Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0N3yhIqEcxOz5Xe88kmoS1RbWWM.roa
File: 0N3yhIqEcxOz5Xe88kmoS1RbWWM.roa (raw, json)
Hash identifier: 0uzPRk9MsK59apzZhf77PF3S1Ardt7xG6srl3FmNVGg=
Subject key identifier: D0:DD:F2:84:8A:84:73:13:B3:E5:77:BC:F2:49:A8:4B:54:5B:59:63
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A9CF3123E389A37C397178AA07CB57422
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0N3yhIqEcxOz5Xe88kmoS1RbWWM.roa
Signing time: Sat 16 Sep 2023 07:44:50 +0000
ROA not before: Sat 16 Sep 2023 07:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.125.0/24 maxlen: 24
5.105.132.0/24 maxlen: 24
5.105.28.0/24 maxlen: 24
5.105.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9c:f3:12:3e:38:9a:37:c3:97:17:8a:a0:7c:b5:74:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 16 07:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0ddf2848a847313b3e577bcf249a84b545b5963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fe:9b:2f:35:b4:9d:49:4b:28:8a:fb:40:7a:
4e:e3:9e:73:84:8f:22:e5:24:fe:d2:ec:d5:70:91:
7e:0c:bf:fc:b9:e5:02:4d:69:33:69:c7:04:99:cc:
a1:3f:c3:cc:d0:12:a6:ad:2e:88:7c:14:2a:d8:d2:
3f:b1:54:45:ac:99:a2:1a:12:46:9a:f0:3a:67:2d:
69:02:de:b9:e0:a5:98:ba:0a:98:eb:5a:c0:1e:43:
41:3e:2e:1e:89:ca:0c:8b:f6:b4:aa:70:f4:67:21:
75:82:c2:45:9a:0c:d4:5b:2e:30:ef:56:61:35:86:
af:a0:14:5d:39:7f:87:58:0f:d6:f2:3e:65:ea:c8:
a1:08:2f:1e:59:8a:4b:eb:d9:64:45:72:07:d5:b3:
2f:8d:0d:72:c6:79:b2:c7:f5:9b:f2:bd:12:03:f0:
f5:88:cc:cc:be:62:ca:6c:91:3b:b4:4d:4c:a8:40:
49:f6:09:67:ba:d3:b6:3b:5b:95:ee:23:38:05:dd:
88:0a:31:dd:fe:06:0d:06:ca:c6:c2:65:ff:bc:5c:
cb:77:69:40:ab:4b:a5:a5:a6:38:7d:51:f1:92:37:
a0:85:a0:80:c4:ba:b0:b4:b7:b4:84:45:03:71:c9:
51:9d:76:3a:8b:7d:b0:bf:18:42:83:64:84:5d:52:
51:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:DD:F2:84:8A:84:73:13:B3:E5:77:BC:F2:49:A8:4B:54:5B:59:63
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0N3yhIqEcxOz5Xe88kmoS1RbWWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.28.0/24
5.105.125.0/24
5.105.132.0/24
5.105.141.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a3:3b:f9:20:13:26:d9:34:f5:3a:bb:54:d5:c1:32:48:89:
a0:45:8c:4d:6a:fa:98:c0:b9:22:61:66:7f:cb:f8:d6:99:d3:
18:39:a5:77:e0:e4:d5:cd:c5:97:89:95:6c:95:da:53:e6:b2:
a4:c6:df:e7:92:de:31:ef:cc:34:67:05:93:73:e3:1b:2f:e2:
75:fd:3c:fa:8f:40:0e:2c:f7:4a:42:ee:33:91:46:92:3c:b6:
aa:2a:a4:31:64:89:c9:80:b2:75:3a:16:2e:68:ae:4f:cc:d3:
6e:76:18:a8:04:74:dc:64:04:f5:b4:55:10:fd:fb:49:12:d1:
18:52:0e:e2:b3:bf:39:3d:be:b5:19:b3:90:3d:21:7c:a9:c7:
a5:be:dc:5d:ee:02:cf:5d:17:9b:33:c7:d7:66:4e:e3:29:01:
0a:90:3a:20:4a:f9:4d:d3:17:6c:4c:86:58:2e:11:0b:ab:07:
e4:c8:39:da:e5:4c:a4:5e:3d:69:24:5e:21:71:01:cf:56:c7:
94:28:a2:15:0c:7d:34:41:85:09:7f:68:e1:3f:3b:f2:8d:8e:
01:3f:27:c6:d2:9a:1e:14:0c:fc:0c:e5:0f:ed:96:89:53:d6:
a4:f3:6e:68:7c:22:87:0b:43:21:34:66:e7:31:b0:ec:cf:69:
db:58:55:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqc8xI+OJo3w5cXiqB8tXQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTE2MDc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGRkZjI4NDhhODQ3MzEzYjNlNTc3YmNmMjQ5YTg0YjU0NWI1OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP6bLzW0nUlLKIr7QHpO455zhI8i
5ST+0uzVcJF+DL/8ueUCTWkzaccEmcyhP8PM0BKmrS6IfBQq2NI/sVRFrJmiGhJG
mvA6Zy1pAt654KWYugqY61rAHkNBPi4eicoMi/a0qnD0ZyF1gsJFmgzUWy4w71Zh
NYavoBRdOX+HWA/W8j5l6sihCC8eWYpL69lkRXIH1bMvjQ1yxnmyx/Wb8r0SA/D1
iMzMvmLKbJE7tE1MqEBJ9glnutO2O1uV7iM4Bd2ICjHd/gYNBsrGwmX/vFzLd2lA
q0ulpaY4fVHxkjeghaCAxLqwtLe0hEUDcclRnXY6i32wvxhCg2SEXVJR8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNDd8oSKhHMTs+V3vPJJqEtUW1ljMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvME4zeWhJcUVjeE96NVhlODhrbW9TMVJiV1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWkcAwQA
BWl9AwQABWmEAwQABWmNMA0GCSqGSIb3DQEBCwUAA4IBAQBqozv5IBMm2TT1OrtU
1cEySImgRYxNavqYwLkiYWZ/y/jWmdMYOaV34OTVzcWXiZVsldpT5rKkxt/nkt4x
78w0ZwWTc+MbL+J1/Tz6j0AOLPdKQu4zkUaSPLaqKqQxZInJgLJ1OhYuaK5PzNNu
dhioBHTcZAT1tFUQ/ftJEtEYUg7is785Pb61GbOQPSF8qcelvtxd7gLPXRebM8fX
Zk7jKQEKkDogSvlN0xdsTIZYLhELqwfkyDna5UykXj1pJF4hcQHPVseUKKIVDH00
QYUJf2jhPzvyjY4BPyfG0poeFAz8DOUP7ZaJU9ak825ofCKHC0MhNGbnMbDsz2nb
WFV3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:39 2025 by rpki-client