Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/8fc395-b674-4137-bc75-9bbd1eebe33e/1/y9XExuXEMt188FSwqTaFeaX_nsU.roa
File: y9XExuXEMt188FSwqTaFeaX_nsU.roa (raw, json)
Hash identifier: B8LFIr9HiO6vjAu5JdHoT/Ks5UsuOx6288cZp3Npvug=
Subject key identifier: CB:D5:C4:C6:E5:C4:32:DD:7C:F0:54:B0:A9:36:85:79:A5:FF:9E:C5
Certificate issuer: /CN=311f85188d082fd5640b5c3fe1221f60c501edb5
Certificate serial: 01862CBDEC22C1FCE739149C9F1E46E0C9E8
Authority key identifier: 31:1F:85:18:8D:08:2F:D5:64:0B:5C:3F:E1:22:1F:60:C5:01:ED:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR-FGI0IL9VkC1w_4SIfYMUB7bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/8fc395-b674-4137-bc75-9bbd1eebe33e/1/y9XExuXEMt188FSwqTaFeaX_nsU.roa
Signing time: Tue 07 Feb 2023 16:38:09 +0000
ROA not before: Tue 07 Feb 2023 16:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39305
IP address blocks: 5.183.16.0/24 maxlen: 24
5.183.17.0/24 maxlen: 24
2a0e:7400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:bd:ec:22:c1:fc:e7:39:14:9c:9f:1e:46:e0:c9:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311f85188d082fd5640b5c3fe1221f60c501edb5
Validity
Not Before: Feb 7 16:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbd5c4c6e5c432dd7cf054b0a9368579a5ff9ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:3a:e4:6d:df:4d:a7:d7:23:66:57:16:0b:1b:
73:81:a4:3e:2a:12:f2:50:45:b0:b5:f3:f7:5a:f2:
fb:6e:e3:ca:f5:4f:10:fc:e0:ec:dd:0f:65:77:25:
6e:c5:a8:58:45:05:e8:f4:b3:a5:fd:a7:11:68:7b:
a7:fc:d7:c0:54:d8:65:8e:ea:ec:80:44:62:c3:59:
c1:03:f3:bd:03:98:e4:ee:9e:0f:b1:6a:bc:27:5e:
67:cb:5f:a1:e0:6a:cd:a4:df:fe:53:01:0a:c4:03:
a5:de:8a:f0:1f:0f:f4:a1:24:cc:87:56:66:27:08:
8b:3d:77:84:cb:b4:00:c7:f0:d9:f3:9b:f0:24:77:
3e:cc:c1:2b:b7:19:21:c4:a1:42:b6:1c:f7:5c:bd:
8b:6c:af:95:c1:00:c8:bb:f1:1c:76:07:f1:71:a3:
f5:74:bb:ee:60:6e:e1:2d:ae:25:16:98:d9:ee:0a:
0d:bb:a9:55:59:ff:90:c5:41:4a:93:c2:8c:89:ad:
02:e9:cd:9f:a9:79:89:e0:1d:66:dc:d0:f6:d5:fc:
55:c3:d7:8b:f8:14:d8:29:ac:e6:81:10:e9:ab:05:
0b:7f:ac:72:c0:84:b2:a2:00:68:a3:3e:e6:2a:9c:
47:b2:73:21:0b:45:28:6c:4d:4a:1e:dc:62:58:83:
5d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D5:C4:C6:E5:C4:32:DD:7C:F0:54:B0:A9:36:85:79:A5:FF:9E:C5
X509v3 Authority Key Identifier:
keyid:31:1F:85:18:8D:08:2F:D5:64:0B:5C:3F:E1:22:1F:60:C5:01:ED:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR-FGI0IL9VkC1w_4SIfYMUB7bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8fc395-b674-4137-bc75-9bbd1eebe33e/1/y9XExuXEMt188FSwqTaFeaX_nsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8fc395-b674-4137-bc75-9bbd1eebe33e/1/MR-FGI0IL9VkC1w_4SIfYMUB7bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.16.0/23
IPv6:
2a0e:7400::/29
Signature Algorithm: sha256WithRSAEncryption
4a:5e:11:c3:ec:03:e2:5b:bd:c8:55:88:9b:32:59:83:4b:ed:
53:3b:0c:1c:b2:f2:ff:d2:23:91:ac:7b:ea:2b:c8:14:ab:04:
f8:98:9f:6a:f3:88:15:d4:ea:6b:e7:7d:58:c4:5b:8f:24:5e:
93:30:ca:44:f8:0c:b0:20:3c:2c:7f:ae:2e:46:07:1e:78:c5:
88:95:f4:33:e9:9b:3d:3f:0d:36:5a:b8:c0:68:ea:94:04:f1:
1c:19:f2:ad:f6:5e:b3:eb:54:be:3e:b1:5b:55:5b:b7:a0:bb:
29:07:67:ec:04:ed:7f:70:b6:86:16:03:20:a7:00:71:ae:6e:
c4:3c:ef:84:4e:e1:de:50:6f:03:d8:71:d0:06:18:6e:43:c5:
a5:f7:ee:91:2b:ee:c5:25:0b:76:5f:e2:ed:4c:49:3c:5b:87:
7d:b7:63:20:f9:ca:a6:97:fa:5e:56:88:a4:e6:39:ae:6d:c4:
d6:ec:5e:f8:9d:79:85:c6:d7:4f:91:36:3f:c7:5b:b8:f9:4d:
12:8f:f3:f5:4f:d3:69:e5:28:dd:f3:70:d9:15:8d:89:42:de:
11:36:f8:ff:27:03:a7:2e:a4:98:fb:a3:34:10:20:c7:e7:84:
f8:1d:46:24:10:fb:29:ef:ae:d2:ad:c0:17:ce:0d:05:2b:0b:
0a:69:81:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYsvewiwfznORScnx5G4MnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWY4NTE4OGQwODJmZDU2NDBiNWMzZmUxMjIxZjYwYzUw
MWVkYjUwHhcNMjMwMjA3MTYzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ1YzRjNmU1YzQzMmRkN2NmMDU0YjBhOTM2ODU3OWE1ZmY5ZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zrkbd9Np9cjZlcWCxtzgaQ+KhLy
UEWwtfP3WvL7buPK9U8Q/ODs3Q9ldyVuxahYRQXo9LOl/acRaHun/NfAVNhljurs
gERiw1nBA/O9A5jk7p4PsWq8J15ny1+h4GrNpN/+UwEKxAOl3orwHw/0oSTMh1Zm
JwiLPXeEy7QAx/DZ85vwJHc+zMErtxkhxKFCthz3XL2LbK+VwQDIu/EcdgfxcaP1
dLvuYG7hLa4lFpjZ7goNu6lVWf+QxUFKk8KMia0C6c2fqXmJ4B1m3ND21fxVw9eL
+BTYKazmgRDpqwULf6xywISyogBooz7mKpxHsnMhC0UobE1KHtxiWINdYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvVxMblxDLdfPBUsKk2hXml/57FMB8GA1UdIwQY
MBaAFDEfhRiNCC/VZAtcP+EiH2DFAe21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVItRkdJMElMOVZrQzF3XzRTSWZZTVVCN2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84ZmMzOTUtYjY3NC00MTM3LWJjNzUt
OWJiZDFlZWJlMzNlLzEveTlYRXh1WEVNdDE4OEZTd3FUYUZlYVhfbnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84ZmMzOTUtYjY3NC00MTM3LWJjNzUtOWJiZDFlZWJlMzNl
LzEvTVItRkdJMElMOVZrQzF3XzRTSWZZTVVCN2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBbcQMA0E
AgACMAcDBQMqDnQAMA0GCSqGSIb3DQEBCwUAA4IBAQBKXhHD7APiW73IVYibMlmD
S+1TOwwcsvL/0iORrHvqK8gUqwT4mJ9q84gV1Opr531YxFuPJF6TMMpE+AywIDws
f64uRgceeMWIlfQz6Zs9Pw02WrjAaOqUBPEcGfKt9l6z61S+PrFbVVu3oLspB2fs
BO1/cLaGFgMgpwBxrm7EPO+ETuHeUG8D2HHQBhhuQ8Wl9+6RK+7FJQt2X+LtTEk8
W4d9t2Mg+cqml/peVoik5jmubcTW7F74nXmFxtdPkTY/x1u4+U0Sj/P1T9Np5Sjd
83DZFY2JQt4RNvj/JwOnLqSY+6M0ECDH54T4HUYkEPsp767SrcAXzg0FKwsKaYHT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:44 2025 by rpki-client