Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/uDXBJdd11Jv2X_aVvB6LraSjV2g.roa
File: uDXBJdd11Jv2X_aVvB6LraSjV2g.roa (raw, json)
Hash identifier: uLNzhbEN0deG7yRAPSW5Aif098t5S/3ScNG8FOp5vro=
Subject key identifier: B8:35:C1:25:D7:75:D4:9B:F6:5F:F6:95:BC:1E:8B:AD:A4:A3:57:68
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0185726B7392DB9FCF24DE99E28B868F8C46
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/uDXBJdd11Jv2X_aVvB6LraSjV2g.roa
Signing time: Mon 02 Jan 2023 12:18:42 +0000
ROA not before: Mon 02 Jan 2023 12:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204958
IP address blocks: 152.89.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6b:73:92:db:9f:cf:24:de:99:e2:8b:86:8f:8c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 12:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b835c125d775d49bf65ff695bc1e8bada4a35768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:81:e6:77:3c:fd:21:a8:f3:0d:24:c3:85:b8:
d6:5f:42:da:40:83:6a:b4:f6:a0:ea:81:22:ca:58:
f9:58:18:e7:61:d1:c4:7c:d0:1b:7a:06:37:4d:32:
c2:45:48:53:ec:50:b7:e2:06:1f:e5:2f:b5:4d:d3:
d7:30:01:99:a8:fd:1b:f1:84:2d:0e:44:b0:b3:9d:
17:d3:2f:d0:41:05:f9:f3:92:09:67:5b:77:d4:82:
8e:11:89:03:eb:6b:10:98:fe:05:97:f2:e9:23:6f:
cd:2c:1a:80:ed:b2:e7:fd:e0:77:1f:a7:f1:a5:66:
f3:a5:ed:cc:e4:4b:b1:f2:14:72:89:74:31:6f:9c:
f0:d2:fa:51:1b:94:6d:28:ef:3c:7c:49:06:38:9e:
9f:dc:b8:69:14:3d:bb:ed:d4:3a:a7:a6:d7:5f:93:
5e:aa:73:e2:f1:b5:1f:de:f4:4f:e9:1a:ee:27:32:
a7:2c:e3:1e:90:40:3a:73:eb:34:b5:e1:34:2a:05:
15:f4:f8:8a:a5:0f:3b:32:2f:db:63:b9:a8:86:f7:
29:32:b2:4d:ff:0d:fa:d2:38:19:c4:55:47:8c:fd:
a7:0b:55:fd:38:e0:32:6c:f8:c3:0a:f7:e1:2a:46:
cb:73:d0:05:d2:b2:09:b5:e2:01:ac:e6:17:5c:68:
65:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:35:C1:25:D7:75:D4:9B:F6:5F:F6:95:BC:1E:8B:AD:A4:A3:57:68
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/uDXBJdd11Jv2X_aVvB6LraSjV2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.169.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c2:02:3f:80:5f:b0:cd:4a:11:5e:37:4a:de:ed:af:b9:44:
4e:66:34:5f:98:8b:f2:8d:cd:bb:39:2e:77:66:bd:78:09:a6:
a7:3e:81:74:25:c6:2f:33:28:0d:c4:f6:e9:31:38:04:68:f8:
9a:c2:1c:d1:d8:2f:65:7c:2f:b4:b7:d0:45:61:ad:d2:3a:fc:
05:b3:6f:af:f1:a9:36:36:e5:1c:58:0c:2d:48:13:b7:6b:19:
fc:56:ec:9f:ce:7c:83:89:37:2f:4f:7a:53:3d:d7:97:af:be:
b0:e0:03:79:dd:2c:22:7b:09:f7:3b:00:3f:e5:b2:6d:c2:8c:
df:a8:39:85:a5:6a:56:5e:f9:93:8f:32:14:21:85:b1:fb:5e:
2a:4d:5a:a7:6c:eb:d1:4b:02:8b:de:24:d4:47:ef:c1:a7:0e:
ea:73:f2:66:a2:fe:fd:59:4b:c2:07:ab:2d:67:87:ae:b4:15:
aa:12:e0:1b:12:a5:43:f5:20:07:9e:42:79:f6:13:a2:bb:63:
47:01:dd:7d:60:bf:56:ae:bd:2c:01:40:24:74:ed:73:53:48:
86:9c:64:65:e3:ec:57:fc:4b:ac:ae:b8:95:5a:a3:f5:c5:7e:
eb:d2:05:10:ed:4d:d5:4d:6c:2f:2a:10:4e:c0:3a:8c:cc:63:
b7:ce:98:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVya3OS25/PJN6Z4ouGj4xGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjMwMTAyMTIxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODM1YzEyNWQ3NzVkNDliZjY1ZmY2OTViYzFlOGJhZGE0YTM1NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIHmdzz9IajzDSTDhbjWX0LaQINq
tPag6oEiylj5WBjnYdHEfNAbegY3TTLCRUhT7FC34gYf5S+1TdPXMAGZqP0b8YQt
DkSws50X0y/QQQX585IJZ1t31IKOEYkD62sQmP4Fl/LpI2/NLBqA7bLn/eB3H6fx
pWbzpe3M5Eux8hRyiXQxb5zw0vpRG5RtKO88fEkGOJ6f3LhpFD277dQ6p6bXX5Ne
qnPi8bUf3vRP6RruJzKnLOMekEA6c+s0teE0KgUV9PiKpQ87Mi/bY7mohvcpMrJN
/w360jgZxFVHjP2nC1X9OOAybPjDCvfhKkbLc9AF0rIJteIBrOYXXGhlLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLg1wSXXddSb9l/2lbwei62ko1doMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvdURYQkpkZDExSnYyWF9hVnZCNkxyYVNqVjJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmpMA0G
CSqGSIb3DQEBCwUAA4IBAQBXwgI/gF+wzUoRXjdK3u2vuUROZjRfmIvyjc27OS53
Zr14CaanPoF0JcYvMygNxPbpMTgEaPiawhzR2C9lfC+0t9BFYa3SOvwFs2+v8ak2
NuUcWAwtSBO3axn8VuyfznyDiTcvT3pTPdeXr76w4AN53Swiewn3OwA/5bJtwozf
qDmFpWpWXvmTjzIUIYWx+14qTVqnbOvRSwKL3iTUR+/Bpw7qc/Jmov79WUvCB6st
Z4eutBWqEuAbEqVD9SAHnkJ59hOiu2NHAd19YL9Wrr0sAUAkdO1zU0iGnGRl4+xX
/EusrriVWqP1xX7r0gUQ7U3VTWwvKhBOwDqMzGO3zphm
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:29 2025 by rpki-client