Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/M__uODItGTw4rLqOxhUdsfNuAVA.roa
File: M__uODItGTw4rLqOxhUdsfNuAVA.roa (raw, json)
Hash identifier: ikcFVDJKfT6nvbJZnaSY5rtfw0gYKtVYDQcnzzADTwg=
Subject key identifier: 33:FF:EE:38:32:2D:19:3C:38:AC:BA:8E:C6:15:1D:B1:F3:6E:01:50
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 07DAD2E9
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/M__uODItGTw4rLqOxhUdsfNuAVA.roa
Signing time: Sat 01 Jan 2022 10:03:24 +0000
ROA not before: Sat 01 Jan 2022 10:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209137
IP address blocks: 5.180.168.0/23 maxlen: 23
5.180.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131781353 (0x7dad2e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 1 10:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33ffee38322d193c38acba8ec6151db1f36e0150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:c8:5c:27:ad:45:cb:bb:73:2a:83:80:e4:
e0:d5:59:ec:f7:34:bc:08:e4:74:8f:9d:d8:65:be:
f4:fd:e5:5d:13:96:b7:7c:14:16:32:af:ec:ae:30:
de:f2:f1:ef:0c:5a:43:34:6d:17:1d:6d:e5:b5:5e:
cb:51:34:d4:38:cf:6e:3c:93:bc:9b:9a:13:87:f5:
df:fb:86:b5:83:f8:e7:36:25:94:b9:d8:63:e4:02:
d7:46:2f:85:47:01:e1:16:d9:36:ff:81:f4:e6:cb:
06:93:4b:da:8a:7d:d5:b3:d0:db:11:d2:49:3a:3a:
f7:6e:f0:33:e5:3b:10:b7:f2:65:9e:fa:5c:91:04:
35:b9:e9:75:24:4b:24:80:20:76:56:a3:c7:1a:ce:
ed:eb:3c:d4:01:c4:b7:e5:5a:a0:f7:64:57:4c:fc:
7e:09:2c:1c:59:a9:b4:b0:70:02:05:9c:f6:5e:f8:
07:cb:90:9b:44:6b:bf:6a:18:07:30:c2:a2:95:14:
0b:9d:ba:55:0e:97:0f:58:d4:df:f1:35:9a:ae:9c:
5e:5a:72:23:43:d3:ed:5c:d6:9e:45:99:f5:cd:b5:
9f:3f:2e:2a:85:7d:d3:e8:25:83:d4:6c:2c:46:f0:
74:31:f4:22:d9:9a:45:0d:b0:86:37:87:13:0c:38:
a7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FF:EE:38:32:2D:19:3C:38:AC:BA:8E:C6:15:1D:B1:F3:6E:01:50
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/M__uODItGTw4rLqOxhUdsfNuAVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0-5.180.170.255
Signature Algorithm: sha256WithRSAEncryption
62:63:c6:8c:82:c0:b6:fd:72:aa:72:6e:11:87:ff:ec:8d:a5:
11:5c:6b:36:23:9c:e6:01:41:2c:be:12:3f:91:79:80:8a:14:
05:eb:67:e8:09:86:ed:4c:dc:31:4d:64:8c:33:7c:5e:9c:94:
68:7b:56:1c:b6:1e:e4:10:31:f7:01:d2:99:63:6b:fe:53:ed:
03:72:66:45:18:91:36:fd:74:75:b4:dd:be:62:d1:20:18:d4:
b8:85:2f:cc:35:26:f0:90:4f:fc:ba:37:ad:7d:cd:f7:24:a3:
3c:5b:98:4a:10:9c:11:47:af:86:9b:42:e2:c4:c4:c9:62:ce:
bc:a6:78:f8:42:7c:95:19:bb:15:bd:3d:d2:43:07:04:91:50:
5c:7a:25:ec:6b:14:20:d7:a6:ee:ff:e2:5d:1b:77:97:57:89:
c8:d0:3b:8a:ce:77:47:10:40:00:17:13:04:02:1c:31:c1:c1:
79:f6:5a:6c:dd:5a:23:8c:1c:22:1c:78:38:60:ec:e7:cb:14:
73:22:40:23:c6:8b:34:33:6e:60:9d:a1:b0:6f:71:21:fe:62:
2b:55:50:31:36:8d:75:7b:b7:96:50:c1:bd:76:07:b1:d4:ee:
dd:d9:a8:f0:80:0f:0f:ae:67:d1:01:bf:b7:6f:03:23:b3:18:
c8:d5:13:bd
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEB9rS6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDgwMTJmYTE0YWNlN2EwYzNiZDJlODJlMGEyOWQ5YTQ0YmZlMjkwMB4XDTIyMDEw
MTEwMDMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNmZmVlMzgzMjJk
MTkzYzM4YWNiYThlYzYxNTFkYjFmMzZlMDE1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH1yFwnrUXLu3Mqg4Dk4NVZ7Pc0vAjkdI+d2GW+9P3lXROW
t3wUFjKv7K4w3vLx7wxaQzRtFx1t5bVey1E01DjPbjyTvJuaE4f13/uGtYP45zYl
lLnYY+QC10YvhUcB4RbZNv+B9ObLBpNL2op91bPQ2xHSSTo6927wM+U7ELfyZZ76
XJEENbnpdSRLJIAgdlajxxrO7es81AHEt+VaoPdkV0z8fgksHFmptLBwAgWc9l74
B8uQm0Rrv2oYBzDCopUUC526VQ6XD1jU3/E1mq6cXlpyI0PT7VzWnkWZ9c21nz8u
KoV90+glg9RsLEbwdDH0ItmaRQ2whjeHEww4p4MCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQz/+44Mi0ZPDisuo7GFR2x824BUDAfBgNVHSMEGDAWgBQ9gBL6FKznoMO9
LoLgop2aRL/ikDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BZQVMtaFNzNTZERHZTNkM0S0tkbWtTXzRwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvZWY1ZWQxLWJkZWUtNDYzOS05MjQ4LTc3Zjg0YzU2MmE1Zi8x
L01fX3VPREl0R1R3NHJMcU94aFVkc2ZOdUFWQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
ZWY1ZWQxLWJkZWUtNDYzOS05MjQ4LTc3Zjg0YzU2MmE1Zi8xL1BZQVMtaFNzNTZE
RHZTNkM0S0tkbWtTXzRwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDBbSoAwQABbSqMA0GCSqGSIb3
DQEBCwUAA4IBAQBiY8aMgsC2/XKqcm4Rh//sjaURXGs2I5zmAUEsvhI/kXmAihQF
62foCYbtTNwxTWSMM3xenJRoe1Ycth7kEDH3AdKZY2v+U+0DcmZFGJE2/XR1tN2+
YtEgGNS4hS/MNSbwkE/8ujetfc33JKM8W5hKEJwRR6+Gm0LixMTJYs68pnj4QnyV
GbsVvT3SQwcEkVBceiXsaxQg16bu/+JdG3eXV4nI0DuKzndHEEAAFxMEAhwxwcF5
9lps3VojjBwiHHg4YOznyxRzIkAjxos0M25gnaGwb3Eh/mIrVVAxNo11e7eWUMG9
dgex1O7d2ajwgA8PrmfRAb+3bwMjsxjI1RO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:04 2024 by rpki-client on console-ams.rpki-client.org