Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/TarCTI8hQ56XynkanHgloxmNpis.roa
File: TarCTI8hQ56XynkanHgloxmNpis.roa (raw, json)
Hash identifier: Zm2G1HuyNG/uc3Y7R6Hq9qUGG4vZ2vtPy5FCWuT7RDQ=
Subject key identifier: 4D:AA:C2:4C:8F:21:43:9E:97:CA:79:1A:9C:78:25:A3:19:8D:A6:2B
Certificate issuer: /CN=284e5eb112e13a42703dbb387ba577a2e793ac3a
Certificate serial: 0182020D16D28FB733F02239127EAAFCC30A
Authority key identifier: 28:4E:5E:B1:12:E1:3A:42:70:3D:BB:38:7B:A5:77:A2:E7:93:AC:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/TarCTI8hQ56XynkanHgloxmNpis.roa
Signing time: Fri 15 Jul 2022 13:29:48 +0000
ROA not before: Fri 15 Jul 2022 13:29:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60475
IP address blocks: 5.253.196.0/24 maxlen: 24
5.253.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:02:0d:16:d2:8f:b7:33:f0:22:39:12:7e:aa:fc:c3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=284e5eb112e13a42703dbb387ba577a2e793ac3a
Validity
Not Before: Jul 15 13:29:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4daac24c8f21439e97ca791a9c7825a3198da62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a3:c4:b4:f3:9e:f9:ad:89:48:58:c4:76:a0:
eb:1b:25:f1:65:cc:fc:1d:b7:27:ff:b1:90:67:23:
b8:99:a3:22:77:3f:c2:71:2f:50:7b:e6:0f:d9:4d:
0a:ca:48:38:f2:50:ef:65:90:f9:2e:20:2c:41:25:
ec:fb:58:69:29:4b:4d:93:d0:7d:7c:42:57:3b:d0:
03:0e:93:cc:01:46:dd:1d:a9:82:09:9e:5c:19:db:
fd:9c:20:2a:2c:ce:b4:f8:19:4b:c6:d9:bf:da:d9:
0e:e4:17:c2:da:d8:a4:f0:6b:0f:34:1f:65:2e:d2:
67:75:05:30:f8:a2:e7:b1:45:b1:34:5e:6d:c1:92:
b2:91:88:f4:27:af:d3:31:2c:df:65:db:45:a9:37:
18:89:53:b8:5c:c0:f4:dd:06:29:57:fc:91:16:f2:
00:81:31:b5:14:23:f1:55:d4:0a:15:e1:0d:e7:7a:
0c:c1:58:16:c2:8b:d4:a9:f3:c0:1f:47:e6:2f:ce:
24:38:34:3d:5a:a2:04:b8:8c:aa:23:0d:76:31:40:
27:74:ff:24:50:fa:a8:46:e0:81:a5:57:76:5a:d9:
3c:b3:c8:0a:88:bb:13:51:56:9a:bd:67:c8:03:77:
07:6f:c6:b2:ef:76:fd:cf:35:c3:75:6d:c8:8a:64:
70:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AA:C2:4C:8F:21:43:9E:97:CA:79:1A:9C:78:25:A3:19:8D:A6:2B
X509v3 Authority Key Identifier:
keyid:28:4E:5E:B1:12:E1:3A:42:70:3D:BB:38:7B:A5:77:A2:E7:93:AC:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/TarCTI8hQ56XynkanHgloxmNpis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/KE5esRLhOkJwPbs4e6V3oueTrDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:63:c6:60:95:31:66:8d:a6:12:d6:44:01:33:2a:64:b2:19:
59:f8:10:24:3d:05:90:2b:ee:6d:99:fa:23:13:47:f7:e7:b7:
4a:22:7a:9f:99:83:6d:0f:2d:a5:34:8a:48:73:ae:9d:b0:78:
42:97:40:f2:4e:8d:fc:d3:5e:5a:e9:45:ce:c7:f7:2a:5d:03:
2a:27:a4:88:c5:a2:4f:d1:52:13:dc:a4:f8:b2:9c:cc:38:c8:
a1:88:a5:e6:1b:ea:a7:25:e7:19:ea:79:45:61:c2:99:1c:b4:
a1:b0:15:03:3a:53:59:53:e2:e1:c9:66:2f:6a:d8:cb:af:1e:
23:1a:3b:10:25:c2:b0:d6:aa:49:db:9a:e5:0c:c4:c1:c3:fb:
99:2b:2b:5e:3c:28:5c:a9:4f:a8:f0:4f:cb:f8:af:b3:3a:19:
98:e6:c5:91:5e:98:1f:65:33:74:51:b8:dc:86:4c:58:0a:1f:
a8:9a:55:95:3a:64:8c:aa:0e:c7:e3:90:49:69:9e:46:6f:4e:
52:23:39:a7:5e:b7:0c:df:86:f1:52:05:24:b8:ab:d7:3d:60:
55:c1:b2:a4:55:c4:32:8a:b1:67:1c:52:01:ce:ec:a2:28:61:
22:3f:4b:4a:7a:08:09:68:4e:58:95:8b:30:7d:f5:47:17:eb:
3a:54:a9:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYICDRbSj7cz8CI5En6q/MMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NGU1ZWIxMTJlMTNhNDI3MDNkYmIzODdiYTU3N2EyZTc5
M2FjM2EwHhcNMjIwNzE1MTMyOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFhYzI0YzhmMjE0MzllOTdjYTc5MWE5Yzc4MjVhMzE5OGRhNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqPEtPOe+a2JSFjEdqDrGyXxZcz8
Hbcn/7GQZyO4maMidz/CcS9Qe+YP2U0Kykg48lDvZZD5LiAsQSXs+1hpKUtNk9B9
fEJXO9ADDpPMAUbdHamCCZ5cGdv9nCAqLM60+BlLxtm/2tkO5BfC2tik8GsPNB9l
LtJndQUw+KLnsUWxNF5twZKykYj0J6/TMSzfZdtFqTcYiVO4XMD03QYpV/yRFvIA
gTG1FCPxVdQKFeEN53oMwVgWwovUqfPAH0fmL84kODQ9WqIEuIyqIw12MUAndP8k
UPqoRuCBpVd2Wtk8s8gKiLsTUVaavWfIA3cHb8ay73b9zzXDdW3IimRw+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2qwkyPIUOel8p5Gpx4JaMZjaYrMB8GA1UdIwQY
MBaAFChOXrES4TpCcD27OHuld6Lnk6w6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0U1ZXNSTGhPa0p3UGJzNGU2VjNvdWVUckRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNmRlZjEtZjQyNS00OWE1LWFhYWYt
MDdjYmVkZGQ2NDE4LzEvVGFyQ1RJOGhRNTZYeW5rYW5IZ2xveG1OcGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNmRlZjEtZjQyNS00OWE1LWFhYWYtMDdjYmVkZGQ2NDE4
LzEvS0U1ZXNSTGhPa0p3UGJzNGU2VjNvdWVUckRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3EMA0G
CSqGSIb3DQEBCwUAA4IBAQCaY8ZglTFmjaYS1kQBMypkshlZ+BAkPQWQK+5tmfoj
E0f357dKInqfmYNtDy2lNIpIc66dsHhCl0DyTo38015a6UXOx/cqXQMqJ6SIxaJP
0VIT3KT4spzMOMihiKXmG+qnJecZ6nlFYcKZHLShsBUDOlNZU+LhyWYvatjLrx4j
GjsQJcKw1qpJ25rlDMTBw/uZKytePChcqU+o8E/L+K+zOhmY5sWRXpgfZTN0Ubjc
hkxYCh+omlWVOmSMqg7H45BJaZ5Gb05SIzmnXrcM34bxUgUkuKvXPWBVwbKkVcQy
irFnHFIBzuyiKGEiP0tKeggJaE5YlYswffVHF+s6VKlD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:28 2025 by rpki-client