Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/WszZgSVyvaX6Q-sKe9YRW7FMmA8.roa
File: WszZgSVyvaX6Q-sKe9YRW7FMmA8.roa (raw, json)
Hash identifier: UCOZDQrx8XZZWPYcSfxCHlKpuWKOgu0saGtzOhElm7c=
Subject key identifier: 5A:CC:D9:81:25:72:BD:A5:FA:43:EB:0A:7B:D6:11:5B:B1:4C:98:0F
Certificate issuer: /CN=38227a96fa64ad95240f0aee0bd374646c6bbee2
Certificate serial: 018572D5DF87C838E9D4412BD3DADE0A1461
Authority key identifier: 38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/WszZgSVyvaX6Q-sKe9YRW7FMmA8.roa
Signing time: Mon 02 Jan 2023 14:14:56 +0000
ROA not before: Mon 02 Jan 2023 14:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8680
IP address blocks: 5.253.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:df:87:c8:38:e9:d4:41:2b:d3:da:de:0a:14:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38227a96fa64ad95240f0aee0bd374646c6bbee2
Validity
Not Before: Jan 2 14:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5accd9812572bda5fa43eb0a7bd6115bb14c980f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:47:c8:27:fc:83:b2:8d:51:c5:92:06:42:3b:
c4:d6:40:aa:6f:52:9f:89:01:e2:8c:83:61:b5:3b:
3c:54:6d:99:bf:cb:0a:91:63:78:4f:4d:f8:21:17:
d0:9e:fc:bc:dd:81:d6:6c:4b:b1:b3:92:fd:c0:01:
e2:d0:9f:76:f4:50:60:a1:5d:12:d3:1b:fc:c8:e0:
3e:25:eb:7e:1c:06:e2:a9:c3:a0:28:84:9d:fa:bc:
b7:6c:99:c3:fb:f3:9e:d0:b3:a2:73:4f:7d:36:b7:
b3:36:e4:b2:4c:53:01:10:ec:4d:6a:25:50:0b:74:
6f:bb:76:79:1e:ac:2f:db:2f:76:3d:fe:23:b7:02:
70:7b:d5:86:1c:38:7f:bb:3c:45:89:5e:45:cc:88:
7f:64:9a:fe:ca:41:f7:93:28:6b:08:19:5d:49:00:
d9:c6:a9:13:94:1a:d2:13:01:80:cb:e8:a7:03:c7:
f6:85:51:f6:0b:4c:2b:7d:33:db:85:1b:3b:b7:4d:
3f:64:d1:70:d4:82:0e:bf:06:8d:63:94:b4:5f:b8:
8a:f3:33:c9:6f:68:6a:b3:39:d4:79:e5:b8:6f:23:
1f:27:1c:0d:e9:37:ca:6b:51:b2:d0:8f:36:23:21:
22:cf:ef:ac:6d:6d:4c:92:96:cb:34:98:6c:92:9b:
c6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CC:D9:81:25:72:BD:A5:FA:43:EB:0A:7B:D6:11:5B:B1:4C:98:0F
X509v3 Authority Key Identifier:
keyid:38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/WszZgSVyvaX6Q-sKe9YRW7FMmA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.76.0/24
Signature Algorithm: sha256WithRSAEncryption
87:0a:e8:67:00:ae:85:41:d3:40:ca:42:1b:cc:7c:59:ec:4f:
1d:ac:1f:3b:89:1d:f5:13:df:2a:aa:fc:5d:19:81:8a:61:d8:
89:4b:65:df:91:cb:e7:4d:eb:1b:f1:17:52:c7:d8:fd:0a:7f:
6e:42:ba:2b:d2:22:1e:e8:91:a1:a4:31:03:24:99:ab:5a:ea:
99:48:8f:4d:11:d4:0f:cf:ac:8c:ea:52:9f:15:b5:fa:3a:0c:
4a:e2:59:b0:65:e0:cb:92:70:4d:5b:9d:49:08:f9:88:8c:b5:
37:d0:c1:8a:13:b1:38:b6:44:d6:47:bf:dd:29:93:12:85:5b:
4b:50:4e:78:e3:1e:65:6a:c7:8d:60:be:c4:f9:04:98:78:90:
4a:ed:aa:64:a6:7f:35:61:eb:48:af:44:44:17:8e:df:cd:37:
e3:cd:b7:01:0c:30:ba:13:6a:9c:5b:da:c4:f4:4b:6b:67:fe:
06:ee:a7:1e:60:92:19:9c:da:1d:09:7e:c8:bd:d6:7a:c2:69:
c4:38:f3:b2:13:7a:f9:af:96:63:04:c9:50:7d:71:7f:d5:8d:
72:91:c5:8d:cb:7e:72:05:d4:1a:b9:13:0d:25:b6:dd:b3:a9:
de:69:ff:96:14:3f:b9:db:dd:f0:59:42:89:ed:a6:69:22:10:
e1:8e:33:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1d+HyDjp1EEr09reChRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjI3YTk2ZmE2NGFkOTUyNDBmMGFlZTBiZDM3NDY0NmM2
YmJlZTIwHhcNMjMwMTAyMTQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWNjZDk4MTI1NzJiZGE1ZmE0M2ViMGE3YmQ2MTE1YmIxNGM5ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0fIJ/yDso1RxZIGQjvE1kCqb1Kf
iQHijINhtTs8VG2Zv8sKkWN4T034IRfQnvy83YHWbEuxs5L9wAHi0J929FBgoV0S
0xv8yOA+Jet+HAbiqcOgKISd+ry3bJnD+/Oe0LOic099NrezNuSyTFMBEOxNaiVQ
C3Rvu3Z5Hqwv2y92Pf4jtwJwe9WGHDh/uzxFiV5FzIh/ZJr+ykH3kyhrCBldSQDZ
xqkTlBrSEwGAy+inA8f2hVH2C0wrfTPbhRs7t00/ZNFw1IIOvwaNY5S0X7iK8zPJ
b2hqsznUeeW4byMfJxwN6TfKa1Gy0I82IyEiz++sbW1MkpbLNJhskpvG/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrM2YElcr2l+kPrCnvWEVuxTJgPMB8GA1UdIwQY
MBaAFDgiepb6ZK2VJA8K7gvTdGRsa77iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYt
ZDFjOWJhMDhmNTU5LzEvV3N6WmdTVnl2YVg2US1zS2U5WVJXN0ZNbUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYtZDFjOWJhMDhmNTU5
LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf1MMA0G
CSqGSIb3DQEBCwUAA4IBAQCHCuhnAK6FQdNAykIbzHxZ7E8drB87iR31E98qqvxd
GYGKYdiJS2XfkcvnTesb8RdSx9j9Cn9uQror0iIe6JGhpDEDJJmrWuqZSI9NEdQP
z6yM6lKfFbX6OgxK4lmwZeDLknBNW51JCPmIjLU30MGKE7E4tkTWR7/dKZMShVtL
UE544x5laseNYL7E+QSYeJBK7apkpn81YetIr0REF47fzTfjzbcBDDC6E2qcW9rE
9EtrZ/4G7qceYJIZnNodCX7IvdZ6wmnEOPOyE3r5r5ZjBMlQfXF/1Y1ykcWNy35y
BdQauRMNJbbds6neaf+WFD+5293wWUKJ7aZpIhDhjjPK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:15 2025 by rpki-client