Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/he43kp256mswxcQPHEHle01sjY8.roa
File: he43kp256mswxcQPHEHle01sjY8.roa (raw, json)
Hash identifier: QT1TmhYXOlyaI82Ir7mY1xWQLqljoaHdSsAbCsSiWIA=
Subject key identifier: 85:EE:37:92:9D:B9:EA:6B:30:C5:C4:0F:1C:41:E5:7B:4D:6C:8D:8F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A6929495A9B6EFEAAD0B9920794B978B7
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/he43kp256mswxcQPHEHle01sjY8.roa
Signing time: Wed 06 Sep 2023 06:23:48 +0000
ROA not before: Wed 06 Sep 2023 06:23:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.253.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:29:49:5a:9b:6e:fe:aa:d0:b9:92:07:94:b9:78:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 6 06:23:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85ee37929db9ea6b30c5c40f1c41e57b4d6c8d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:12:6f:66:bb:d8:53:22:87:72:6b:d3:3a:ee:
00:8e:47:9c:a6:fe:be:76:a4:98:bf:04:02:5e:4e:
98:da:46:c7:42:46:a8:fe:1e:73:bd:9d:86:13:da:
3f:97:6d:98:e8:21:0b:95:19:e8:53:12:2f:18:03:
c3:21:e4:0f:3f:a1:1d:d8:14:a5:bb:fb:f6:e5:cd:
c1:b8:c0:10:1d:e9:d8:bf:57:1b:13:e6:26:b2:2c:
0c:01:23:86:a7:59:16:a4:57:7e:ac:4a:f6:e9:ad:
f5:3e:be:2e:0d:79:65:77:ab:6c:b0:f6:e7:b5:db:
a1:95:3e:f3:52:4e:a8:51:62:8c:42:5c:01:49:0c:
05:b8:c7:0e:c0:73:46:f5:68:08:7b:c0:f1:6c:c4:
48:a2:75:f3:d8:96:cd:8d:24:46:32:04:04:e5:00:
ac:6b:8b:ea:08:0b:27:f1:69:1e:16:b4:dc:72:e0:
6e:6e:44:7f:26:3c:c1:23:ca:19:7a:5a:6b:56:6b:
37:26:57:f5:d0:40:2c:a0:7a:87:59:df:0e:57:76:
40:a7:84:60:bf:97:e0:ca:00:91:f5:57:ca:9f:34:
8d:4e:7e:31:bb:51:cb:2e:df:5f:8b:21:d3:42:a5:
6b:6a:3c:13:f4:0a:19:d5:75:11:74:ca:2c:28:9f:
12:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EE:37:92:9D:B9:EA:6B:30:C5:C4:0F:1C:41:E5:7B:4D:6C:8D:8F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/he43kp256mswxcQPHEHle01sjY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.38.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:40:e6:09:8b:dd:d6:14:a3:50:73:3e:b5:2d:f7:df:55:3b:
43:fb:21:57:09:83:2c:63:d2:4d:2b:e0:82:8d:75:b9:c4:7e:
36:ac:1a:3c:54:5a:9a:26:46:cd:b3:ef:25:67:5a:c4:57:ed:
33:51:1b:1c:e8:c8:8d:9b:99:a0:41:44:9c:6f:8b:0e:cd:6e:
f0:03:8d:85:9d:52:c1:b9:49:85:af:8a:ce:f9:64:de:8b:bc:
37:10:36:b0:4f:f1:34:ae:d8:96:5d:c6:1f:34:64:bd:34:23:
c3:f4:b5:f1:e5:8f:32:77:fb:5a:5f:47:7c:81:fd:07:33:ee:
21:04:c3:26:af:1a:34:f9:62:db:c4:23:a8:aa:24:22:35:4e:
15:ba:8f:22:0a:a0:22:5f:74:95:20:c9:91:20:f4:73:e2:a1:
ba:ba:7c:b6:5f:9e:69:ec:59:da:f0:8b:e7:4b:9c:8d:73:f2:
67:89:43:2a:9c:d2:40:e4:88:c6:af:bc:ed:5d:c1:fe:dc:eb:
e8:c2:49:97:b0:5b:0a:d4:c0:7b:48:65:d2:9b:de:d8:21:d3:
c4:50:76:90:71:5f:ad:fa:a8:4f:2b:4d:45:4c:5f:fb:d0:e3:
f2:c2:7d:66:86:f3:09:37:0d:fe:69:61:5a:01:b0:c4:d2:9c:
91:2a:7d:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYppKUlam27+qtC5kgeUuXi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA2MDYyMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVlMzc5MjlkYjllYTZiMzBjNWM0MGYxYzQxZTU3YjRkNmM4ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBJvZrvYUyKHcmvTOu4Ajkecpv6+
dqSYvwQCXk6Y2kbHQkao/h5zvZ2GE9o/l22Y6CELlRnoUxIvGAPDIeQPP6Ed2BSl
u/v25c3BuMAQHenYv1cbE+YmsiwMASOGp1kWpFd+rEr26a31Pr4uDXlld6tssPbn
tduhlT7zUk6oUWKMQlwBSQwFuMcOwHNG9WgIe8DxbMRIonXz2JbNjSRGMgQE5QCs
a4vqCAsn8WkeFrTccuBubkR/JjzBI8oZelprVms3Jlf10EAsoHqHWd8OV3ZAp4Rg
v5fgygCR9VfKnzSNTn4xu1HLLt9fiyHTQqVrajwT9AoZ1XURdMosKJ8S8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXuN5KdueprMMXEDxxB5XtNbI2PMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaGU0M2twMjU2bXN3eGNRUEhFSGxlMDFzalk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf0mMA0G
CSqGSIb3DQEBCwUAA4IBAQCpQOYJi93WFKNQcz61LfffVTtD+yFXCYMsY9JNK+CC
jXW5xH42rBo8VFqaJkbNs+8lZ1rEV+0zURsc6MiNm5mgQUScb4sOzW7wA42FnVLB
uUmFr4rO+WTei7w3EDawT/E0rtiWXcYfNGS9NCPD9LXx5Y8yd/taX0d8gf0HM+4h
BMMmrxo0+WLbxCOoqiQiNU4Vuo8iCqAiX3SVIMmRIPRz4qG6uny2X55p7Fna8Ivn
S5yNc/JniUMqnNJA5IjGr7ztXcH+3OvowkmXsFsK1MB7SGXSm97YIdPEUHaQcV+t
+qhPK01FTF/70OPywn1mhvMJNw3+aWFaAbDE0pyRKn2r
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:41 2025 by rpki-client