Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/atP8MDJuwB0M9DmMq_B5JlhCm6o.roa
File: atP8MDJuwB0M9DmMq_B5JlhCm6o.roa (raw, json)
Hash identifier: YYzOT3kr+g6qtMFeTOyMDI+677p/o2KI0yvo4OvePbo=
Subject key identifier: 6A:D3:FC:30:32:6E:C0:1D:0C:F4:39:8C:AB:F0:79:26:58:42:9B:AA
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 018571276D0C3B5CD9E0A48141B6042D4E0F
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/atP8MDJuwB0M9DmMq_B5JlhCm6o.roa
Signing time: Mon 02 Jan 2023 06:24:47 +0000
ROA not before: Mon 02 Jan 2023 06:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208006
IP address blocks: 5.253.24.0/24 maxlen: 24
5.253.27.0/24 maxlen: 24
5.253.26.0/24 maxlen: 24
5.253.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:6d:0c:3b:5c:d9:e0:a4:81:41:b6:04:2d:4e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 2 06:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ad3fc30326ec01d0cf4398cabf0792658429baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:78:ec:e9:7b:b8:fe:5e:f5:32:c1:23:8c:
54:93:1f:65:38:47:3b:dd:32:8d:44:80:79:56:a1:
48:e6:d9:fc:14:b5:06:b3:fd:86:b0:26:28:2f:1a:
59:b1:15:22:d2:72:2c:aa:a4:7a:e5:c2:11:01:a9:
17:af:af:b8:d7:84:1b:66:ae:6b:1b:be:ec:6c:34:
13:c8:db:f8:90:25:c4:af:ad:12:62:79:81:a1:e5:
bb:e9:92:54:39:a7:c9:a7:ce:82:7f:c8:e8:d9:bb:
29:74:ec:09:d3:b6:67:f6:47:8e:93:9f:48:4e:f6:
51:27:0d:1a:3c:f4:6a:bc:d8:b2:64:65:26:8a:df:
f6:35:58:94:6c:b7:0f:a7:cc:c0:58:b3:68:f5:f4:
33:27:8d:cd:12:f9:10:6c:5d:99:e9:a1:1a:f0:32:
7a:0a:41:14:dd:c8:0e:d3:6c:7b:0a:2d:69:24:80:
2c:70:a9:8f:66:7f:d9:f5:0f:50:cc:f2:f7:88:78:
b0:d3:ff:9c:05:0a:4c:03:51:bd:dd:40:26:08:84:
03:59:18:5e:ae:b2:2f:5a:20:a5:eb:7d:43:1f:4f:
29:72:87:f4:4b:65:3f:f3:b4:00:38:a4:30:b3:ea:
ad:6a:2e:80:28:1b:ff:3f:b3:b2:47:fa:65:20:b5:
5f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D3:FC:30:32:6E:C0:1D:0C:F4:39:8C:AB:F0:79:26:58:42:9B:AA
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/atP8MDJuwB0M9DmMq_B5JlhCm6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
12:d0:b6:7a:87:4d:90:d5:c5:74:e4:9b:cd:74:4f:f6:a3:13:
c0:57:14:dc:90:80:2e:41:3d:d4:17:5f:2e:a4:46:d9:cc:25:
2e:3f:3a:b5:ed:48:26:0b:bd:a3:ec:a1:34:b4:b8:ab:34:73:
4e:c0:6c:d9:86:e6:26:3c:1c:30:9f:41:de:e8:36:79:39:57:
ae:f5:d8:6a:97:f6:ff:db:49:6b:98:88:1d:5a:69:74:68:d8:
ad:1a:3b:a4:53:1c:24:87:e9:04:d8:ff:77:99:ad:8a:56:7b:
31:ac:4a:6c:8c:3d:72:f8:c0:9f:ba:e2:81:04:b6:20:69:80:
a9:28:93:19:c7:82:fc:56:ad:27:5d:e4:7d:4e:a8:9f:b8:43:
44:3a:76:8b:d9:c7:17:07:c4:a2:61:ef:43:13:f4:04:2b:cc:
f0:60:12:3c:08:27:ff:78:30:30:13:73:23:aa:a7:62:7d:b4:
ec:21:ef:0b:00:f3:a4:2a:52:cc:9e:c3:d6:3d:ba:49:8c:55:
e9:85:65:c7:ad:46:3a:29:16:1f:85:fe:ff:4a:7b:d6:f0:b7:
9d:b3:66:e7:5e:54:1a:0e:24:9c:55:ce:80:20:bf:07:c4:ae:
c3:87:a1:94:1c:bf:fd:37:41:51:fd:ce:ff:3c:ae:e8:19:43:
48:20:04:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ20MO1zZ4KSBQbYELU4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQzZmMzMDMyNmVjMDFkMGNmNDM5OGNhYmYwNzkyNjU4NDI5YmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh947Ol7uP5e9TLBI4xUkx9lOEc7
3TKNRIB5VqFI5tn8FLUGs/2GsCYoLxpZsRUi0nIsqqR65cIRAakXr6+414QbZq5r
G77sbDQTyNv4kCXEr60SYnmBoeW76ZJUOafJp86Cf8jo2bspdOwJ07Zn9keOk59I
TvZRJw0aPPRqvNiyZGUmit/2NViUbLcPp8zAWLNo9fQzJ43NEvkQbF2Z6aEa8DJ6
CkEU3cgO02x7Ci1pJIAscKmPZn/Z9Q9QzPL3iHiw0/+cBQpMA1G93UAmCIQDWRhe
rrIvWiCl631DH08pcof0S2U/87QAOKQws+qtai6AKBv/P7OyR/plILVfkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrT/DAybsAdDPQ5jKvweSZYQpuqMB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvYXRQOE1ESnV3QjBNOURtTXFfQjVKbGhDbTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQAS0LZ6h02Q1cV05JvNdE/2oxPAVxTckIAuQT3UF18u
pEbZzCUuPzq17UgmC72j7KE0tLirNHNOwGzZhuYmPBwwn0He6DZ5OVeu9dhql/b/
20lrmIgdWml0aNitGjukUxwkh+kE2P93ma2KVnsxrEpsjD1y+MCfuuKBBLYgaYCp
KJMZx4L8Vq0nXeR9TqifuENEOnaL2ccXB8SiYe9DE/QEK8zwYBI8CCf/eDAwE3Mj
qqdifbTsIe8LAPOkKlLMnsPWPbpJjFXphWXHrUY6KRYfhf7/SnvW8Leds2bnXlQa
DiScVc6AIL8HxK7Dh6GUHL/9N0FR/c7/PK7oGUNIIASE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:04 2025 by rpki-client