Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/5tAT91JwmetGnWYIvmAWYDrm02c.roa
File: 5tAT91JwmetGnWYIvmAWYDrm02c.roa (raw, json)
Hash identifier: 9B8nUP3Ce3M7ApN0tdbMvQ9Kp09gSyEQCJUGKPXpjNo=
Subject key identifier: E6:D0:13:F7:52:70:99:EB:46:9D:66:08:BE:60:16:60:3A:E6:D3:67
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 07D9824C
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/5tAT91JwmetGnWYIvmAWYDrm02c.roa
Signing time: Sat 01 Jan 2022 10:03:23 +0000
ROA not before: Sat 01 Jan 2022 10:03:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199837
IP address blocks: 5.180.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131695180 (0x7d9824c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 1 10:03:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6d013f7527099eb469d6608be6016603ae6d367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:24:4d:a5:f6:f1:6d:71:af:aa:37:5f:58:0a:
e9:57:c4:25:7d:92:10:d4:05:b7:25:be:16:b2:5d:
cf:5b:3c:8a:a8:a4:b8:7d:03:6a:77:51:67:49:cd:
96:11:93:91:9c:17:ec:cb:2a:73:aa:7e:c0:26:6a:
98:8e:16:05:6e:80:85:0d:7e:3d:07:2f:2f:11:19:
aa:66:b1:bf:0b:8e:58:ee:f3:8c:ee:f5:cd:2f:a7:
1b:51:d8:36:39:eb:f8:9d:ac:f7:5b:19:e5:78:d2:
6b:79:79:32:c5:55:0a:58:b3:73:f4:1b:58:14:89:
ca:76:f8:70:23:7d:63:05:f8:b5:7f:12:72:0e:15:
5e:ad:4c:4f:98:f7:af:f2:6d:ab:f2:63:3b:8b:1c:
b8:6c:b0:02:ab:4e:8e:26:64:75:ce:3d:cf:3e:e6:
15:a5:8a:9d:d3:c6:15:15:be:68:c6:98:82:91:e3:
32:9e:ad:44:a0:fb:38:2d:ac:9a:ed:73:56:ce:0f:
51:45:17:97:64:fa:9d:04:63:44:40:e8:2d:60:af:
3e:c2:7e:bb:64:dd:e1:26:ad:25:6c:3b:31:90:c6:
34:58:c1:49:66:8f:0a:e7:c4:d6:97:10:64:e0:8d:
45:bf:59:92:7a:15:e7:8e:ed:29:78:07:e3:15:c9:
05:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D0:13:F7:52:70:99:EB:46:9D:66:08:BE:60:16:60:3A:E6:D3:67
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/5tAT91JwmetGnWYIvmAWYDrm02c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.171.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:82:2f:2e:59:9e:b9:38:5a:d5:f7:b5:12:28:25:f1:79:4a:
c9:7c:95:ca:f4:8f:4a:55:7c:51:71:f0:e7:d6:b3:a0:52:31:
3e:98:39:07:c1:90:be:5b:8a:e9:85:9b:79:0b:08:38:c0:e5:
3b:56:0f:27:98:19:89:42:a1:91:8d:2a:f1:71:08:67:4d:bb:
ab:5d:82:1a:61:62:f5:36:86:b3:f8:dc:32:22:06:ce:01:18:
38:23:eb:a1:c7:f3:1e:90:ce:bb:c1:dc:ab:78:40:1e:b4:f0:
e4:60:21:25:06:f2:6b:6b:f9:89:3b:9b:d4:40:1f:af:65:82:
64:9f:28:c1:18:df:50:ad:98:78:97:ac:1b:5c:67:64:99:13:
f4:c8:ef:90:22:c4:f2:64:7b:fb:29:d0:97:e3:bc:03:ab:9d:
5e:ed:73:1d:90:f8:99:5e:96:3e:c1:13:5c:54:ed:54:0e:b3:
9d:21:41:6a:fd:0a:6d:cc:14:de:aa:0f:c1:44:79:fb:2a:65:
3a:c2:b8:db:bd:01:2d:65:46:bb:77:36:ea:f5:3b:2a:0c:7c:
76:a4:0f:a0:47:4a:02:8c:85:4b:b6:a2:08:59:ef:91:b7:75:
87:27:dc:85:a0:3e:29:5b:23:f1:df:30:7d:d6:b5:38:f0:9b:
89:b3:10:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB9mCTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDgwMTJmYTE0YWNlN2EwYzNiZDJlODJlMGEyOWQ5YTQ0YmZlMjkwMB4XDTIyMDEw
MTEwMDMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZkMDEzZjc1Mjcw
OTllYjQ2OWQ2NjA4YmU2MDE2NjAzYWU2ZDM2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO8kTaX28W1xr6o3X1gK6VfEJX2SENQFtyW+FrJdz1s8iqik
uH0DandRZ0nNlhGTkZwX7Msqc6p+wCZqmI4WBW6AhQ1+PQcvLxEZqmaxvwuOWO7z
jO71zS+nG1HYNjnr+J2s91sZ5XjSa3l5MsVVClizc/QbWBSJynb4cCN9YwX4tX8S
cg4VXq1MT5j3r/Jtq/JjO4scuGywAqtOjiZkdc49zz7mFaWKndPGFRW+aMaYgpHj
Mp6tRKD7OC2smu1zVs4PUUUXl2T6nQRjREDoLWCvPsJ+u2Td4SatJWw7MZDGNFjB
SWaPCufE1pcQZOCNRb9ZknoV547tKXgH4xXJBSkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTm0BP3UnCZ60adZgi+YBZgOubTZzAfBgNVHSMEGDAWgBQ9gBL6FKznoMO9
LoLgop2aRL/ikDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BZQVMtaFNzNTZERHZTNkM0S0tkbWtTXzRwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvZWY1ZWQxLWJkZWUtNDYzOS05MjQ4LTc3Zjg0YzU2MmE1Zi8x
LzV0QVQ5MUp3bWV0R25XWUl2bUFXWURybTAyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
ZWY1ZWQxLWJkZWUtNDYzOS05MjQ4LTc3Zjg0YzU2MmE1Zi8xL1BZQVMtaFNzNTZE
RHZTNkM0S0tkbWtTXzRwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW0qzANBgkqhkiG9w0BAQsFAAOC
AQEAa4IvLlmeuTha1fe1Eigl8XlKyXyVyvSPSlV8UXHw59azoFIxPpg5B8GQvluK
6YWbeQsIOMDlO1YPJ5gZiUKhkY0q8XEIZ027q12CGmFi9TaGs/jcMiIGzgEYOCPr
ocfzHpDOu8Hcq3hAHrTw5GAhJQbya2v5iTub1EAfr2WCZJ8owRjfUK2YeJesG1xn
ZJkT9MjvkCLE8mR7+ynQl+O8A6udXu1zHZD4mV6WPsETXFTtVA6znSFBav0KbcwU
3qoPwUR5+yplOsK4270BLWVGu3c26vU7Kgx8dqQPoEdKAoyFS7aiCFnvkbd1hyfc
haA+KVsj8d8wfda1OPCbibMQdg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:34 2025 by rpki-client