Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1IU1jKezlPFqyfvU0mdoTvt9DbE.roa
File: 1IU1jKezlPFqyfvU0mdoTvt9DbE.roa (raw, json)
Hash identifier: sjw4HR73PDO+umGrDXTFpyojOnJl/yaKZWZsKGhfag0=
Subject key identifier: D4:85:35:8C:A7:B3:94:F1:6A:C9:FB:D4:D2:67:68:4E:FB:7D:0D:B1
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5A84A689E476E7E944092117FE09E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1IU1jKezlPFqyfvU0mdoTvt9DbE.roa
Signing time: Sun 01 Jan 2023 05:54:50 +0000
ROA not before: Sun 01 Jan 2023 05:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 5.105.228.0/24 maxlen: 24
5.105.242.0/24 maxlen: 24
5.105.51.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
5.105.66.0/24 maxlen: 24
5.105.185.0/24 maxlen: 24
5.105.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:a8:4a:68:9e:47:6e:7e:94:40:92:11:7f:e0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d485358ca7b394f16ac9fbd4d267684efb7d0db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:ec:74:43:46:95:87:57:20:55:06:e4:d6:
b7:6c:e5:f5:bd:1a:cb:f8:a6:84:2b:c2:5c:b7:8d:
8d:91:05:1b:cc:a9:0a:5f:90:0d:3e:4e:c5:b3:47:
72:e1:ea:d3:69:eb:7d:e9:4c:a1:6e:f8:74:fc:d3:
77:e4:fb:8b:88:7a:cb:55:9b:3c:56:c1:a1:54:b6:
92:97:8c:88:de:c1:d6:e7:2f:bc:df:a8:01:81:23:
eb:a1:f3:32:4d:24:46:f0:46:a7:26:aa:15:3f:4e:
6d:5c:35:ef:fa:29:70:be:cc:7e:32:83:35:b2:cb:
39:d7:8f:0f:46:9b:1f:b9:94:e6:e2:92:ae:e9:e6:
9d:bc:5e:63:d8:3b:dd:76:84:17:01:12:66:12:9e:
0a:0d:c7:01:00:f4:c6:7d:3b:60:cd:72:fe:0d:4e:
77:f6:ec:13:ab:21:83:65:07:56:68:37:f1:d7:03:
03:27:a6:e2:3f:23:06:a9:f1:59:e6:4c:c7:4f:e7:
67:d5:f6:a5:53:cf:4e:f3:97:6b:49:04:bc:ac:98:
d9:ac:fe:e2:5d:90:f4:45:e8:d7:fe:8d:5d:f6:b9:
b6:d0:2d:2e:53:fb:de:c2:a5:f7:0f:4f:07:6f:5c:
36:ab:c3:29:f3:10:9d:97:9a:6c:88:44:eb:0c:59:
d6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:85:35:8C:A7:B3:94:F1:6A:C9:FB:D4:D2:67:68:4E:FB:7D:0D:B1
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1IU1jKezlPFqyfvU0mdoTvt9DbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.51.0/24
5.105.66.0/24
5.105.118.0/24
5.105.169.0/24
5.105.185.0/24
5.105.228.0/24
5.105.242.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:00:29:dd:fd:60:dd:f0:12:d6:57:b0:f3:d0:be:69:5a:18:
a3:34:b6:a0:47:ee:de:95:96:d8:06:f7:ac:fa:31:cd:3e:40:
46:07:40:06:29:b4:91:11:31:f8:16:c5:fa:06:5b:1b:b4:21:
84:41:91:44:04:09:a2:34:ad:2d:84:51:d6:4e:f6:96:d6:56:
46:7c:b3:34:6d:a3:62:fc:2e:24:75:ea:19:0f:17:18:dd:dc:
ba:ae:9b:33:21:b6:70:91:74:a1:ed:37:fe:9c:79:59:ac:28:
8a:24:95:22:75:49:77:27:79:60:fd:06:7f:63:98:f3:55:68:
50:30:0e:61:ab:15:83:fb:0d:90:ef:16:57:8d:15:f5:ab:b8:
c8:6f:de:ea:ba:17:4d:5c:d8:84:a4:d9:8b:8f:01:f6:4d:ec:
4c:51:8d:e2:7b:39:6a:40:de:f5:9e:6f:c2:86:9d:ba:d8:20:
81:23:50:1d:a3:8f:7c:bb:18:3b:9d:9d:16:16:83:96:5c:54:
21:30:31:5e:e5:fc:ec:9d:21:f8:2a:2f:0c:ca:2e:66:dc:3a:
5f:80:54:9f:38:09:39:0a:ef:ff:35:f6:fb:83:e9:b1:53:71:
f4:94:53:aa:aa:ae:a7:4d:95:d0:ba:5f:db:ad:ff:3a:e2:53:
08:71:ca:8a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVr5ahKaJ5Hbn6UQJIRf+CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg1MzU4Y2E3YjM5NGYxNmFjOWZiZDRkMjY3Njg0ZWZiN2QwZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA/sdENGlYdXIFUG5Na3bOX1vRrL
+KaEK8Jct42NkQUbzKkKX5ANPk7Fs0dy4erTaet96Uyhbvh0/NN35PuLiHrLVZs8
VsGhVLaSl4yI3sHW5y+836gBgSProfMyTSRG8EanJqoVP05tXDXv+ilwvsx+MoM1
sss5148PRpsfuZTm4pKu6eadvF5j2DvddoQXARJmEp4KDccBAPTGfTtgzXL+DU53
9uwTqyGDZQdWaDfx1wMDJ6biPyMGqfFZ5kzHT+dn1falU89O85drSQS8rJjZrP7i
XZD0RejX/o1d9rm20C0uU/vewqX3D08Hb1w2q8Mp8xCdl5psiETrDFnW+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNSFNYyns5Txasn71NJnaE77fQ2xMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMUlVMWpLZXpsUEZxeWZ2VTBtZG9UdnQ5RGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkzAwQA
BWlCAwQABWl2AwQABWmpAwQABWm5AwQABWnkAwQABWnyMA0GCSqGSIb3DQEBCwUA
A4IBAQDUACnd/WDd8BLWV7Dz0L5pWhijNLagR+7elZbYBves+jHNPkBGB0AGKbSR
ETH4FsX6BlsbtCGEQZFEBAmiNK0thFHWTvaW1lZGfLM0baNi/C4kdeoZDxcY3dy6
rpszIbZwkXSh7Tf+nHlZrCiKJJUidUl3J3lg/QZ/Y5jzVWhQMA5hqxWD+w2Q7xZX
jRX1q7jIb97quhdNXNiEpNmLjwH2TexMUY3iezlqQN71nm/Chp262CCBI1Ado498
uxg7nZ0WFoOWXFQhMDFe5fzsnSH4Ki8Myi5m3DpfgFSfOAk5Cu//Nfb7g+mxU3H0
lFOqqq6nTZXQul/brf864lMIccqK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:24 2025 by rpki-client