Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/a7bRYcZgGdzvgypM7hign0Z5ICg.roa
File: a7bRYcZgGdzvgypM7hign0Z5ICg.roa (raw, json)
Hash identifier: iK9Lgixt9cL4YzJEbdNasINQQ1mT1C/aBIc0EE/yCAg=
Subject key identifier: 6B:B6:D1:61:C6:60:19:DC:EF:83:2A:4C:EE:18:A0:9F:46:79:20:28
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 018570B088DEB2C813CA7783AF72A13F8E9A
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/a7bRYcZgGdzvgypM7hign0Z5ICg.roa
Signing time: Mon 02 Jan 2023 04:14:55 +0000
ROA not before: Mon 02 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199837
IP address blocks: 5.180.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:88:de:b2:c8:13:ca:77:83:af:72:a1:3f:8e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 2 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bb6d161c66019dcef832a4cee18a09f46792028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ba:7f:09:77:9d:12:c3:3f:04:45:69:cc:8b:
d0:85:9b:fa:a6:49:e4:0a:db:20:44:19:33:30:ad:
ed:4c:0f:3f:67:1c:3d:fb:d0:72:28:b2:91:04:ba:
b2:f1:4f:55:d3:dc:b5:ef:ff:60:66:f0:aa:bc:ca:
1c:59:1a:29:ea:2d:7f:cc:fc:a3:3e:a2:f0:2b:b2:
c9:76:10:3a:18:6d:54:f9:fa:5e:e0:26:0b:eb:3f:
c2:a5:69:3f:12:48:d8:f3:cb:7e:d4:1e:40:e3:c3:
ee:8e:64:5d:11:4d:56:28:b6:6a:cd:17:05:fa:c9:
be:b4:50:1a:09:c7:5a:75:16:04:27:0a:b9:67:9b:
8c:7f:d8:5a:c2:de:71:97:ca:cc:15:08:e2:82:09:
2a:27:3c:db:b0:41:a2:f7:44:30:29:72:82:61:ea:
a5:d6:69:37:ed:2c:c8:98:22:10:3d:7a:4f:fc:75:
6e:34:a2:2b:d9:2e:f3:00:75:b1:b0:57:31:7f:9f:
1b:fd:90:c4:4d:02:70:3b:60:ed:fb:c9:53:f2:c3:
e2:bd:9c:ba:69:53:98:1c:f1:09:65:54:26:12:d5:
bb:8f:22:c8:e5:f0:5f:58:4b:50:9c:f1:eb:98:a2:
1e:34:3f:73:48:0f:71:8b:ea:8d:fd:e7:67:fe:ae:
17:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B6:D1:61:C6:60:19:DC:EF:83:2A:4C:EE:18:A0:9F:46:79:20:28
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/a7bRYcZgGdzvgypM7hign0Z5ICg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.171.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a2:d3:83:69:73:63:51:0c:4b:72:16:06:41:c4:2c:83:46:
84:85:2a:30:67:0a:9b:75:d5:b7:aa:0b:bf:b6:30:ee:26:1b:
70:95:e1:20:67:f8:94:9d:83:30:9f:a8:c7:8e:79:1b:b7:a4:
8b:1e:c5:7e:36:f6:86:bb:59:52:90:4e:61:6c:49:dd:7d:2c:
a4:21:d9:19:05:df:59:30:fe:7a:da:27:0a:31:56:f6:6c:3e:
08:26:58:58:dc:eb:fe:fc:e3:4e:47:ab:26:1b:fb:1e:61:6e:
3b:bc:e0:49:0c:b0:23:6f:ed:4f:b5:25:1a:d5:de:89:3a:28:
4f:7f:fc:5f:4c:2c:f7:fa:86:c3:cb:e4:7b:3b:66:26:d6:91:
6e:08:42:73:b3:b8:54:51:29:79:de:f6:c2:a8:67:51:fc:91:
1a:f5:4b:59:f2:16:f5:64:a4:2b:cf:98:da:e2:8b:bb:6c:e7:
f8:e1:c1:9d:62:77:fa:b2:a0:94:b6:f2:b7:ce:b8:b4:44:85:
63:6c:1c:a9:0a:77:31:0a:2b:ac:72:86:95:e5:d7:82:30:14:
be:3b:bd:3c:a0:4b:63:63:9b:00:05:0e:b1:9a:f7:d3:1d:89:
5b:60:8e:82:ba:97:47:35:1d:1d:ce:92:62:e2:c3:b2:a3:ad:
66:ee:34:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwsIjessgTyneDr3KhP46aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjMwMTAyMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI2ZDE2MWM2NjAxOWRjZWY4MzJhNGNlZTE4YTA5ZjQ2NzkyMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbp/CXedEsM/BEVpzIvQhZv6pknk
CtsgRBkzMK3tTA8/Zxw9+9ByKLKRBLqy8U9V09y17/9gZvCqvMocWRop6i1/zPyj
PqLwK7LJdhA6GG1U+fpe4CYL6z/CpWk/EkjY88t+1B5A48PujmRdEU1WKLZqzRcF
+sm+tFAaCcdadRYEJwq5Z5uMf9hawt5xl8rMFQjiggkqJzzbsEGi90QwKXKCYeql
1mk37SzImCIQPXpP/HVuNKIr2S7zAHWxsFcxf58b/ZDETQJwO2Dt+8lT8sPivZy6
aVOYHPEJZVQmEtW7jyLI5fBfWEtQnPHrmKIeND9zSA9xi+qN/edn/q4XzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGu20WHGYBnc74MqTO4YoJ9GeSAoMB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEvYTdiUlljWmdHZHp2Z3lwTTdoaWduMFo1SUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbSrMA0G
CSqGSIb3DQEBCwUAA4IBAQBeotODaXNjUQxLchYGQcQsg0aEhSowZwqbddW3qgu/
tjDuJhtwleEgZ/iUnYMwn6jHjnkbt6SLHsV+NvaGu1lSkE5hbEndfSykIdkZBd9Z
MP562icKMVb2bD4IJlhY3Ov+/ONOR6smG/seYW47vOBJDLAjb+1PtSUa1d6JOihP
f/xfTCz3+obDy+R7O2Ym1pFuCEJzs7hUUSl53vbCqGdR/JEa9UtZ8hb1ZKQrz5ja
4ou7bOf44cGdYnf6sqCUtvK3zri0RIVjbBypCncxCiuscoaV5deCMBS+O708oEtj
Y5sABQ6xmvfTHYlbYI6CupdHNR0dzpJi4sOyo61m7jSM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:49 2025 by rpki-client