Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/USS56a3swjNwdI9QLlCIxK5fsDA.roa
File: USS56a3swjNwdI9QLlCIxK5fsDA.roa (raw, json)
Hash identifier: eDnQbMcwroSun8NHjpaHo1YKCv3JIBNleKsePJlskac=
Subject key identifier: 51:24:B9:E9:AD:EC:C2:33:70:74:8F:50:2E:50:88:C4:AE:5F:B0:30
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 0189ABC2A4B0E0B5E3C133FB872FC04E48B9
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/USS56a3swjNwdI9QLlCIxK5fsDA.roa
Signing time: Mon 31 Jul 2023 11:43:27 +0000
ROA not before: Mon 31 Jul 2023 11:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 5.255.83.0/24 maxlen: 24
2a00:1ca8:d4::/48 maxlen: 48
2a00:1ca8:9c::/48 maxlen: 48
2a03:3f40:2::/48 maxlen: 48
2a00:1ca8:45::/48 maxlen: 48
2a00:1ca8:d3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:c2:a4:b0:e0:b5:e3:c1:33:fb:87:2f:c0:4e:48:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jul 31 11:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5124b9e9adecc23370748f502e5088c4ae5fb030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3f:76:88:9f:01:e6:8e:d2:05:ee:08:b7:5e:
94:b8:96:f4:03:1a:ae:5f:1c:99:05:a3:94:4a:73:
d8:ac:0c:05:08:86:56:be:ae:70:b2:77:32:73:21:
c2:16:6f:d6:2b:56:64:c5:70:b5:01:83:1d:a2:66:
be:13:95:08:69:8f:61:51:a7:92:a0:4a:31:ab:a5:
95:e4:d1:e6:74:45:be:85:d0:a7:5a:67:e2:57:2c:
82:af:72:26:26:fe:5e:25:1d:3b:a0:5d:07:d5:0a:
33:ec:37:c5:17:08:1b:88:06:c0:e3:9b:ab:24:bf:
eb:ff:99:76:00:a7:79:8a:bf:37:a7:eb:52:fc:9d:
37:7c:d0:5e:27:f0:ba:4d:be:15:81:f6:70:da:b6:
50:b4:9d:59:6e:39:3f:d6:f6:80:d9:2b:2b:af:64:
84:12:e0:41:c1:98:e8:db:62:07:19:5b:11:2e:48:
62:3c:72:10:03:d0:79:d3:cd:9a:5f:0f:ee:27:0b:
5a:4f:64:db:e4:65:0a:ac:d2:ed:0d:28:28:67:26:
b0:14:6f:a2:06:a3:aa:9f:43:17:b7:0f:51:99:7c:
21:a9:8b:dc:94:8e:3e:4b:26:22:04:fe:42:2f:cb:
44:6a:b6:0a:83:5b:80:f4:2c:3b:23:c3:fb:98:d8:
f0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:24:B9:E9:AD:EC:C2:33:70:74:8F:50:2E:50:88:C4:AE:5F:B0:30
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/USS56a3swjNwdI9QLlCIxK5fsDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.83.0/24
IPv6:
2a00:1ca8:45::/48
2a00:1ca8:9c::/48
2a00:1ca8:d3::-2a00:1ca8:d4:ffff:ffff:ffff:ffff:ffff
2a03:3f40:2::/48
Signature Algorithm: sha256WithRSAEncryption
84:d7:71:3a:c0:69:1b:a1:19:1c:7d:bb:74:c5:63:46:d1:f5:
22:fc:3e:0f:a3:51:b9:fe:9a:6b:0d:17:2b:8e:28:3c:5f:ce:
14:52:40:f8:4c:da:5b:d6:3d:22:3c:56:81:07:31:cc:c3:ea:
f5:34:ea:ec:e7:9e:e4:7d:4e:7c:48:49:9f:88:3e:d3:32:ad:
f5:25:31:46:db:6f:98:e7:02:f4:3e:6f:6f:7e:9f:fc:8f:dd:
33:4c:07:0c:9e:b8:53:4d:f0:b1:ee:a9:f4:ae:7d:ed:e2:d4:
f9:bd:2f:71:7f:37:d1:5c:ab:7b:84:3b:0a:86:09:a0:ea:9b:
de:ec:df:39:de:54:d0:50:ad:e4:13:1c:7a:cd:78:16:bc:94:
bf:ec:e6:52:6f:ca:58:c0:4f:11:c5:76:b2:47:d8:d7:6e:d9:
74:1e:1f:e2:51:ac:7d:9c:ed:35:ff:ed:2a:c4:01:2b:11:d1:
95:0e:d4:f9:1e:ee:a6:4c:d2:7e:8b:55:ca:34:95:a7:0c:19:
48:35:dd:04:4e:ac:9d:6b:47:31:98:4d:1c:6e:08:58:76:14:
83:3b:21:96:02:51:b4:e8:93:bd:25:b9:3a:1b:6d:1d:75:30:
e7:5c:0b:c7:2a:cd:4d:80:97:5e:f0:10:40:26:67:29:cc:13:
88:83:97:09
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYmrwqSw4LXjwTP7hy/ATki5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwNzMxMTE0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI0YjllOWFkZWNjMjMzNzA3NDhmNTAyZTUwODhjNGFlNWZiMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD92iJ8B5o7SBe4It16UuJb0Axqu
XxyZBaOUSnPYrAwFCIZWvq5wsncycyHCFm/WK1ZkxXC1AYMdoma+E5UIaY9hUaeS
oEoxq6WV5NHmdEW+hdCnWmfiVyyCr3ImJv5eJR07oF0H1Qoz7DfFFwgbiAbA45ur
JL/r/5l2AKd5ir83p+tS/J03fNBeJ/C6Tb4VgfZw2rZQtJ1Zbjk/1vaA2Ssrr2SE
EuBBwZjo22IHGVsRLkhiPHIQA9B5082aXw/uJwtaT2Tb5GUKrNLtDSgoZyawFG+i
BqOqn0MXtw9RmXwhqYvclI4+SyYiBP5CL8tEarYKg1uA9Cw7I8P7mNjwdwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFFEkuemt7MIzcHSPUC5QiMSuX7AwMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvVVNTNTZhM3N3ak53ZEk5UUxsQ0l4SzVmc0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAMBAIAATAGAwQABf9TMDUE
AgACMC8DBwAqAByoAEUDBwAqAByoAJwwEgMHACoAHKgA0wMHACoAHKgA1AMHACoD
P0AAAjANBgkqhkiG9w0BAQsFAAOCAQEAhNdxOsBpG6EZHH27dMVjRtH1Ivw+D6NR
uf6aaw0XK44oPF/OFFJA+EzaW9Y9IjxWgQcxzMPq9TTq7Oee5H1OfEhJn4g+0zKt
9SUxRttvmOcC9D5vb36f/I/dM0wHDJ64U03wse6p9K597eLU+b0vcX830Vyre4Q7
CoYJoOqb3uzfOd5U0FCt5BMces14FryUv+zmUm/KWMBPEcV2skfY127ZdB4f4lGs
fZztNf/tKsQBKxHRlQ7U+R7upkzSfotVyjSVpwwZSDXdBE6snWtHMZhNHG4IWHYU
gzshlgJRtOiTvSW5OhttHXUw51wLxyrNTYCXXvAQQCZnKcwTiIOXCQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:44 2025 by rpki-client