Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/RYJU-5L1x7TLgfscRD0cdhG0o8w.roa
File: RYJU-5L1x7TLgfscRD0cdhG0o8w.roa (raw, json)
Hash identifier: azSv4nZr6B/8Wj4Lj8H2w2CGN5oyAIfgflX+pTKiHqY=
Subject key identifier: 45:82:54:FB:92:F5:C7:B4:CB:81:FB:1C:44:3D:1C:76:11:B4:A3:CC
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F429340208AFA0634EED6FC61077FD0
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/RYJU-5L1x7TLgfscRD0cdhG0o8w.roa
Signing time: Sun 01 Jan 2023 21:35:12 +0000
ROA not before: Sun 01 Jan 2023 21:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17819
IP address blocks: 5.152.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:93:40:20:8a:fa:06:34:ee:d6:fc:61:07:7f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=458254fb92f5c7b4cb81fb1c443d1c7611b4a3cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0a:29:24:c9:fa:b9:49:3e:e1:a0:24:78:90:
fd:2b:57:71:39:f4:4e:a7:21:c4:c5:dd:af:07:7a:
ae:74:e7:c5:24:0f:ce:c6:65:a6:24:01:4b:3e:38:
d5:d0:92:92:9a:b3:fb:a0:2f:3f:44:05:e0:f1:aa:
ac:82:9c:c8:0a:8e:30:46:ce:58:e9:09:7b:31:61:
c0:b1:d1:db:2f:d1:dd:89:6d:2c:7d:af:85:b8:67:
b2:e2:27:5c:51:1d:1b:72:37:bf:61:a2:03:60:3e:
a3:db:3c:d7:8b:35:89:2f:06:c4:41:b8:be:2e:c8:
ba:75:ff:90:71:c9:9c:02:2a:8e:cb:fe:9f:ad:c1:
74:62:ef:2d:34:03:f8:75:d6:8e:c3:52:80:20:91:
cd:fc:be:d3:24:b0:4b:15:06:33:24:d9:67:84:da:
6c:ec:3b:2b:97:29:93:4a:bf:e2:44:33:54:32:07:
c7:ec:f6:3b:b3:c6:36:98:85:32:68:d8:0a:ec:1d:
9b:8a:10:d7:56:23:f7:32:ad:cc:de:4c:30:d2:08:
44:c8:fc:45:d1:27:1f:0b:f4:39:1a:f4:40:99:70:
38:3d:53:42:59:ce:e1:a9:c2:cd:99:44:57:ab:2c:
8a:98:22:13:37:43:16:17:99:a8:0f:36:be:5d:25:
5d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:82:54:FB:92:F5:C7:B4:CB:81:FB:1C:44:3D:1C:76:11:B4:A3:CC
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/RYJU-5L1x7TLgfscRD0cdhG0o8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.180.0/24
Signature Algorithm: sha256WithRSAEncryption
25:9e:67:1e:00:9f:05:01:22:a5:ef:62:2d:86:94:95:b2:e6:
05:13:3d:46:fe:f6:56:63:17:c0:fa:5c:59:18:01:ac:db:cd:
fd:eb:ac:0e:5d:8e:f1:07:36:b7:5c:af:28:a5:47:99:c5:b7:
cc:e9:3c:cf:09:83:3f:b2:91:6c:76:8e:3f:b3:68:93:7f:5a:
1b:ff:a9:2e:df:05:91:d8:62:3a:f3:21:dd:43:85:0f:c0:05:
c0:66:11:05:11:1c:59:d9:97:5d:d3:e9:bd:a6:9a:cc:d2:3c:
31:ee:77:1c:f9:9f:64:56:4b:67:9f:9f:84:0d:f9:21:90:74:
21:4c:ce:66:27:0c:81:cf:02:fb:c6:39:82:93:4d:36:b5:86:
3d:3b:3d:5c:9c:28:99:ee:02:65:a9:ec:36:f6:ed:c7:73:5d:
ed:48:df:18:be:f0:0d:33:eb:b2:1b:d5:5d:01:96:cc:f3:71:
40:f8:7a:22:30:bc:9a:70:40:dc:66:db:02:83:15:a0:29:12:
7b:0f:ce:04:cb:e2:83:a6:b6:33:6f:a3:8d:a2:3a:dd:c0:e5:
57:e1:d8:13:49:1b:d3:a9:fc:60:62:38:e4:db:b1:41:e5:9a:
30:a8:86:4a:1f:30:58:8c:9d:d7:17:94:69:74:78:19:a3:5f:
84:b1:7b:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQpNAIIr6BjTu1vxhB3/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTgyNTRmYjkyZjVjN2I0Y2I4MWZiMWM0NDNkMWM3NjExYjRhM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQopJMn6uUk+4aAkeJD9K1dxOfRO
pyHExd2vB3qudOfFJA/OxmWmJAFLPjjV0JKSmrP7oC8/RAXg8aqsgpzICo4wRs5Y
6Ql7MWHAsdHbL9HdiW0sfa+FuGey4idcUR0bcje/YaIDYD6j2zzXizWJLwbEQbi+
Lsi6df+QccmcAiqOy/6frcF0Yu8tNAP4ddaOw1KAIJHN/L7TJLBLFQYzJNlnhNps
7DsrlymTSr/iRDNUMgfH7PY7s8Y2mIUyaNgK7B2bihDXViP3Mq3M3kww0ghEyPxF
0ScfC/Q5GvRAmXA4PVNCWc7hqcLNmURXqyyKmCITN0MWF5moDza+XSVdoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWCVPuS9ce0y4H7HEQ9HHYRtKPMMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvUllKVS01TDF4N1RMZ2ZzY1JEMGNkaEcwbzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZi0MA0G
CSqGSIb3DQEBCwUAA4IBAQAlnmceAJ8FASKl72IthpSVsuYFEz1G/vZWYxfA+lxZ
GAGs283966wOXY7xBza3XK8opUeZxbfM6TzPCYM/spFsdo4/s2iTf1ob/6ku3wWR
2GI68yHdQ4UPwAXAZhEFERxZ2Zdd0+m9pprM0jwx7ncc+Z9kVktnn5+EDfkhkHQh
TM5mJwyBzwL7xjmCk002tYY9Oz1cnCiZ7gJlqew29u3Hc13tSN8YvvANM+uyG9Vd
AZbM83FA+HoiMLyacEDcZtsCgxWgKRJ7D84Ey+KDprYzb6ONojrdwOVX4dgTSRvT
qfxgYjjk27FB5ZowqIZKHzBYjJ3XF5RpdHgZo1+EsXtk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:43 2025 by rpki-client