Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/4Me6lWJznhU6RAvjRP4qOPD7whc.roa
File: 4Me6lWJznhU6RAvjRP4qOPD7whc.roa (raw, json)
Hash identifier: j/e5KFTJfPw2U+l9nYtsKRRj1Fqj/FffH9NdEwySyYU=
Subject key identifier: E0:C7:BA:95:62:73:9E:15:3A:44:0B:E3:44:FE:2A:38:F0:FB:C2:17
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188787FF781D4411EC401B6F4902DA8E835
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/4Me6lWJznhU6RAvjRP4qOPD7whc.roa
Signing time: Thu 01 Jun 2023 19:47:12 +0000
ROA not before: Thu 01 Jun 2023 19:47:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 5.105.123.0/24 maxlen: 24
5.105.59.0/24 maxlen: 24
5.105.80.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:78:7f:f7:81:d4:41:1e:c4:01:b6:f4:90:2d:a8:e8:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 1 19:47:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0c7ba9562739e153a440be344fe2a38f0fbc217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e3:42:53:1c:28:53:94:b5:fe:e0:64:d2:e9:
5f:05:7f:0e:e5:19:9f:0c:54:bd:cd:ba:8f:fe:41:
9f:43:c3:58:76:60:e0:a7:91:cd:0f:af:5c:13:20:
07:73:9d:8c:64:06:bc:57:39:43:cc:b0:fb:41:05:
aa:95:3f:ed:34:07:bf:f9:4f:8b:7e:5a:c1:b8:7d:
ed:38:df:68:7d:3b:4d:62:a1:ca:f3:14:99:7d:99:
fd:6b:74:68:f3:83:fd:6c:e8:16:c6:c2:78:5a:66:
71:23:6f:37:f5:82:9f:a5:1c:b6:c7:58:d2:7d:fc:
eb:3f:d5:5c:d1:83:63:4b:3b:bb:cb:8f:53:1a:58:
c9:3d:1c:32:ac:e1:3d:0b:14:a8:c4:e7:0f:5d:97:
b2:a1:3d:82:94:ee:43:36:b8:19:c0:2c:b4:16:79:
79:5e:fd:ac:79:b4:31:e0:c6:0b:0e:53:f1:57:ab:
cb:4a:37:84:79:d2:9e:46:ae:d6:44:f0:fc:81:d7:
0c:4f:21:3b:80:9d:34:2b:83:0c:f4:35:bd:26:f2:
6b:1c:9c:97:fb:70:0d:6e:2e:61:7b:0e:32:8d:d9:
ea:97:5d:e1:c2:28:b4:2c:ea:66:4c:9e:56:6a:f1:
19:7c:8c:13:85:6b:62:8a:23:29:a3:8c:d8:b6:04:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C7:BA:95:62:73:9E:15:3A:44:0B:E3:44:FE:2A:38:F0:FB:C2:17
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/4Me6lWJznhU6RAvjRP4qOPD7whc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.59.0/24
5.105.80.0/24
5.105.123.0/24
5.105.226.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:84:a0:fc:8a:d6:33:15:74:bf:86:e7:cb:80:71:7e:60:b2:
eb:f4:24:7c:a3:e8:a2:ab:30:e9:ee:cb:36:19:81:8a:36:44:
7c:fa:da:ca:7f:04:20:32:aa:6d:c1:d5:f6:58:f6:8a:b7:c1:
2c:60:e0:60:39:04:ff:ea:68:7e:39:29:4e:c0:92:b3:98:c2:
e7:51:b0:80:79:6f:03:6b:ec:db:cd:10:5a:35:e6:f0:80:94:
58:33:b5:27:bd:cf:61:01:53:92:10:ef:e1:c9:b2:86:f9:78:
d3:af:ca:a4:2c:9f:7a:3b:b5:fd:28:08:e6:1c:26:b2:48:9d:
79:0d:71:61:88:1a:20:f0:04:d4:2c:76:1e:84:81:c7:0c:78:
48:6c:1f:68:67:2b:6e:ce:67:91:ae:1e:ea:96:70:a2:29:56:
65:1a:a8:bb:c1:64:28:67:3d:a2:34:96:10:64:b9:c9:c4:e4:
e0:f5:d5:09:37:87:6b:f0:15:84:01:ad:9b:0a:43:43:71:a5:
9d:c9:42:fa:fc:30:38:a0:de:0a:ec:40:17:ff:78:7c:5e:74:
f0:1b:c2:6c:af:af:3d:a0:66:7b:fb:97:3b:de:27:9f:db:92:
a0:73:a0:d1:7c:c2:b4:5f:1f:47:33:c8:40:26:c1:a8:9a:d4:
00:5f:81:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYh4f/eB1EEexAG29JAtqOg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjAxMTk0NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM3YmE5NTYyNzM5ZTE1M2E0NDBiZTM0NGZlMmEzOGYwZmJjMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+NCUxwoU5S1/uBk0ulfBX8O5Rmf
DFS9zbqP/kGfQ8NYdmDgp5HND69cEyAHc52MZAa8VzlDzLD7QQWqlT/tNAe/+U+L
flrBuH3tON9ofTtNYqHK8xSZfZn9a3Ro84P9bOgWxsJ4WmZxI2839YKfpRy2x1jS
ffzrP9Vc0YNjSzu7y49TGljJPRwyrOE9CxSoxOcPXZeyoT2ClO5DNrgZwCy0Fnl5
Xv2sebQx4MYLDlPxV6vLSjeEedKeRq7WRPD8gdcMTyE7gJ00K4MM9DW9JvJrHJyX
+3ANbi5hew4yjdnql13hwii0LOpmTJ5WavEZfIwThWtiiiMpo4zYtgSdfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFODHupVic54VOkQL40T+Kjjw+8IXMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvNE1lNmxXSnpuaFU2UkF2alJQNHFPUEQ3d2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWk7AwQA
BWlQAwQABWl7AwQABWniMA0GCSqGSIb3DQEBCwUAA4IBAQB/hKD8itYzFXS/hufL
gHF+YLLr9CR8o+iiqzDp7ss2GYGKNkR8+trKfwQgMqptwdX2WPaKt8EsYOBgOQT/
6mh+OSlOwJKzmMLnUbCAeW8Da+zbzRBaNebwgJRYM7Unvc9hAVOSEO/hybKG+XjT
r8qkLJ96O7X9KAjmHCaySJ15DXFhiBog8ATULHYehIHHDHhIbB9oZytuzmeRrh7q
lnCiKVZlGqi7wWQoZz2iNJYQZLnJxOTg9dUJN4dr8BWEAa2bCkNDcaWdyUL6/DA4
oN4K7EAX/3h8XnTwG8Jsr689oGZ7+5c73ief25Kgc6DRfMK0Xx9HM8hAJsGomtQA
X4E3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:44 2025 by rpki-client