Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/CyJS1cBcRytpAGP7FF2JJOoQ3h8.roa
File: CyJS1cBcRytpAGP7FF2JJOoQ3h8.roa (raw, json)
Hash identifier: 0RL30HSWB7lJVllWeVFR3bmaUkFwF881cDHpu5MZbYA=
Subject key identifier: 0B:22:52:D5:C0:5C:47:2B:69:00:63:FB:14:5D:89:24:EA:10:DE:1F
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0185719E8880414E930B95BCC4951446340B
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/CyJS1cBcRytpAGP7FF2JJOoQ3h8.roa
Signing time: Mon 02 Jan 2023 08:34:53 +0000
ROA not before: Mon 02 Jan 2023 08:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 158.172.131.0/24 maxlen: 24
158.172.130.0/24 maxlen: 24
158.172.128.0/22 maxlen: 22
158.172.129.0/24 maxlen: 24
158.172.128.0/24 maxlen: 24
158.172.132.0/24 maxlen: 24
158.172.132.0/22 maxlen: 22
158.172.136.0/22 maxlen: 22
158.172.135.0/24 maxlen: 24
158.172.134.0/24 maxlen: 24
158.172.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:88:80:41:4e:93:0b:95:bc:c4:95:14:46:34:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 08:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b2252d5c05c472b690063fb145d8924ea10de1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:e2:23:71:9d:74:55:76:3c:62:e9:58:b9:
63:6d:46:7c:7f:f3:45:4b:3b:ae:9c:96:77:c3:49:
ac:56:1f:3e:51:a4:0a:68:74:84:10:e1:e8:be:00:
42:23:49:1c:53:94:a4:0b:ad:eb:00:22:c2:a2:59:
29:86:05:42:d7:5f:41:53:5a:fb:ca:9c:77:ba:73:
73:a8:af:6d:22:b5:0c:04:35:d8:df:54:72:96:90:
55:23:90:da:aa:b0:12:3a:a4:40:46:34:d2:aa:06:
25:24:ba:e6:20:6d:72:a7:34:42:26:f3:95:81:70:
2d:a8:9d:f9:bc:89:06:9a:63:59:93:e7:46:28:84:
d6:19:28:de:f3:af:49:de:1e:f3:3a:8b:da:f4:5f:
59:db:f6:29:0b:5c:3c:84:90:15:4a:9f:ca:29:82:
29:01:6b:9b:3e:e3:0b:05:17:80:0e:44:0b:48:ad:
ee:77:f6:07:e0:a1:53:a4:14:65:ce:98:60:64:67:
59:86:19:05:a6:1c:49:28:14:d8:1c:db:a6:28:31:
92:7a:9d:f2:c1:5e:01:43:6a:21:92:b4:85:34:76:
f7:d6:e5:ae:b0:0f:8d:cd:b1:bd:0f:5c:d6:52:68:
00:30:6c:b1:b0:69:d6:37:d4:66:37:41:66:87:07:
60:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:22:52:D5:C0:5C:47:2B:69:00:63:FB:14:5D:89:24:EA:10:DE:1F
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/CyJS1cBcRytpAGP7FF2JJOoQ3h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.128.0-158.172.139.255
Signature Algorithm: sha256WithRSAEncryption
93:d3:75:da:f7:4c:89:62:01:74:52:06:98:df:4f:38:94:0e:
c8:13:8e:ca:03:0c:41:b6:57:76:24:1c:3d:a7:10:04:6a:24:
11:ee:da:21:ea:cd:4c:bd:58:5d:1c:e4:0e:97:d4:85:94:c9:
0c:f5:ad:ac:8b:44:4e:b6:17:66:60:6c:6d:dc:ee:e4:bd:a3:
c2:49:a9:0b:76:68:9b:c2:72:25:c4:9b:53:8a:ba:c5:91:8d:
d6:bc:2d:13:2e:53:7d:b7:e0:cb:af:2b:c8:c2:f8:6f:1f:12:
48:af:f0:92:c2:10:ee:9b:4c:30:a4:87:3e:ca:56:ec:fb:08:
86:2d:88:8a:92:06:f5:a8:61:cc:35:e2:fe:40:4f:ce:67:9d:
9e:1d:c3:23:80:63:8e:3d:5d:79:1d:38:4a:89:d3:87:e0:6d:
2e:ca:77:3d:9f:86:ae:4a:8f:db:10:cd:e0:f4:f2:f1:9a:7a:
72:01:16:44:db:64:fe:1d:b0:e3:81:ed:65:0f:cf:8f:63:69:
66:36:85:a0:c3:52:be:01:99:94:16:1c:fd:ee:31:69:dd:9d:
a4:dc:92:b9:b1:c6:d4:87:d5:9f:08:19:5e:24:09:df:a2:6c:
86:93:a8:77:af:01:59:fa:14:1e:b6:c6:b7:d5:40:8e:68:b9:
60:f8:bc:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxnoiAQU6TC5W8xJUURjQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMwMTAyMDgzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjIyNTJkNWMwNWM0NzJiNjkwMDYzZmIxNDVkODkyNGVhMTBkZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklviI3GddFV2PGLpWLljbUZ8f/NF
SzuunJZ3w0msVh8+UaQKaHSEEOHovgBCI0kcU5SkC63rACLColkphgVC119BU1r7
ypx3unNzqK9tIrUMBDXY31RylpBVI5DaqrASOqRARjTSqgYlJLrmIG1ypzRCJvOV
gXAtqJ35vIkGmmNZk+dGKITWGSje869J3h7zOova9F9Z2/YpC1w8hJAVSp/KKYIp
AWubPuMLBReADkQLSK3ud/YH4KFTpBRlzphgZGdZhhkFphxJKBTYHNumKDGSep3y
wV4BQ2ohkrSFNHb31uWusA+NzbG9D1zWUmgAMGyxsGnWN9RmN0Fmhwdg5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAsiUtXAXEcraQBj+xRdiSTqEN4fMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvQ3lKUzFjQmNSeXRwQUdQN0ZGMkpKT29RM2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAeerIAD
BAKerIgwDQYJKoZIhvcNAQELBQADggEBAJPTddr3TIliAXRSBpjfTziUDsgTjsoD
DEG2V3YkHD2nEARqJBHu2iHqzUy9WF0c5A6X1IWUyQz1rayLRE62F2ZgbG3c7uS9
o8JJqQt2aJvCciXEm1OKusWRjda8LRMuU3234MuvK8jC+G8fEkiv8JLCEO6bTDCk
hz7KVuz7CIYtiIqSBvWoYcw14v5AT85nnZ4dwyOAY449XXkdOEqJ04fgbS7Kdz2f
hq5Kj9sQzeD08vGaenIBFkTbZP4dsOOB7WUPz49jaWY2haDDUr4BmZQWHP3uMWnd
naTckrmxxtSH1Z8IGV4kCd+ibIaTqHevAVn6FB62xrfVQI5ouWD4vLo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:37 2025 by rpki-client