Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/AMqRk0h0qjMs5Duzmt5aKOKyan8.roa
File: AMqRk0h0qjMs5Duzmt5aKOKyan8.roa (raw, json)
Hash identifier: qSwHdLWh1tRNEBilCsjWiDQYD6OB/H1KGkL6sH7EeZI=
Subject key identifier: 00:CA:91:93:48:74:AA:33:2C:E4:3B:B3:9A:DE:5A:28:E2:B2:6A:7F
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CC3CC3036E739F2263ECB8404906AB270
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/AMqRk0h0qjMs5Duzmt5aKOKyan8.roa
Signing time: Mon 01 Jan 2024 06:53:07 +0000
ROA not before: Mon 01 Jan 2024 06:53:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204104
IP address blocks: 5.57.33.0/24 maxlen: 24
178.239.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:cc:30:36:e7:39:f2:26:3e:cb:84:04:90:6a:b2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 06:53:07 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00ca91934874aa332ce43bb39ade5a28e2b26a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:d4:25:9e:a4:51:e4:2d:bf:0e:cc:33:92:
e3:20:aa:b9:0a:54:d1:63:73:70:f4:78:da:6c:4a:
d9:eb:2a:a8:4a:1b:82:da:a4:7f:34:36:3c:42:1f:
a5:0f:dc:d1:46:24:a5:79:5a:d3:27:58:90:c7:a0:
45:4e:cf:3b:62:e8:15:bd:2c:0b:8b:88:0c:eb:0b:
29:21:ac:27:41:cf:56:fc:a2:d1:9b:86:01:ac:87:
5e:09:71:99:02:93:be:b9:09:e8:a7:bc:5b:ee:01:
8f:b6:a5:5d:00:2b:a1:c7:04:32:bc:53:fa:3a:b4:
c7:8b:63:65:e0:2d:85:bd:c1:e4:b7:6b:e1:ca:62:
79:60:63:7c:c5:92:6b:62:68:3d:cb:8d:0f:4e:7a:
6c:dc:ba:c0:d4:6f:39:03:1e:63:95:5c:36:58:7a:
85:60:4c:0d:cf:e1:b8:ac:cf:fb:e7:2d:ce:26:e5:
3e:f3:8d:6c:d8:46:b6:0b:fe:d1:e2:87:06:73:6a:
a4:61:06:d8:b9:b2:19:66:26:a8:98:14:96:fa:28:
dd:c1:96:9f:d4:0c:42:10:18:17:41:5d:ad:07:d3:
9f:19:b9:50:6d:e7:cb:d4:46:14:2f:75:55:21:2c:
c3:ef:f1:54:69:0c:c1:5b:6d:a2:0c:be:67:8b:71:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CA:91:93:48:74:AA:33:2C:E4:3B:B3:9A:DE:5A:28:E2:B2:6A:7F
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/AMqRk0h0qjMs5Duzmt5aKOKyan8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.33.0/24
178.239.151.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:90:5c:b9:73:bf:8a:8d:c9:5d:33:71:d1:1f:8d:94:87:e1:
1c:2d:4c:9b:da:6f:5c:89:92:35:41:95:da:81:d9:1c:10:6e:
8f:2e:97:fd:d6:4f:33:42:5a:ed:c1:af:d7:3b:03:27:19:30:
2a:04:c8:cc:a0:16:10:e9:20:45:63:ac:e9:62:b8:cf:b8:dc:
1c:47:61:cf:72:e7:0d:d7:77:21:ae:24:4e:77:64:b4:8e:b8:
a1:32:d4:c6:80:b6:e2:81:82:64:2f:9e:53:83:36:44:59:58:
07:86:67:34:a7:f1:f5:0d:e3:f4:19:e2:2f:21:74:58:d3:ed:
38:ea:d5:fd:fd:60:01:dc:97:12:53:93:46:63:13:25:c5:ce:
87:15:1f:eb:4c:25:9f:0d:f5:4c:9e:49:4e:e8:b4:62:8b:48:
7b:59:cb:cf:3d:f7:1f:37:93:73:c6:32:ce:66:ea:ab:d9:ae:
93:71:0c:01:61:11:a9:d8:83:11:04:fd:40:ec:7d:3d:5e:ae:
8b:3a:0f:2d:9e:84:35:aa:41:11:74:6b:36:68:6a:75:fb:22:
d6:53:fa:6d:11:14:30:43:0d:3b:8d:45:5d:94:d0:c9:30:da:
4d:c9:37:46:ee:45:12:a8:4e:32:a1:a3:10:25:db:62:12:2d:
5b:e7:24:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDzDA25znyJj7LhASQarJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAxMDY1MzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNhOTE5MzQ4NzRhYTMzMmNlNDNiYjM5YWRlNWEyOGUyYjI2YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3jUJZ6kUeQtvw7MM5LjIKq5ClTR
Y3Nw9HjabErZ6yqoShuC2qR/NDY8Qh+lD9zRRiSleVrTJ1iQx6BFTs87YugVvSwL
i4gM6wspIawnQc9W/KLRm4YBrIdeCXGZApO+uQnop7xb7gGPtqVdACuhxwQyvFP6
OrTHi2Nl4C2FvcHkt2vhymJ5YGN8xZJrYmg9y40PTnps3LrA1G85Ax5jlVw2WHqF
YEwNz+G4rM/75y3OJuU+841s2Ea2C/7R4ocGc2qkYQbYubIZZiaomBSW+ijdwZaf
1AxCEBgXQV2tB9OfGblQbefL1EYUL3VVISzD7/FUaQzBW22iDL5ni3GSLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADKkZNIdKozLOQ7s5reWijismp/MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvQU1xUmswaDBxak1zNUR1em10NWFLT0t5YW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABTkhAwQA
su+XMA0GCSqGSIb3DQEBCwUAA4IBAQCykFy5c7+KjcldM3HRH42Uh+EcLUyb2m9c
iZI1QZXagdkcEG6PLpf91k8zQlrtwa/XOwMnGTAqBMjMoBYQ6SBFY6zpYrjPuNwc
R2HPcucN13chriROd2S0jrihMtTGgLbigYJkL55TgzZEWVgHhmc0p/H1DeP0GeIv
IXRY0+046tX9/WAB3JcSU5NGYxMlxc6HFR/rTCWfDfVMnklO6LRii0h7WcvPPfcf
N5NzxjLOZuqr2a6TcQwBYRGp2IMRBP1A7H09Xq6LOg8tnoQ1qkERdGs2aGp1+yLW
U/ptERQwQw07jUVdlNDJMNpNyTdG7kUSqE4yoaMQJdtiEi1b5yTJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:09 2025 by rpki-client