Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ulf3p8CN7P-w9C-KgPz98swQYAw.roa
File: ulf3p8CN7P-w9C-KgPz98swQYAw.roa (raw, json)
Hash identifier: WKyRXmqYI7rUIMm1uVIHmaXugfZK0AMd60QDjaSJEfs=
Subject key identifier: BA:57:F7:A7:C0:8D:EC:FF:B0:F4:2F:8A:80:FC:FD:F2:CC:10:60:0C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A07C4641E7F37F3C65AD5FBE9515FAA0F
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ulf3p8CN7P-w9C-KgPz98swQYAw.roa
Signing time: Fri 18 Aug 2023 08:30:25 +0000
ROA not before: Fri 18 Aug 2023 08:30:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 5.105.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:c4:64:1e:7f:37:f3:c6:5a:d5:fb:e9:51:5f:aa:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 18 08:30:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba57f7a7c08decffb0f42f8a80fcfdf2cc10600c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1d:de:ca:2d:80:78:70:ef:ac:b3:98:83:ec:
55:04:b5:22:68:df:8f:8f:e7:8d:8d:f8:75:4f:53:
d6:ed:9a:59:f6:3e:c2:1c:f9:57:4d:ff:c0:1e:45:
94:1e:bc:7b:c6:b3:7f:b8:f4:41:e5:a8:1e:b0:2d:
53:27:97:2e:7d:6a:e0:e5:5a:dd:e8:f1:cd:1a:f3:
78:72:7a:f4:e9:e4:ba:1e:33:a3:7d:2d:95:b3:39:
20:8c:c4:61:ef:d3:26:91:30:c6:7a:75:ec:7c:93:
ad:47:17:97:22:29:9b:b2:13:c2:af:60:97:45:8c:
7a:05:04:6b:11:20:78:db:26:23:cb:eb:c8:65:04:
10:14:af:d9:d0:85:e6:56:d1:d5:12:26:aa:f5:ca:
b3:bc:c5:66:e3:43:1f:e1:91:85:89:82:d6:7b:27:
4c:71:7a:51:ba:bd:13:a7:7c:0e:89:cf:53:54:c6:
2a:a4:70:68:59:6c:c6:27:2c:a5:f1:d9:54:c0:eb:
85:75:5f:7a:33:e2:e9:0c:22:5b:26:24:30:d1:73:
ac:1c:00:51:87:76:4f:81:1e:a1:19:c4:99:6e:0a:
f0:47:b5:9d:6e:75:ee:5d:25:cb:d0:ce:e9:b1:79:
41:5f:6b:ba:fc:ac:41:fc:59:cf:c7:1b:18:d0:9d:
cc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:57:F7:A7:C0:8D:EC:FF:B0:F4:2F:8A:80:FC:FD:F2:CC:10:60:0C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ulf3p8CN7P-w9C-KgPz98swQYAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.84.0/24
Signature Algorithm: sha256WithRSAEncryption
51:52:f3:df:2e:87:2e:45:9f:4c:a2:1d:01:31:ae:92:28:81:
f1:f7:9a:01:d6:c8:16:9a:9a:57:52:2d:2f:ac:e2:dc:e5:ce:
5a:9b:9c:d2:88:c4:d9:9c:bf:33:e2:a3:6a:b0:2a:49:34:2d:
f2:9f:f9:5e:0f:55:fd:c8:07:9a:df:88:db:e5:fa:db:c3:f7:
c8:6a:9a:71:84:40:b1:98:c8:cc:ca:a5:70:42:7d:3a:4e:2e:
fe:1a:58:ea:82:a8:21:b0:43:ea:a8:72:d8:98:f0:be:37:bb:
c9:ee:d0:9d:e6:9c:e2:28:5a:d7:4f:12:7c:b5:a2:dd:19:2d:
f0:e6:79:4f:e3:40:65:03:2c:e9:fc:8b:f5:85:bd:a2:da:86:
75:2e:9d:99:f8:05:98:85:75:39:d3:2c:ba:be:a1:73:df:1b:
94:53:f3:fb:cc:fd:8e:ba:fc:51:f6:14:d2:60:4f:3e:d9:85:
b5:1b:b3:55:e0:b1:b5:eb:c5:b5:e6:fa:3e:e4:6e:05:5e:03:
d3:3c:b1:e6:42:2f:c3:96:a3:57:64:1a:fc:09:53:3e:57:28:
a1:ab:c8:d9:37:4a:8d:c5:f5:1e:16:d8:a5:95:2d:23:26:ef:
87:00:11:04:bb:9a:eb:ba:53:a9:0c:88:10:dd:df:9c:c3:94:
a7:db:fa:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoHxGQefzfzxlrV++lRX6oPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODE4MDgzMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTU3ZjdhN2MwOGRlY2ZmYjBmNDJmOGE4MGZjZmRmMmNjMTA2MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph3eyi2AeHDvrLOYg+xVBLUiaN+P
j+eNjfh1T1PW7ZpZ9j7CHPlXTf/AHkWUHrx7xrN/uPRB5agesC1TJ5cufWrg5Vrd
6PHNGvN4cnr06eS6HjOjfS2VszkgjMRh79MmkTDGenXsfJOtRxeXIimbshPCr2CX
RYx6BQRrESB42yYjy+vIZQQQFK/Z0IXmVtHVEiaq9cqzvMVm40Mf4ZGFiYLWeydM
cXpRur0Tp3wOic9TVMYqpHBoWWzGJyyl8dlUwOuFdV96M+LpDCJbJiQw0XOsHABR
h3ZPgR6hGcSZbgrwR7WdbnXuXSXL0M7psXlBX2u6/KxB/FnPxxsY0J3MyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpX96fAjez/sPQvioD8/fLMEGAMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdWxmM3A4Q043UC13OUMtS2dQejk4c3dRWUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWlUMA0G
CSqGSIb3DQEBCwUAA4IBAQBRUvPfLocuRZ9Moh0BMa6SKIHx95oB1sgWmppXUi0v
rOLc5c5am5zSiMTZnL8z4qNqsCpJNC3yn/leD1X9yAea34jb5frbw/fIappxhECx
mMjMyqVwQn06Ti7+GljqgqghsEPqqHLYmPC+N7vJ7tCd5pziKFrXTxJ8taLdGS3w
5nlP40BlAyzp/Iv1hb2i2oZ1Lp2Z+AWYhXU50yy6vqFz3xuUU/P7zP2OuvxR9hTS
YE8+2YW1G7NV4LG168W15vo+5G4FXgPTPLHmQi/DlqNXZBr8CVM+Vyihq8jZN0qN
xfUeFtillS0jJu+HABEEu5rrulOpDIgQ3d+cw5Sn2/rL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:50 2025 by rpki-client