Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W-MPHinGMFawYmuOj0BNlVfnPOo.roa
File: W-MPHinGMFawYmuOj0BNlVfnPOo.roa (raw, json)
Hash identifier: mm5LVDyumtyoNBWwQhKJ9UWtEb6c72yc3bOE+1yP9TU=
Subject key identifier: 5B:E3:0F:1E:29:C6:30:56:B0:62:6B:8E:8F:40:4D:95:57:E7:3C:EA
Certificate issuer: /CN=5bb1c57055c29d669f289a9f68f392823942132a
Certificate serial: 018824D7543E30D786C36AE5BC5101AA1E55
Authority key identifier: 5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W-MPHinGMFawYmuOj0BNlVfnPOo.roa
Signing time: Tue 16 May 2023 13:54:31 +0000
ROA not before: Tue 16 May 2023 13:54:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44084
IP address blocks: 5.253.212.0/23 maxlen: 24
2a09:5dc0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:d7:54:3e:30:d7:86:c3:6a:e5:bc:51:01:aa:1e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb1c57055c29d669f289a9f68f392823942132a
Validity
Not Before: May 16 13:54:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5be30f1e29c63056b0626b8e8f404d9557e73cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ef:77:4c:73:9d:b5:26:ad:1c:88:67:80:91:
71:88:3a:55:ab:a1:85:32:fe:32:6f:8b:1a:4c:c2:
0e:fc:3e:7c:02:4a:d7:71:97:9d:1d:1b:43:e8:d5:
35:80:ef:ab:b9:d7:af:01:48:c1:8f:c9:6e:f4:bf:
5c:ae:95:f2:9c:54:9f:5b:4e:6f:61:1c:7a:21:1f:
f7:56:74:40:c1:04:d9:db:ec:af:00:71:c6:2a:59:
58:1d:74:bd:e1:08:59:0e:3f:02:00:d1:35:1d:86:
6a:2c:41:88:a1:73:e2:04:5d:8b:a1:ce:a1:6f:1d:
a3:17:14:ea:f5:a4:e9:b4:6d:f5:45:b4:f2:4f:a1:
01:70:41:cf:2f:de:97:59:3c:48:90:ce:92:56:13:
1f:44:59:82:87:f1:8a:f9:b3:bf:9c:8d:fd:18:9f:
9f:df:6f:0b:72:23:50:6a:5a:b3:67:dd:26:70:77:
4e:53:8e:ae:68:aa:79:4f:62:24:88:57:95:c3:a7:
48:49:a5:c8:a0:c0:50:38:e8:6a:cb:55:75:4d:34:
ba:96:05:c7:44:3b:f6:e1:e4:87:d5:40:61:ca:e3:
d7:e4:2f:60:f1:d4:8b:50:72:7e:46:58:8e:04:71:
73:2b:3e:f8:a5:14:50:1b:3f:4c:87:a1:42:19:62:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E3:0F:1E:29:C6:30:56:B0:62:6B:8E:8F:40:4D:95:57:E7:3C:EA
X509v3 Authority Key Identifier:
keyid:5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W-MPHinGMFawYmuOj0BNlVfnPOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.212.0/23
IPv6:
2a09:5dc0::/30
Signature Algorithm: sha256WithRSAEncryption
82:dd:8d:79:5c:d7:a0:11:54:b5:57:98:7b:16:be:c3:97:5f:
41:cb:a1:3e:0a:9a:1d:12:a1:e2:19:43:12:1e:16:d6:d0:c9:
09:bf:6c:81:55:28:ea:66:97:a1:fe:6a:8a:81:19:0d:0b:7e:
a4:a4:cf:b3:0c:93:ae:f6:e4:c0:0c:4f:3a:63:29:65:b0:d2:
81:bf:3a:2d:cf:ec:2e:5e:18:d9:a8:ed:ae:e4:dc:6b:fa:e8:
39:09:7d:83:65:7b:53:f5:62:e5:33:7c:38:5d:f5:07:21:e9:
ec:33:cc:54:21:54:07:5d:3e:c1:0a:dc:b8:76:3b:8c:fb:ec:
b5:82:1c:24:c7:5a:4a:20:04:0d:6d:b3:01:e3:d8:6d:63:fc:
4a:be:02:e8:34:34:9a:37:ad:38:1b:89:ec:bf:16:b9:53:5b:
e1:52:5d:6c:85:d1:a5:eb:07:5b:b9:c3:58:06:2c:5b:f9:16:
97:2a:16:d3:59:ef:1f:aa:07:df:1d:25:c0:a4:ba:4d:72:cf:
f8:69:c5:61:78:27:7f:f0:d7:c1:3e:b7:d5:97:4d:ad:f0:31:
c1:43:52:0a:b4:2a:cd:92:e7:4d:94:c2:68:bb:93:7a:1d:30:
b8:15:0a:1a:96:41:d4:10:46:28:b3:9f:34:ab:5b:cb:aa:b9:
8a:0d:c6:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgk11Q+MNeGw2rlvFEBqh5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYjFjNTcwNTVjMjlkNjY5ZjI4OWE5ZjY4ZjM5MjgyMzk0
MjEzMmEwHhcNMjMwNTE2MTM1NDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmUzMGYxZTI5YzYzMDU2YjA2MjZiOGU4ZjQwNGQ5NTU3ZTczY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+93THOdtSatHIhngJFxiDpVq6GF
Mv4yb4saTMIO/D58AkrXcZedHRtD6NU1gO+rudevAUjBj8lu9L9crpXynFSfW05v
YRx6IR/3VnRAwQTZ2+yvAHHGKllYHXS94QhZDj8CANE1HYZqLEGIoXPiBF2Loc6h
bx2jFxTq9aTptG31RbTyT6EBcEHPL96XWTxIkM6SVhMfRFmCh/GK+bO/nI39GJ+f
328LciNQalqzZ90mcHdOU46uaKp5T2IkiFeVw6dISaXIoMBQOOhqy1V1TTS6lgXH
RDv24eSH1UBhyuPX5C9g8dSLUHJ+RliOBHFzKz74pRRQGz9Mh6FCGWIq7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFvjDx4pxjBWsGJrjo9ATZVX5zzqMB8GA1UdIwQY
MBaAFFuxxXBVwp1mnyian2jzkoI5QhMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2Yt
NWNlYWUxOWY5NGY5LzEvVy1NUEhpbkdNRmF3WW11T2owQk5sVmZuUE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2YtNWNlYWUxOWY5NGY5
LzEvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBf3UMA0E
AgACMAcDBQIqCV3AMA0GCSqGSIb3DQEBCwUAA4IBAQCC3Y15XNegEVS1V5h7Fr7D
l19By6E+CpodEqHiGUMSHhbW0MkJv2yBVSjqZpeh/mqKgRkNC36kpM+zDJOu9uTA
DE86YyllsNKBvzotz+wuXhjZqO2u5Nxr+ug5CX2DZXtT9WLlM3w4XfUHIensM8xU
IVQHXT7BCty4djuM++y1ghwkx1pKIAQNbbMB49htY/xKvgLoNDSaN604G4nsvxa5
U1vhUl1shdGl6wdbucNYBixb+RaXKhbTWe8fqgffHSXApLpNcs/4acVheCd/8NfB
PrfVl02t8DHBQ1IKtCrNkudNlMJou5N6HTC4FQoalkHUEEYos580q1vLqrmKDcbi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:05 2025 by rpki-client