Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EP8STS2_tQ3DoKRVy4tRZ4aQQig.roa
File: EP8STS2_tQ3DoKRVy4tRZ4aQQig.roa (raw, json)
Hash identifier: SuSueBsbhQUlmuSBLVGuA5Q0jujvMn+s4MYogwViy1s=
Subject key identifier: 10:FF:12:4D:2D:BF:B5:0D:C3:A0:A4:55:CB:8B:51:67:86:90:42:28
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187C1AB00B2521C2CA1595985896CB04286
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EP8STS2_tQ3DoKRVy4tRZ4aQQig.roa
Signing time: Thu 27 Apr 2023 07:43:42 +0000
ROA not before: Thu 27 Apr 2023 07:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:ab:00:b2:52:1c:2c:a1:59:59:85:89:6c:b0:42:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 27 07:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10ff124d2dbfb50dc3a0a455cb8b516786904228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:e4:2d:07:60:14:38:5a:df:84:ad:c8:06:
13:ec:b2:01:d3:2d:cc:fb:c8:f3:0a:af:47:a2:04:
1f:1e:54:74:8a:43:50:b3:26:3c:8b:28:51:4e:5b:
d9:56:dc:14:f1:b9:d3:97:35:8c:a1:d6:6d:8a:13:
59:02:0f:ea:2a:43:ad:56:2e:30:bf:cf:43:ab:88:
2d:6f:58:c0:2e:bd:76:fb:2f:3c:11:16:4a:b2:55:
9b:44:a9:29:76:b2:9e:7f:82:6c:35:48:26:f9:9e:
22:fa:10:5b:bc:ad:db:3c:cc:33:62:c2:72:2e:3f:
90:c2:2c:83:94:a5:1b:eb:af:d6:d8:42:1c:e6:18:
71:85:e5:2b:18:8d:26:22:6c:38:8e:2f:8b:c6:ba:
9a:3b:bc:8c:af:99:34:59:83:bc:b7:28:82:64:df:
52:cd:21:8f:29:4e:ab:79:db:aa:31:82:29:9a:ef:
36:ff:f9:c0:f8:ac:02:63:25:38:62:d1:7f:23:f5:
e8:6f:45:52:05:b9:df:9a:7a:5d:c9:2c:ed:b7:58:
3c:80:58:bb:da:1b:63:e4:75:36:76:b1:6c:a5:f6:
b5:16:b2:e2:7a:a8:d2:8e:e0:c5:d3:9e:39:33:75:
f4:21:26:fa:74:48:07:c6:6e:a0:ff:9f:f2:a6:5e:
f0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FF:12:4D:2D:BF:B5:0D:C3:A0:A4:55:CB:8B:51:67:86:90:42:28
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EP8STS2_tQ3DoKRVy4tRZ4aQQig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:47:38:5a:32:7a:d5:1e:70:ac:16:67:06:98:4e:24:ab:2a:
7c:95:19:fb:b9:f0:d9:29:29:45:d6:0d:95:cb:3b:3d:f7:35:
29:16:26:16:22:36:7d:60:0f:7d:c2:fa:8b:a9:f1:c0:07:59:
77:c9:97:77:5b:f6:1d:12:14:af:77:5d:f7:c0:04:6a:ce:59:
cf:8f:31:d0:f4:c6:dd:52:d1:15:1c:59:9a:88:11:68:7e:95:
e0:38:1c:b5:18:83:be:9b:e2:21:a7:20:f2:80:24:82:e2:dd:
0a:a9:b4:83:f3:42:e7:07:c2:7e:9f:e6:6e:64:e5:be:5b:d9:
0e:3b:26:5d:d6:29:05:08:c3:3d:a0:20:8c:18:8c:87:2b:55:
f7:a5:14:5c:b4:3a:79:ca:9a:5c:7f:4b:e3:88:09:2a:92:8d:
d9:1c:7e:1a:0b:2b:8f:a7:2e:d7:20:10:05:43:11:f0:7c:0d:
cf:99:53:96:6d:a8:c0:67:12:f2:3e:69:cd:e2:9b:86:dc:3b:
1c:00:ae:12:b3:8a:50:81:d4:c6:a8:27:e2:81:e9:19:41:91:
b5:66:53:4f:2d:98:c5:53:65:69:0d:a7:d3:f1:5d:98:87:20:
c3:bf:7d:ca:3e:7d:35:8f:e2:31:c6:2f:cc:c6:2c:07:8c:19:
d9:98:38:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfBqwCyUhwsoVlZhYlssEKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDI3MDc0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZmMTI0ZDJkYmZiNTBkYzNhMGE0NTVjYjhiNTE2Nzg2OTA0MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2TkLQdgFDha34StyAYT7LIB0y3M
+8jzCq9HogQfHlR0ikNQsyY8iyhRTlvZVtwU8bnTlzWModZtihNZAg/qKkOtVi4w
v89Dq4gtb1jALr12+y88ERZKslWbRKkpdrKef4JsNUgm+Z4i+hBbvK3bPMwzYsJy
Lj+QwiyDlKUb66/W2EIc5hhxheUrGI0mImw4ji+LxrqaO7yMr5k0WYO8tyiCZN9S
zSGPKU6reduqMYIpmu82//nA+KwCYyU4YtF/I/Xob0VSBbnfmnpdySztt1g8gFi7
2htj5HU2drFspfa1FrLieqjSjuDF0545M3X0ISb6dEgHxm6g/5/ypl7wCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBD/Ek0tv7UNw6CkVcuLUWeGkEIoMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRVA4U1RTMl90UTNEb0tSVnk0dFJaNGFRUWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkVMA0G
CSqGSIb3DQEBCwUAA4IBAQDHRzhaMnrVHnCsFmcGmE4kqyp8lRn7ufDZKSlF1g2V
yzs99zUpFiYWIjZ9YA99wvqLqfHAB1l3yZd3W/YdEhSvd133wARqzlnPjzHQ9Mbd
UtEVHFmaiBFofpXgOBy1GIO+m+IhpyDygCSC4t0KqbSD80LnB8J+n+ZuZOW+W9kO
OyZd1ikFCMM9oCCMGIyHK1X3pRRctDp5yppcf0vjiAkqko3ZHH4aCyuPpy7XIBAF
QxHwfA3PmVOWbajAZxLyPmnN4puG3DscAK4Ss4pQgdTGqCfigekZQZG1ZlNPLZjF
U2VpDafT8V2YhyDDv33KPn01j+Ixxi/MxiwHjBnZmDiv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:03 2025 by rpki-client