Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JLl7qW25wf_9u9CyaRSUn_1yGlk.roa
File: JLl7qW25wf_9u9CyaRSUn_1yGlk.roa (raw, json)
Hash identifier: wMJvF+8swNuTXQNdwGm9FmGLLyh7gbnNla4xdlGs0tE=
Subject key identifier: 24:B9:7B:A9:6D:B9:C1:FF:FD:BB:D0:B2:69:14:94:9F:FD:72:1A:59
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A1857D917E88F0204882AC75CE8E9B628
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JLl7qW25wf_9u9CyaRSUn_1yGlk.roa
Signing time: Mon 21 Aug 2023 13:45:24 +0000
ROA not before: Mon 21 Aug 2023 13:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 5.105.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:57:d9:17:e8:8f:02:04:88:2a:c7:5c:e8:e9:b6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 21 13:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24b97ba96db9c1fffdbbd0b26914949ffd721a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:f0:cd:cd:da:b8:db:76:f6:3c:ba:8d:32:
f1:4e:b4:f4:93:4f:e2:48:d6:20:fd:7f:48:10:bc:
45:42:0e:cf:c4:8b:70:9f:e4:08:55:e1:fe:f7:2a:
b8:69:4e:8c:47:25:b3:9f:95:36:42:31:d8:73:bf:
8f:67:86:2b:3d:f5:90:69:7d:fa:d9:00:00:fc:51:
bf:51:71:49:9e:98:9c:3d:57:99:4f:ab:14:93:44:
fe:c0:d5:80:e7:2d:54:08:2c:78:61:f8:df:ea:7e:
d2:82:cc:c3:be:37:36:3c:ac:26:55:7c:a1:d8:4b:
8f:d0:eb:c6:72:24:6c:84:38:68:fd:47:99:4d:3d:
ed:49:b0:da:b2:39:d8:ac:74:63:a3:18:1f:ca:14:
f0:ce:99:9d:fd:77:aa:b1:0f:59:3e:e1:46:24:df:
58:81:49:ae:08:f8:f6:bb:c4:d8:ad:aa:e2:34:6f:
c4:f6:e5:19:57:cf:69:0c:12:8c:3d:4d:c0:a3:54:
9b:dd:bc:68:1a:7e:65:35:0d:96:a7:8c:2a:83:9d:
0d:99:7f:f3:3e:ea:28:5f:8d:4d:71:18:db:37:13:
85:45:cf:de:ec:22:56:d7:b7:26:e6:1c:2c:a0:2f:
a1:18:8e:24:c4:f9:85:cf:fc:38:8a:1e:d6:6c:b2:
89:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B9:7B:A9:6D:B9:C1:FF:FD:BB:D0:B2:69:14:94:9F:FD:72:1A:59
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JLl7qW25wf_9u9CyaRSUn_1yGlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.139.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e3:b3:09:67:7f:8c:e7:54:d1:7c:54:43:e8:13:41:b7:00:
fb:9c:6f:dd:c3:b7:0a:38:69:80:7d:5a:4e:1c:b2:f6:52:2e:
e9:83:e8:57:c2:a4:e4:0c:f8:a4:88:28:65:a2:40:54:5e:a7:
19:fe:8c:bc:f0:23:06:f3:a2:89:03:d3:3b:ff:e5:81:cc:fb:
e6:4b:63:bd:9c:07:b3:b0:e4:9c:7b:bf:04:b7:85:0a:30:d7:
83:1f:11:e1:a1:98:7b:67:03:a0:52:c0:1b:e0:6f:b2:78:f1:
fb:cb:b9:30:64:f2:7e:af:6e:a6:ae:7a:6f:3b:38:77:c2:b0:
4b:15:92:31:f6:8c:50:ff:c9:98:c1:51:61:fb:b1:84:8b:be:
37:87:6f:59:4c:83:4e:62:f8:d7:dc:ac:fc:7f:05:72:59:4d:
b7:02:a3:9b:74:64:c5:f6:39:f8:db:c7:22:56:74:51:0b:c3:
fd:92:06:7a:ae:6e:23:6b:05:4b:82:4b:c0:ca:a1:4d:b8:46:
25:86:51:e6:7b:3c:da:7f:20:96:d8:ba:72:75:cd:be:9b:0c:
c8:44:91:5f:92:e1:6d:dd:17:ec:55:49:74:2c:5c:59:09:5b:
88:25:5f:9c:6e:84:1a:b3:d9:6c:35:f3:f1:26:cb:e6:de:cf:
36:f7:09:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoYV9kX6I8CBIgqx1zo6bYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODIxMTM0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI5N2JhOTZkYjljMWZmZmRiYmQwYjI2OTE0OTQ5ZmZkNzIxYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Pwzc3auNt29jy6jTLxTrT0k0/i
SNYg/X9IELxFQg7PxItwn+QIVeH+9yq4aU6MRyWzn5U2QjHYc7+PZ4YrPfWQaX36
2QAA/FG/UXFJnpicPVeZT6sUk0T+wNWA5y1UCCx4Yfjf6n7SgszDvjc2PKwmVXyh
2EuP0OvGciRshDho/UeZTT3tSbDasjnYrHRjoxgfyhTwzpmd/XeqsQ9ZPuFGJN9Y
gUmuCPj2u8TYrariNG/E9uUZV89pDBKMPU3Ao1Sb3bxoGn5lNQ2Wp4wqg50NmX/z
PuooX41NcRjbNxOFRc/e7CJW17cm5hwsoC+hGI4kxPmFz/w4ih7WbLKJgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCS5e6ltucH//bvQsmkUlJ/9chpZMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSkxsN3FXMjV3Zl85dTlDeWFSU1VuXzF5R2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWmLMA0G
CSqGSIb3DQEBCwUAA4IBAQCY47MJZ3+M51TRfFRD6BNBtwD7nG/dw7cKOGmAfVpO
HLL2Ui7pg+hXwqTkDPikiChlokBUXqcZ/oy88CMG86KJA9M7/+WBzPvmS2O9nAez
sOSce78Et4UKMNeDHxHhoZh7ZwOgUsAb4G+yePH7y7kwZPJ+r26mrnpvOzh3wrBL
FZIx9oxQ/8mYwVFh+7GEi743h29ZTINOYvjX3Kz8fwVyWU23AqObdGTF9jn428ci
VnRRC8P9kgZ6rm4jawVLgkvAyqFNuEYlhlHmezzafyCW2Lpydc2+mwzIRJFfkuFt
3RfsVUl0LFxZCVuIJV+cboQas9lsNfPxJsvm3s829wmu
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:42:02 2025 by rpki-client