Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/YGFK41aeAl4pz_9dftdL9ilCDYo.roa
File: YGFK41aeAl4pz_9dftdL9ilCDYo.roa (raw, json)
Hash identifier: tMuZAsoK+cbsGvKM0i7OdHuHiIlK159KNgDJLJ4MIKg=
Subject key identifier: 60:61:4A:E3:56:9E:02:5E:29:CF:FF:5D:7E:D7:4B:F6:29:42:0D:8A
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188EE90F20BA0FBDA1ABDBB26C1E88A41F7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/YGFK41aeAl4pz_9dftdL9ilCDYo.roa
Signing time: Sat 24 Jun 2023 18:00:56 +0000
ROA not before: Sat 24 Jun 2023 18:00:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400536
IP address blocks: 5.105.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ee:90:f2:0b:a0:fb:da:1a:bd:bb:26:c1:e8:8a:41:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 24 18:00:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60614ae3569e025e29cfff5d7ed74bf629420d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:a2:1d:42:d8:1a:3a:da:25:fd:14:10:cd:
0f:e5:07:54:5b:19:13:03:da:af:3c:b3:1c:6f:19:
47:d8:4d:a7:e7:98:ec:4a:bf:0a:78:72:48:90:cb:
0f:1f:54:b8:57:c5:c6:86:cf:32:f3:e0:eb:be:23:
78:bb:a3:13:71:d4:dc:56:5e:ea:31:d7:a8:2c:94:
fd:bb:09:f1:73:a4:6f:18:1e:cf:3b:ea:96:dd:c4:
6b:2e:21:6d:1b:d5:4d:93:ed:a9:a0:b7:cf:b0:2b:
96:28:5c:f0:7f:fa:44:47:7e:d5:19:13:e0:fc:71:
b7:54:06:b3:0f:1b:e9:d1:4d:56:e6:37:04:ec:d1:
f6:6b:32:fb:6c:f6:af:14:1f:fe:ab:87:23:b0:3b:
36:ce:c3:fa:a1:6d:c1:dd:e3:a5:02:9a:4f:04:03:
80:4d:80:37:f9:ad:ce:a6:57:c6:0a:33:55:ed:7c:
55:06:11:47:f0:84:d3:52:65:81:4f:6f:f6:68:27:
d1:d8:68:96:3a:fd:9d:03:19:1b:81:9b:a4:66:bd:
7b:45:da:23:c0:75:43:db:ef:89:89:d0:2e:86:2c:
0f:7e:5e:66:88:08:7b:aa:1e:43:6f:a7:d8:4b:e8:
0a:fc:ff:65:64:7e:8f:3a:e5:18:45:b3:49:06:7d:
a0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:61:4A:E3:56:9E:02:5E:29:CF:FF:5D:7E:D7:4B:F6:29:42:0D:8A
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/YGFK41aeAl4pz_9dftdL9ilCDYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.19.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:a1:3c:7d:af:0d:5d:fd:e9:99:a3:7a:6d:75:67:b2:d5:72:
08:8f:d3:c0:95:d9:e0:d4:de:81:91:94:9c:68:ae:81:1b:25:
a5:fc:07:91:85:bd:df:29:c6:48:b3:e4:b3:91:a8:9d:9d:06:
02:19:57:7d:4d:96:c2:cd:7d:6d:b2:89:04:d1:a2:15:cf:de:
33:4b:91:1b:c7:2f:90:c6:8d:98:f3:70:90:f0:4e:ae:86:72:
2f:4e:94:7b:79:60:52:ab:0d:21:36:d9:cb:d6:4b:87:25:9d:
d9:a5:5c:ed:40:8d:8b:d1:ad:3f:c3:9a:b0:83:01:7e:b8:48:
86:d9:50:dd:a9:15:bc:7f:6b:68:70:30:2b:64:76:1b:22:d7:
60:a7:e4:f7:49:70:9f:fd:15:67:8c:fe:2d:19:d3:e1:25:14:
5e:fc:3f:e7:f9:dc:f6:70:bf:95:ea:6c:ae:09:0a:e6:62:57:
08:81:5f:a1:17:9e:c1:a3:71:5c:e5:56:46:87:32:18:21:b6:
ee:ad:20:63:85:32:74:10:38:9b:ee:a1:e7:78:a8:b4:13:64:
00:cc:49:1e:3f:41:ff:62:5c:46:59:cd:07:45:ff:33:da:13:
c5:93:b4:c6:02:2f:0b:15:ae:c6:6f:bb:71:54:9b:d8:20:ce:
3f:95:37:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjukPILoPvaGr27JsHoikH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjI0MTgwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDYxNGFlMzU2OWUwMjVlMjljZmZmNWQ3ZWQ3NGJmNjI5NDIwZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPaiHULYGjraJf0UEM0P5QdUWxkT
A9qvPLMcbxlH2E2n55jsSr8KeHJIkMsPH1S4V8XGhs8y8+DrviN4u6MTcdTcVl7q
MdeoLJT9uwnxc6RvGB7PO+qW3cRrLiFtG9VNk+2poLfPsCuWKFzwf/pER37VGRPg
/HG3VAazDxvp0U1W5jcE7NH2azL7bPavFB/+q4cjsDs2zsP6oW3B3eOlAppPBAOA
TYA3+a3OplfGCjNV7XxVBhFH8ITTUmWBT2/2aCfR2GiWOv2dAxkbgZukZr17Rdoj
wHVD2++JidAuhiwPfl5miAh7qh5Db6fYS+gK/P9lZH6POuUYRbNJBn2gHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBhSuNWngJeKc//XX7XS/YpQg2KMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvWUdGSzQxYWVBbDRwel85ZGZ0ZEw5aWxDRFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkTMA0G
CSqGSIb3DQEBCwUAA4IBAQDHoTx9rw1d/emZo3ptdWey1XIIj9PAldng1N6BkZSc
aK6BGyWl/AeRhb3fKcZIs+SzkaidnQYCGVd9TZbCzX1tsokE0aIVz94zS5Ebxy+Q
xo2Y83CQ8E6uhnIvTpR7eWBSqw0hNtnL1kuHJZ3ZpVztQI2L0a0/w5qwgwF+uEiG
2VDdqRW8f2tocDArZHYbItdgp+T3SXCf/RVnjP4tGdPhJRRe/D/n+dz2cL+V6myu
CQrmYlcIgV+hF57Bo3Fc5VZGhzIYIbburSBjhTJ0EDib7qHneKi0E2QAzEkeP0H/
YlxGWc0HRf8z2hPFk7TGAi8LFa7Gb7txVJvYIM4/lTfe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:09 2025 by rpki-client