG6srva+H4QawOS1sOvNNycdV9SfsoqqXVHUklneE2xBddODKIrYiQdUb
ux27DpXJg4HSjBbBzckYIwQmdqo1BdeWZe62nw96tGXnopI6N+el/jOUawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyWJjVIxehOsQ36orOkmmn4kuaQMB8GA1UdIwQY
MBaAFOJrYYUWUvyP7cARpvIveum2vrCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMt
OTRlMWFiNTc1MDk0LzEvakpZbU5VakY2RTZ4RGZxaXM2U2FhZmlTNXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMtOTRlMWFiNTc1MDk0
LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAzsanleblukPeAYq1kyPctlw3iHh5UY/YE55TzGbE9
vfjq9n8oJ7ydUHAUF92yYqJ14PwAeK+r+jJottBGLcfYAUZMMF4r9EN57shGrIdi
XlQfU9lGjCrS3cf7XVBRdzkcd25ttXq5r2ZrdtVLNzitgl46OxQTsdDGPGxMN9R6
MvzbwHndHlDPnV4wEREncHcgqDn2tzGGhZXi7tgNMiVuYYS+8O+WAjM4JAKw8PX8
foZwwd4zl6HXpi0JSe3/aJyTf4yauLnmGtQZvpkvkQb5vzcD9IJHaNd1cjlh4iwt
X9XKweZyAv0O6vmzzP1q4ewpzQmaIlOsUqdMHl1swrLm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:53 2023 by rpki-client on console-ams.rpki-client.org