Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/_YlhEijuhwyS1seH5DyEfz_zjiA.roa
File: _YlhEijuhwyS1seH5DyEfz_zjiA.roa (raw, json)
Hash identifier: TzeDi+TflaqzavyKolwDDlXQ5gQhOfpy2aAVQaWDmyY=
Subject key identifier: FD:89:61:12:28:EE:87:0C:92:D6:C7:87:E4:3C:84:7F:3F:F3:8E:20
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 095BE8E5
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/_YlhEijuhwyS1seH5DyEfz_zjiA.roa
Signing time: Sat 01 Jan 2022 12:05:20 +0000
ROA not before: Sat 01 Jan 2022 12:05:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209459
IP address blocks: 5.253.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157018341 (0x95be8e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 1 12:05:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd89611228ee870c92d6c787e43c847f3ff38e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:96:53:5a:d3:b1:ae:e7:73:21:8c:f8:e9:66:
ce:35:38:95:41:70:44:77:c2:2d:72:f9:2d:87:c5:
66:78:59:ba:d4:9a:22:f4:1b:d6:39:03:02:86:ac:
0a:54:79:34:c3:c7:e3:46:59:b7:7d:27:80:99:e1:
3a:00:29:ce:73:52:2a:71:59:6b:f2:18:34:d9:da:
28:ec:eb:41:32:4c:c7:85:c9:ac:4f:89:3a:3d:9d:
98:4c:6c:e2:8f:43:0f:54:12:5d:99:1d:0e:a3:35:
6f:a8:ee:e5:bf:ba:f2:da:54:6a:30:5c:8a:e8:d4:
c8:38:57:f3:6a:04:7c:c4:a3:3d:4e:b3:eb:fc:e5:
67:f7:5f:6b:f8:86:39:3a:f1:7a:6d:5e:cf:b1:ea:
48:16:fc:11:f3:d7:da:c8:7f:f8:2e:56:3e:10:67:
7d:37:73:2d:0a:26:5d:bd:66:29:e5:6a:95:78:7f:
71:e6:af:e5:a8:15:40:0b:e2:bd:7d:d1:a3:d1:d7:
2f:43:5b:cd:c4:d0:3d:88:ac:89:9f:d8:fe:be:1a:
89:64:a0:8b:18:b1:e1:61:bb:84:de:f0:20:26:95:
9e:2b:82:e2:47:ad:71:0f:8e:5c:b6:65:7d:bd:68:
a5:f7:2f:cc:57:31:22:8d:30:99:ad:51:48:c4:86:
90:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:89:61:12:28:EE:87:0C:92:D6:C7:87:E4:3C:84:7F:3F:F3:8E:20
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/_YlhEijuhwyS1seH5DyEfz_zjiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
19:50:a0:98:c8:f9:4d:d0:18:68:f0:ed:2b:20:d2:5f:7f:b3:
b8:87:68:c0:0f:51:9e:57:2a:a3:b7:13:b3:41:6a:99:d9:b3:
d5:40:d1:db:8b:6e:7e:e6:9e:7b:98:d0:4b:05:ef:1b:1b:41:
d4:88:08:56:91:14:79:89:d3:db:72:78:62:7e:e1:12:f8:da:
a1:26:47:f4:c9:5d:68:d4:e5:78:ba:f0:f7:f2:ad:1b:b2:5a:
04:56:4b:e5:76:e3:9a:67:9e:cc:3c:25:18:fd:11:2d:b6:6a:
71:35:6f:e9:76:3d:b7:18:a4:be:1f:1b:5a:db:1f:67:3e:e6:
1a:a1:d8:3f:e0:92:62:10:f6:5b:63:cb:fc:b5:16:b0:b9:5a:
20:8f:fb:a0:27:69:e8:af:2f:1a:c3:7c:fd:09:13:b4:59:02:
17:f7:69:2f:b8:ef:7a:72:9d:92:4e:1d:c0:70:28:d9:13:d9:
72:d9:8a:3f:c7:c2:74:c9:4f:63:d9:3a:49:aa:25:cb:49:b8:
22:b9:dd:42:38:f5:32:c5:d7:8f:97:47:bb:fc:3e:5b:23:ca:
00:7b:88:16:25:76:62:b2:82:5a:74:73:83:f6:7d:df:7b:ae:
bd:cb:e8:dd:d9:2b:a5:1d:7a:b6:59:03:d0:0d:d6:64:5e:c4:
2a:3c:32:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECVvo5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzdmMzM3MmRmNTdjODE0YWJhOGI1MWE5MDc4NjFkOTJiOWU0ZjU1MB4XDTIyMDEw
MTEyMDUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ4OTYxMTIyOGVl
ODcwYzkyZDZjNzg3ZTQzYzg0N2YzZmYzOGUyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIKWU1rTsa7ncyGM+OlmzjU4lUFwRHfCLXL5LYfFZnhZutSa
IvQb1jkDAoasClR5NMPH40ZZt30ngJnhOgApznNSKnFZa/IYNNnaKOzrQTJMx4XJ
rE+JOj2dmExs4o9DD1QSXZkdDqM1b6ju5b+68tpUajBciujUyDhX82oEfMSjPU6z
6/zlZ/dfa/iGOTrxem1ez7HqSBb8EfPX2sh/+C5WPhBnfTdzLQomXb1mKeVqlXh/
ceav5agVQAvivX3Ro9HXL0NbzcTQPYisiZ/Y/r4aiWSgixix4WG7hN7wICaVniuC
4ketcQ+OXLZlfb1opfcvzFcxIo0wma1RSMSGkHsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT9iWESKO6HDJLWx4fkPIR/P/OOIDAfBgNVHSMEGDAWgBQTfzNy31fIFKuo
tRqQeGHZK55PVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UzOHpjdDlYeUJTcnFMVWFrSGhoMlN1ZVQxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvOGIxNDFiLTQ5NGUtNDY2Yi1hMjJjLWEyMjRmZWZhYzIxOC8x
L19ZbGhFaWp1aHd5UzFzZUg1RHlFZnpfemppQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
OGIxNDFiLTQ5NGUtNDY2Yi1hMjJjLWEyMjRmZWZhYzIxOC8xL0UzOHpjdDlYeUJT
cnFMVWFrSGhoMlN1ZVQxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgX9GDANBgkqhkiG9w0BAQsFAAOC
AQEAGVCgmMj5TdAYaPDtKyDSX3+zuIdowA9Rnlcqo7cTs0Fqmdmz1UDR24tufuae
e5jQSwXvGxtB1IgIVpEUeYnT23J4Yn7hEvjaoSZH9MldaNTleLrw9/KtG7JaBFZL
5XbjmmeezDwlGP0RLbZqcTVv6XY9txikvh8bWtsfZz7mGqHYP+CSYhD2W2PL/LUW
sLlaII/7oCdp6K8vGsN8/QkTtFkCF/dpL7jvenKdkk4dwHAo2RPZctmKP8fCdMlP
Y9k6Saoly0m4IrndQjj1MsXXj5dHu/w+WyPKAHuIFiV2YrKCWnRzg/Z933uuvcvo
3dkrpR16tlkD0A3WZF7EKjwy+w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:02 2025 by rpki-client