Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/tvbHz39z5PD8AhshkQZ9a7RlITk.roa
File: tvbHz39z5PD8AhshkQZ9a7RlITk.roa (raw, json)
Hash identifier: NMmpJ3oBq/gbgmvxL1tm9sQ1ZQEMtm7ezYjV5rud8gg=
Subject key identifier: B6:F6:C7:CF:7F:73:E4:F0:FC:02:1B:21:91:06:7D:6B:B4:65:21:39
Certificate issuer: /CN=5bb1c57055c29d669f289a9f68f392823942132a
Certificate serial: 01856EB9158B18D0EE391BAB765F2F8501C2
Authority key identifier: 5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/tvbHz39z5PD8AhshkQZ9a7RlITk.roa
Signing time: Sun 01 Jan 2023 19:05:01 +0000
ROA not before: Sun 01 Jan 2023 19:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202709
IP address blocks: 5.253.215.0/24 maxlen: 24
5.253.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:15:8b:18:d0:ee:39:1b:ab:76:5f:2f:85:01:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb1c57055c29d669f289a9f68f392823942132a
Validity
Not Before: Jan 1 19:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6f6c7cf7f73e4f0fc021b2191067d6bb4652139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1c:16:f8:0e:2d:6b:f9:1a:bf:b1:fa:44:b6:
0f:3e:29:3a:24:fb:e0:e3:b9:dc:b2:a8:ce:52:73:
9d:00:96:51:33:52:96:95:02:8d:8d:3a:8c:d7:e2:
40:44:82:cd:d7:64:2a:3d:cf:a0:4f:96:75:aa:76:
87:cf:47:1b:b0:13:c7:e8:f5:99:ca:34:6b:f6:65:
2d:fa:74:c6:b1:23:6b:47:29:d3:2a:08:76:44:4a:
32:38:34:a4:c7:18:4c:db:06:b9:5c:6a:2b:41:7e:
d4:6a:ab:14:a6:49:92:cf:5e:7f:b6:a9:f1:67:49:
18:2d:28:45:df:ce:b1:b5:13:3e:b0:b1:4b:41:9a:
a3:dd:b1:be:12:31:ce:b6:98:b8:66:70:25:fa:c8:
eb:a2:f3:e2:47:e8:41:f2:0f:c2:f4:cb:6b:b1:c1:
43:93:78:3c:5a:80:2f:2c:7b:b3:fc:8f:b8:d7:95:
37:d9:9b:1c:a1:4f:e5:77:dd:cd:c6:17:56:97:99:
a7:f4:3d:01:aa:02:d2:58:a7:f6:bd:44:7f:52:e6:
d2:2a:83:b0:0f:ed:a1:d2:6a:8a:a2:3c:aa:c5:cc:
47:68:2d:36:39:ef:25:16:8f:d6:fe:a3:32:b3:87:
0b:96:24:ef:b3:40:95:68:18:94:ed:a2:e5:4b:84:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F6:C7:CF:7F:73:E4:F0:FC:02:1B:21:91:06:7D:6B:B4:65:21:39
X509v3 Authority Key Identifier:
keyid:5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/tvbHz39z5PD8AhshkQZ9a7RlITk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.214.0/23
Signature Algorithm: sha256WithRSAEncryption
23:54:d7:70:22:e6:f1:65:aa:4a:64:48:de:94:8e:e9:29:11:
06:ca:45:15:08:08:6f:ae:30:29:79:d7:f7:85:fe:89:e1:91:
1c:69:c7:70:69:ef:14:dd:46:ce:7e:59:1d:81:c4:36:aa:6f:
6f:df:c5:83:54:25:fd:ad:55:90:1b:05:71:4e:da:99:94:c1:
a1:28:f9:06:14:a5:b9:a1:1b:79:f2:49:5f:42:2d:ee:6e:7c:
1f:91:8b:fb:08:84:b4:1a:5a:82:cc:d1:a9:ed:cf:a8:30:b4:
fc:34:e7:ec:f8:85:81:ea:3a:8d:50:f8:c2:87:19:8b:c4:20:
d0:8e:65:9e:37:90:c7:e0:fe:0b:3f:fb:38:05:57:56:67:d3:
44:e9:9e:ca:2b:e8:15:48:8c:cb:ee:25:3d:2c:de:e5:1a:ed:
fe:82:29:13:59:54:91:91:8a:b3:cb:78:c3:f9:37:4f:3b:9d:
b8:09:3c:b5:2c:9d:50:64:82:42:30:d6:f7:0f:e6:94:60:87:
15:8b:63:88:7a:ae:5f:c3:b1:33:56:bc:23:41:ab:44:ee:ca:
d0:06:7c:f6:2d:35:6f:1e:e1:2c:ba:ae:2d:a4:04:91:3d:6b:
3c:b0:12:03:f7:3b:af:3b:a5:de:bb:8c:94:6d:5f:1c:74:64:
ff:c9:5c:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuRWLGNDuORurdl8vhQHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYjFjNTcwNTVjMjlkNjY5ZjI4OWE5ZjY4ZjM5MjgyMzk0
MjEzMmEwHhcNMjMwMTAxMTkwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY2YzdjZjdmNzNlNGYwZmMwMjFiMjE5MTA2N2Q2YmI0NjUyMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixwW+A4ta/kav7H6RLYPPik6JPvg
47ncsqjOUnOdAJZRM1KWlQKNjTqM1+JARILN12QqPc+gT5Z1qnaHz0cbsBPH6PWZ
yjRr9mUt+nTGsSNrRynTKgh2REoyODSkxxhM2wa5XGorQX7UaqsUpkmSz15/tqnx
Z0kYLShF386xtRM+sLFLQZqj3bG+EjHOtpi4ZnAl+sjrovPiR+hB8g/C9MtrscFD
k3g8WoAvLHuz/I+415U32ZscoU/ld93NxhdWl5mn9D0BqgLSWKf2vUR/UubSKoOw
D+2h0mqKojyqxcxHaC02Oe8lFo/W/qMys4cLliTvs0CVaBiU7aLlS4TCaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLb2x89/c+Tw/AIbIZEGfWu0ZSE5MB8GA1UdIwQY
MBaAFFuxxXBVwp1mnyian2jzkoI5QhMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2Yt
NWNlYWUxOWY5NGY5LzEvdHZiSHozOXo1UEQ4QWhzaGtRWjlhN1JsSVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2YtNWNlYWUxOWY5NGY5
LzEvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBf3WMA0G
CSqGSIb3DQEBCwUAA4IBAQAjVNdwIubxZapKZEjelI7pKREGykUVCAhvrjApedf3
hf6J4ZEcacdwae8U3UbOflkdgcQ2qm9v38WDVCX9rVWQGwVxTtqZlMGhKPkGFKW5
oRt58klfQi3ubnwfkYv7CIS0GlqCzNGp7c+oMLT8NOfs+IWB6jqNUPjChxmLxCDQ
jmWeN5DH4P4LP/s4BVdWZ9NE6Z7KK+gVSIzL7iU9LN7lGu3+gikTWVSRkYqzy3jD
+TdPO524CTy1LJ1QZIJCMNb3D+aUYIcVi2OIeq5fw7EzVrwjQatE7srQBnz2LTVv
HuEsuq4tpASRPWs8sBID9zuvO6Xeu4yUbV8cdGT/yVwK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:35 2025 by rpki-client