Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1UYtDU224rQaQdhz1bo6oG_7Ka4.roa
File: 1UYtDU224rQaQdhz1bo6oG_7Ka4.roa (raw, json)
Hash identifier: 520zAqs9vtcvZ3YwQ6pdues9aRkf+6olkQdOuh8vNsU=
Subject key identifier: D5:46:2D:0D:4D:B6:E2:B4:1A:41:D8:73:D5:BA:3A:A0:6F:FB:29:AE
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01869C5648FB78D4882A54CD6589DA03BFB2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1UYtDU224rQaQdhz1bo6oG_7Ka4.roa
Signing time: Wed 01 Mar 2023 08:42:25 +0000
ROA not before: Wed 01 Mar 2023 08:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.30.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:56:48:fb:78:d4:88:2a:54:cd:65:89:da:03:bf:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 1 08:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5462d0d4db6e2b41a41d873d5ba3aa06ffb29ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7d:3f:06:bb:0a:4c:2d:02:bd:ab:35:53:43:
a9:1d:dd:3d:2e:2f:8a:e0:91:93:8d:8e:12:f6:7d:
b3:f6:bf:eb:52:55:35:a5:2c:a9:12:bd:90:b7:03:
6b:e2:74:31:ac:a5:2c:19:78:e8:16:2e:d6:8b:b2:
51:24:db:d0:c0:58:d5:b5:d0:85:ee:7d:6c:40:de:
ec:06:bb:fb:93:05:4f:15:3c:8b:a0:79:e6:f5:04:
27:bc:36:78:94:41:fa:83:c6:7f:92:00:7a:0d:75:
ed:c2:88:0b:5b:ce:43:a3:36:14:b4:ae:43:f7:c6:
93:15:a0:8e:59:6d:ee:ef:73:88:86:24:7d:24:c6:
57:8d:9b:fc:09:d6:5c:9f:ef:4f:83:9b:ae:77:3c:
ff:d5:78:67:ef:37:73:73:af:83:06:e5:57:d1:cd:
de:38:3b:c4:ab:5a:91:a3:cc:85:a6:97:2c:bc:f6:
d0:1d:93:f9:a9:2d:58:76:a0:b6:4f:d4:63:ca:b5:
8c:eb:89:b2:2f:ab:72:02:86:89:47:79:c0:52:ac:
23:76:f8:bf:bf:44:f7:dc:0f:cf:17:44:00:dc:df:
9d:64:44:71:60:be:a4:42:fe:36:30:11:14:ee:00:
82:d8:d7:db:30:71:30:23:6e:e2:69:be:e4:cd:4a:
ae:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:46:2D:0D:4D:B6:E2:B4:1A:41:D8:73:D5:BA:3A:A0:6F:FB:29:AE
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1UYtDU224rQaQdhz1bo6oG_7Ka4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.30.0/23
5.105.96.0/24
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
Signature Algorithm: sha256WithRSAEncryption
90:92:3a:55:1e:0c:9c:30:d7:ce:36:0a:93:6d:5d:02:9d:ee:
fe:6e:5a:cd:e1:04:4d:d3:fa:d7:89:c4:1f:da:7e:95:c2:30:
fb:7d:66:2e:ad:28:ec:13:c4:75:2c:c9:2d:74:5a:94:d0:df:
f8:2a:1d:32:45:0a:0f:c2:4e:87:fd:cd:0c:a8:d1:08:33:1c:
0e:96:79:83:0f:1f:80:2d:6f:0a:9c:3f:23:95:21:1f:79:1e:
c2:54:ef:c3:49:3f:65:9e:af:75:33:ec:98:76:6f:a7:a0:70:
56:81:5f:c6:8d:d8:55:fd:ca:a8:d9:63:68:7d:29:00:87:44:
f4:69:e4:b5:79:20:96:2f:82:13:67:32:76:90:06:41:5c:61:
a9:4e:81:66:4b:29:a6:63:81:dd:f0:9b:6d:15:33:29:e8:c2:
05:7f:de:3e:b9:75:c7:51:85:09:3e:58:c8:fd:1e:49:91:f8:
4d:a8:83:71:7c:57:7d:ac:5b:7b:bb:9f:b1:b7:41:dc:3e:68:
fd:a3:7a:e1:cb:fb:03:2c:0b:0b:aa:a2:1d:b2:41:ae:0a:65:
69:ed:a9:e2:6d:e5:5c:cd:e5:7c:6e:f2:f0:97:c4:13:61:ce:
6c:44:82:6d:14:e2:13:b3:03:f4:6c:9e:cf:99:04:23:42:b1:
7c:7c:8a:e1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYacVkj7eNSIKlTNZYnaA7+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzAxMDg0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ2MmQwZDRkYjZlMmI0MWE0MWQ4NzNkNWJhM2FhMDZmZmIyOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx30/BrsKTC0Cvas1U0OpHd09Li+K
4JGTjY4S9n2z9r/rUlU1pSypEr2QtwNr4nQxrKUsGXjoFi7Wi7JRJNvQwFjVtdCF
7n1sQN7sBrv7kwVPFTyLoHnm9QQnvDZ4lEH6g8Z/kgB6DXXtwogLW85DozYUtK5D
98aTFaCOWW3u73OIhiR9JMZXjZv8CdZcn+9Pg5uudzz/1Xhn7zdzc6+DBuVX0c3e
ODvEq1qRo8yFppcsvPbQHZP5qS1YdqC2T9RjyrWM64myL6tyAoaJR3nAUqwjdvi/
v0T33A/PF0QA3N+dZERxYL6kQv42MBEU7gCC2NfbMHEwI27iab7kzUqucwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNVGLQ1NtuK0GkHYc9W6OqBv+ymuMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMVVZdERVMjI0clFhUWRoejFibzZvR183S2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBWkeAwQA
BWlgAwQABWm4AwQABWnIAwQABWnXMA0GCSqGSIb3DQEBCwUAA4IBAQCQkjpVHgyc
MNfONgqTbV0Cne7+blrN4QRN0/rXicQf2n6VwjD7fWYurSjsE8R1LMktdFqU0N/4
Kh0yRQoPwk6H/c0MqNEIMxwOlnmDDx+ALW8KnD8jlSEfeR7CVO/DST9lnq91M+yY
dm+noHBWgV/GjdhV/cqo2WNofSkAh0T0aeS1eSCWL4ITZzJ2kAZBXGGpToFmSymm
Y4Hd8JttFTMp6MIFf94+uXXHUYUJPljI/R5JkfhNqINxfFd9rFt7u5+xt0HcPmj9
o3rhy/sDLAsLqqIdskGuCmVp7anibeVczeV8bvLwl8QTYc5sRIJtFOITswP0bJ7P
mQQjQrF8fIrh
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:15:29 2025 by rpki-client