Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3r3a0su6tNmzjHtVkockwTbnQPs.roa
File: 3r3a0su6tNmzjHtVkockwTbnQPs.roa (raw, json)
Hash identifier: SwnvC3aVbj6yDiCq/bHK0l6L6o8CUXOkapbfTa6aXEk=
Subject key identifier: DE:BD:DA:D2:CB:BA:B4:D9:B3:8C:7B:55:92:87:24:C1:36:E7:40:FB
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01870923B36263623E16ECEB4102CBE5411E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3r3a0su6tNmzjHtVkockwTbnQPs.roa
Signing time: Wed 22 Mar 2023 11:45:47 +0000
ROA not before: Wed 22 Mar 2023 11:45:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 5.105.26.0/24 maxlen: 24
5.105.59.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.80.0/24 maxlen: 24
5.105.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:23:b3:62:63:62:3e:16:ec:eb:41:02:cb:e5:41:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 22 11:45:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=debddad2cbbab4d9b38c7b55928724c136e740fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:b9:1b:d8:c3:09:21:08:78:a6:48:9d:e0:
19:a9:21:ea:1a:cb:a4:8d:b8:89:a8:be:c2:bf:d8:
74:2e:89:09:a2:81:cf:f1:77:c7:c3:b2:7c:c8:ce:
94:0d:64:b6:25:d0:dc:5e:11:25:4e:93:57:ee:b9:
61:04:a2:bb:dc:f1:6b:1d:e0:1d:5b:05:75:f9:a7:
7f:3d:1a:88:ed:f2:93:01:47:79:e6:ee:e4:8e:28:
a4:ca:28:66:b3:d5:28:86:40:aa:5f:f1:26:19:9e:
66:d9:ca:c8:10:77:23:a7:fb:cf:70:f3:be:9d:dd:
0e:77:fd:6d:d4:ed:6b:16:08:8e:d2:3f:e8:71:41:
3f:01:81:9c:0d:46:bf:4f:c3:37:13:17:b0:46:61:
c1:a4:e8:c9:44:4c:5a:d1:b0:02:c3:13:e9:26:38:
72:a6:89:1f:0b:5a:e2:e8:2b:bc:4b:c0:bc:0c:f6:
5b:d5:34:5c:8d:45:0f:b5:e0:61:b5:ef:7f:23:f4:
a3:71:fa:fd:89:5f:dc:9c:af:1d:5f:0c:6c:12:3d:
29:a6:cf:a9:b8:48:b0:ed:b2:9f:98:aa:ae:d7:87:
c0:00:05:02:2a:71:d7:cf:9c:8d:3f:b9:9b:9e:f4:
e7:8e:0e:70:e7:ab:d0:30:8d:2f:a8:88:8d:71:11:
73:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BD:DA:D2:CB:BA:B4:D9:B3:8C:7B:55:92:87:24:C1:36:E7:40:FB
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3r3a0su6tNmzjHtVkockwTbnQPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.5.0/24
5.105.26.0/24
5.105.59.0/24
5.105.75.0/24
5.105.80.0/24
Signature Algorithm: sha256WithRSAEncryption
86:0f:5b:5f:60:2d:ff:0f:41:13:85:e4:af:9a:48:97:c6:6f:
bf:ea:66:91:df:81:e3:82:3c:21:6f:70:89:f2:18:37:44:8d:
1e:dd:f5:d9:b6:d3:21:66:44:31:82:77:a1:2f:0e:f2:77:3c:
72:df:41:90:42:76:54:75:4a:54:a3:76:04:ba:42:bd:ab:40:
7d:38:be:42:c8:fd:eb:12:38:d8:81:4c:72:ff:ad:43:4b:8e:
65:59:51:a3:4b:95:25:9b:1d:1e:76:db:cc:46:f9:10:48:8b:
e8:b2:ce:ac:f6:f4:c2:7e:20:65:ad:28:08:c8:81:4a:13:29:
a8:ed:a7:cc:f8:da:b2:8f:ab:13:55:85:b4:16:a4:6c:96:a8:
7d:dd:2f:4d:f8:41:19:71:7b:46:38:a5:4d:82:c5:73:b3:a7:
7a:24:bb:ed:50:54:02:c5:3a:06:f1:78:6a:99:c6:a7:3b:e9:
0f:7a:70:29:cd:28:1b:c6:6a:bf:e4:85:cb:39:a2:c4:43:18:
61:d0:96:49:a4:b3:c3:e0:60:df:0b:25:22:7d:cf:24:e1:ba:
4b:25:d1:c9:3b:02:40:ad:dd:6c:c4:81:7d:cd:17:e9:0a:e4:
6f:fa:dc:1f:82:42:8e:1b:93:4c:0d:3a:b0:aa:1a:e3:10:00:
d5:45:42:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcJI7NiY2I+FuzrQQLL5UEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzIyMTE0NTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWJkZGFkMmNiYmFiNGQ5YjM4YzdiNTU5Mjg3MjRjMTM2ZTc0MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocS5G9jDCSEIeKZIneAZqSHqGsuk
jbiJqL7Cv9h0LokJooHP8XfHw7J8yM6UDWS2JdDcXhElTpNX7rlhBKK73PFrHeAd
WwV1+ad/PRqI7fKTAUd55u7kjiikyihms9UohkCqX/EmGZ5m2crIEHcjp/vPcPO+
nd0Od/1t1O1rFgiO0j/ocUE/AYGcDUa/T8M3ExewRmHBpOjJRExa0bACwxPpJjhy
pokfC1ri6Cu8S8C8DPZb1TRcjUUPteBhte9/I/Sjcfr9iV/cnK8dXwxsEj0pps+p
uEiw7bKfmKqu14fAAAUCKnHXz5yNP7mbnvTnjg5w56vQMI0vqIiNcRFz/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN692tLLurTZs4x7VZKHJME250D7MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvM3IzYTBzdTZ0Tm16akh0VmtvY2t3VGJuUVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkFAwQA
BWkaAwQABWk7AwQABWlLAwQABWlQMA0GCSqGSIb3DQEBCwUAA4IBAQCGD1tfYC3/
D0ETheSvmkiXxm+/6maR34Hjgjwhb3CJ8hg3RI0e3fXZttMhZkQxgnehLw7ydzxy
30GQQnZUdUpUo3YEukK9q0B9OL5CyP3rEjjYgUxy/61DS45lWVGjS5Ulmx0edtvM
RvkQSIvoss6s9vTCfiBlrSgIyIFKEymo7afM+Nqyj6sTVYW0FqRslqh93S9N+EEZ
cXtGOKVNgsVzs6d6JLvtUFQCxToG8XhqmcanO+kPenApzSgbxmq/5IXLOaLEQxhh
0JZJpLPD4GDfCyUifc8k4bpLJdHJOwJArd1sxIF9zRfpCuRv+twfgkKOG5NMDTqw
qhrjEADVRUJQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:45 2025 by rpki-client