Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/PYnixY3K0P04y1GCL5GxhQ_gW1M.roa
File: PYnixY3K0P04y1GCL5GxhQ_gW1M.roa (raw, json)
Hash identifier: Cic8JrQe2ZRYD+XCZza63ca7EjanLKfxNO5MOQiRlbQ=
Subject key identifier: 3D:89:E2:C5:8D:CA:D0:FD:38:CB:51:82:2F:91:B1:85:0F:E0:5B:53
Certificate issuer: /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial: 018533F05CAC134ED7DBDFE8BEECEF6A06B1
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/PYnixY3K0P04y1GCL5GxhQ_gW1M.roa
Signing time: Wed 21 Dec 2022 09:07:48 +0000
ROA not before: Wed 21 Dec 2022 09:07:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 5.252.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:f0:5c:ac:13:4e:d7:db:df:e8:be:ec:ef:6a:06:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Validity
Not Before: Dec 21 09:07:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d89e2c58dcad0fd38cb51822f91b1850fe05b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ee:37:09:94:06:dc:a0:b0:5a:84:07:7f:b6:
6f:27:97:ba:05:ed:a3:3a:71:a4:c3:15:9b:70:18:
a4:18:e6:ca:1c:58:1a:47:0f:80:63:0b:09:5d:56:
fd:54:ab:4d:12:5a:b1:7a:b9:98:0d:09:7e:b9:a1:
c5:2a:80:d7:cc:5c:db:35:72:a7:d0:9e:f1:54:ac:
a2:81:0d:83:b5:32:59:c0:11:fe:c8:e8:7e:aa:c8:
7f:f8:93:07:21:c0:f2:89:e1:f7:7c:a6:9a:f4:83:
49:e9:a2:c9:a1:4f:10:b8:3b:e9:c2:97:cb:54:e3:
ee:36:31:4f:a1:0f:33:91:25:1d:9e:35:95:09:5b:
49:8b:50:ae:6b:29:9d:06:25:56:25:19:d1:38:b7:
72:8c:87:cd:5e:c8:08:63:98:42:95:5e:ff:9a:6b:
04:bb:09:46:20:de:93:47:92:4b:72:77:bd:09:ba:
9d:48:a7:4c:db:3e:b4:cc:8c:93:d1:04:7f:e8:dd:
4b:73:aa:51:11:31:a6:31:19:ff:5f:dd:e3:94:11:
ac:47:85:40:93:bc:4f:0f:36:40:17:eb:81:85:fd:
76:82:a2:30:74:62:14:12:a9:b0:92:a5:24:b9:ad:
70:f3:70:aa:d7:58:4f:3f:83:9c:e5:38:14:4f:bb:
3a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:89:E2:C5:8D:CA:D0:FD:38:CB:51:82:2F:91:B1:85:0F:E0:5B:53
X509v3 Authority Key Identifier:
keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/PYnixY3K0P04y1GCL5GxhQ_gW1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.136.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:2b:3a:b6:f4:ca:00:05:ae:bc:79:cd:63:c7:94:70:be:46:
66:e0:bf:09:3c:b7:67:ca:d5:4f:b2:64:bf:62:fc:07:ed:a4:
6c:e5:d1:d5:b5:43:42:d2:fd:60:b1:da:9a:62:64:26:1e:6e:
ca:0b:a9:84:1d:aa:35:bf:07:69:72:ab:86:22:77:df:ea:96:
ac:99:be:07:56:23:58:e8:8c:00:d1:41:6b:13:84:05:ae:11:
b7:7a:45:21:a6:1e:57:c2:49:cb:8c:55:2e:11:45:ce:f8:d2:
f6:4a:44:56:ed:b4:74:ab:dd:7e:ef:2d:0b:cf:fe:2b:a4:88:
54:0c:4d:c6:f1:ab:35:71:34:bd:58:62:04:1b:53:a7:2e:e3:
97:37:8d:83:5f:26:24:9f:48:d0:57:be:e0:5e:4c:3b:a4:e5:
ad:45:3e:53:c9:40:fc:b4:c0:dc:9d:7c:d4:c9:fe:8f:c0:ff:
44:45:c2:6f:ed:63:81:b3:b3:f6:2c:4b:89:c5:13:ec:aa:6e:
f6:89:fb:77:8c:c2:a8:ac:ff:95:ea:34:8e:50:63:12:08:9b:
02:dd:6c:39:07:70:bf:21:70:16:b7:54:a5:8e:58:ae:5f:a9:
a2:b8:d6:da:2f:e9:89:4e:0b:6d:42:60:fa:ba:05:c6:44:97:
89:a2:c0:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUz8FysE07X29/ovuzvagaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjUxODBmOWI5M2FlNzU3M2MwOGE4OTRiZDQ1MmJkNzdj
ZTU2Y2QwHhcNMjIxMjIxMDkwNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg5ZTJjNThkY2FkMGZkMzhjYjUxODIyZjkxYjE4NTBmZTA1YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1e43CZQG3KCwWoQHf7ZvJ5e6Be2j
OnGkwxWbcBikGObKHFgaRw+AYwsJXVb9VKtNElqxermYDQl+uaHFKoDXzFzbNXKn
0J7xVKyigQ2DtTJZwBH+yOh+qsh/+JMHIcDyieH3fKaa9INJ6aLJoU8QuDvpwpfL
VOPuNjFPoQ8zkSUdnjWVCVtJi1CuaymdBiVWJRnROLdyjIfNXsgIY5hClV7/mmsE
uwlGIN6TR5JLcne9CbqdSKdM2z60zIyT0QR/6N1Lc6pRETGmMRn/X93jlBGsR4VA
k7xPDzZAF+uBhf12gqIwdGIUEqmwkqUkua1w83Cq11hPP4Oc5TgUT7s6IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2J4sWNytD9OMtRgi+RsYUP4FtTMB8GA1UdIwQY
MBaAFCf1GA+bk651c8CKiUvUUr13zlbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMt
MzBmZWUyN2U4NGNiLzEvUFluaXhZM0swUDA0eTFHQ0w1R3hoUV9nVzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMtMzBmZWUyN2U4NGNi
LzEvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfyIMA0G
CSqGSIb3DQEBCwUAA4IBAQALKzq29MoABa68ec1jx5RwvkZm4L8JPLdnytVPsmS/
YvwH7aRs5dHVtUNC0v1gsdqaYmQmHm7KC6mEHao1vwdpcquGInff6pasmb4HViNY
6IwA0UFrE4QFrhG3ekUhph5XwknLjFUuEUXO+NL2SkRW7bR0q91+7y0Lz/4rpIhU
DE3G8as1cTS9WGIEG1OnLuOXN42DXyYkn0jQV77gXkw7pOWtRT5TyUD8tMDcnXzU
yf6PwP9ERcJv7WOBs7P2LEuJxRPsqm72ift3jMKorP+V6jSOUGMSCJsC3Ww5B3C/
IXAWt1SljliuX6miuNbaL+mJTgttQmD6ugXGRJeJosB1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:00 2024 by rpki-client on console-ams.rpki-client.org