Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/u1oj4loq_tBZ5IHMaloe_RX88AA.roa
File: u1oj4loq_tBZ5IHMaloe_RX88AA.roa (raw, json)
Hash identifier: BUOzy0bLXJoBZ+K1lZb/1+qwynMf0LBrJZ7CraVIEv0=
Subject key identifier: BB:5A:23:E2:5A:2A:FE:D0:59:E4:81:CC:6A:5A:1E:FD:15:FC:F0:00
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 01876F0355D53F8FC55EDD110C906FE7A10D
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/u1oj4loq_tBZ5IHMaloe_RX88AA.roa
Signing time: Tue 11 Apr 2023 06:31:42 +0000
ROA not before: Tue 11 Apr 2023 06:31:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200235
IP address blocks: 45.137.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:03:55:d5:3f:8f:c5:5e:dd:11:0c:90:6f:e7:a1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Apr 11 06:31:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb5a23e25a2afed059e481cc6a5a1efd15fcf000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:15:4b:fe:06:21:0b:7c:49:e7:63:32:57:6e:
35:20:ca:2d:b9:35:1b:5d:6d:91:5a:0d:cd:50:80:
13:2d:c5:1b:96:3a:1b:10:d5:68:d4:94:76:17:c4:
08:43:73:67:37:06:a3:ec:5f:5e:f9:d1:94:fe:cd:
71:87:42:e5:4f:44:fb:67:b3:c3:5b:bd:ec:5b:d9:
67:46:3c:f4:bc:29:74:fb:b2:3f:c7:af:e3:c7:06:
4d:b4:cb:5b:d3:f8:30:9a:b9:3b:ae:51:8a:a4:59:
88:c1:2d:8f:9e:d4:d4:70:80:2f:c9:98:a6:3b:2d:
84:f7:a6:0e:8b:47:45:b2:2f:36:92:62:97:4f:22:
0a:97:2c:7a:bd:06:09:57:70:0a:a2:38:9b:7a:ee:
5c:2f:43:06:fc:a6:96:f1:09:c1:c5:2e:9d:f7:57:
f9:ca:25:5d:6f:18:ae:cd:90:07:52:38:ae:d8:ad:
8b:40:8a:37:56:38:46:26:85:9a:4b:e0:d5:aa:89:
c9:66:8b:9c:f6:a5:cb:5c:05:71:87:2c:b2:4a:ea:
22:50:c9:c6:50:59:33:84:c0:3f:71:d3:d0:89:91:
c6:72:4f:20:fc:9e:56:e2:33:60:a2:b3:2e:b3:b0:
f2:aa:be:01:c8:bd:9e:3f:80:49:2f:24:f7:04:ba:
79:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5A:23:E2:5A:2A:FE:D0:59:E4:81:CC:6A:5A:1E:FD:15:FC:F0:00
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/u1oj4loq_tBZ5IHMaloe_RX88AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.27.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:df:45:5e:14:29:2c:06:cd:c8:1b:31:49:d6:89:4a:66:1e:
60:9c:ba:53:04:24:d2:e5:39:f6:81:93:db:ed:45:dc:d8:ad:
8d:32:9d:49:38:46:df:e3:72:68:bd:71:a9:9b:63:ff:4a:69:
c2:4d:47:47:47:86:2b:65:e6:f5:d3:d8:3c:2c:46:e5:1e:45:
3a:c9:de:17:ab:4c:28:9a:d1:68:77:e9:14:d0:36:5b:69:4a:
e7:05:7b:81:7a:6c:9d:9d:c8:85:ad:60:c2:41:36:e2:65:79:
b9:36:75:9e:42:88:eb:72:41:c8:82:30:cc:cb:5a:2a:0d:c4:
5a:e7:40:d8:4a:86:66:b7:e6:75:f5:20:2e:77:aa:50:87:0c:
4d:52:89:76:96:0a:5b:13:33:9c:90:2c:91:3a:21:82:0e:b0:
63:c7:6f:78:1a:c6:c9:16:21:46:49:f1:0e:d0:94:ee:0c:1a:
94:e1:d0:6b:03:d5:9b:7a:2d:38:7f:5b:3d:4e:2f:03:c4:35:
98:75:70:da:cf:15:ba:97:85:c7:84:80:a0:fc:40:59:cf:44:
cb:74:66:b7:14:51:eb:fa:72:cf:7e:72:11:32:98:c2:30:4e:
8e:0e:6d:30:ad:02:be:9c:98:49:7d:59:05:48:8f:6c:8b:0d:
f9:c4:d9:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdvA1XVP4/FXt0RDJBv56ENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjMwNDExMDYzMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjVhMjNlMjVhMmFmZWQwNTllNDgxY2M2YTVhMWVmZDE1ZmNmMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRVL/gYhC3xJ52MyV241IMotuTUb
XW2RWg3NUIATLcUbljobENVo1JR2F8QIQ3NnNwaj7F9e+dGU/s1xh0LlT0T7Z7PD
W73sW9lnRjz0vCl0+7I/x6/jxwZNtMtb0/gwmrk7rlGKpFmIwS2PntTUcIAvyZim
Oy2E96YOi0dFsi82kmKXTyIKlyx6vQYJV3AKojibeu5cL0MG/KaW8QnBxS6d91f5
yiVdbxiuzZAHUjiu2K2LQIo3VjhGJoWaS+DVqonJZouc9qXLXAVxhyyySuoiUMnG
UFkzhMA/cdPQiZHGck8g/J5W4jNgorMus7Dyqr4ByL2eP4BJLyT3BLp5vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtaI+JaKv7QWeSBzGpaHv0V/PAAMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvdTFvajRsb3FfdEJaNUlITWFsb2VfUlg4OEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYkbMA0G
CSqGSIb3DQEBCwUAA4IBAQCd30VeFCksBs3IGzFJ1olKZh5gnLpTBCTS5Tn2gZPb
7UXc2K2NMp1JOEbf43JovXGpm2P/SmnCTUdHR4YrZeb109g8LEblHkU6yd4Xq0wo
mtFod+kU0DZbaUrnBXuBemydnciFrWDCQTbiZXm5NnWeQojrckHIgjDMy1oqDcRa
50DYSoZmt+Z19SAud6pQhwxNUol2lgpbEzOckCyROiGCDrBjx294GsbJFiFGSfEO
0JTuDBqU4dBrA9Wbei04f1s9Ti8DxDWYdXDazxW6l4XHhICg/EBZz0TLdGa3FFHr
+nLPfnIRMpjCME6ODm0wrQK+nJhJfVkFSI9siw35xNkO
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:44 2025 by rpki-client