Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/4sOl1jo2Kp6rXoshlfwHtDocA_g.roa
File: 4sOl1jo2Kp6rXoshlfwHtDocA_g.roa (raw, json)
Hash identifier: /lPeT8oijV+QEIlQLq9viEzXwvsGfjHpWPhYvfMwCjI=
Subject key identifier: E2:C3:A5:D6:3A:36:2A:9E:AB:5E:8B:21:95:FC:07:B4:3A:1C:03:F8
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187DB11B34801C505DA3E13CFC4592F0D06
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/4sOl1jo2Kp6rXoshlfwHtDocA_g.roa
Signing time: Tue 02 May 2023 06:06:22 +0000
ROA not before: Tue 02 May 2023 06:06:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 5.105.23.0/24 maxlen: 24
5.105.44.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:11:b3:48:01:c5:05:da:3e:13:cf:c4:59:2f:0d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: May 2 06:06:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2c3a5d63a362a9eab5e8b2195fc07b43a1c03f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:da:08:f2:02:85:6e:96:a3:79:7c:c8:36:c0:
2f:82:85:36:09:21:b5:5a:9e:d6:53:a6:6c:38:d7:
b8:b2:aa:63:31:41:7a:5e:32:50:14:96:36:b6:38:
22:c2:68:43:7f:f1:90:fb:6c:0b:ac:34:23:5f:46:
cf:e4:9b:34:0c:d7:a8:0c:c8:fc:fe:47:e8:8c:87:
4f:8a:60:de:8c:d3:6c:ec:58:c3:b8:bf:2b:db:d7:
87:6c:1e:a2:6f:cb:30:e6:6c:fc:4d:52:ad:72:4e:
4f:7d:10:55:df:9f:da:66:79:7e:01:d5:5e:2d:7c:
2d:cb:d0:5a:6a:c0:76:27:8a:fa:9c:eb:1f:1e:86:
30:9a:3a:6c:5a:fa:2e:5f:ad:ce:4e:3e:33:57:b9:
8b:13:8e:e3:0e:ed:d2:03:01:a1:52:d0:ec:0a:7a:
12:8b:26:ab:72:56:48:22:9c:60:4d:c2:11:fb:cf:
bb:94:96:be:9b:37:d1:7e:b2:13:72:e8:b2:fb:1a:
be:16:db:6d:b5:36:f6:6f:13:3f:cb:80:98:1e:08:
11:1a:22:3d:f1:de:d6:04:12:07:dc:04:ba:04:fd:
ea:18:f8:bb:aa:d8:e7:a8:ce:05:61:a9:a1:27:8f:
7e:2d:a1:5b:aa:dd:2e:8c:a1:77:17:94:89:12:1e:
2b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C3:A5:D6:3A:36:2A:9E:AB:5E:8B:21:95:FC:07:B4:3A:1C:03:F8
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/4sOl1jo2Kp6rXoshlfwHtDocA_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.23.0/24
5.105.44.0/24
5.105.172.0/24
Signature Algorithm: sha256WithRSAEncryption
52:a5:04:3a:40:30:6e:7c:3b:c2:95:32:b4:35:4f:e9:75:4d:
38:e2:42:45:ea:2a:18:2d:6d:3e:dd:c3:5b:35:fc:7e:9e:2f:
9f:1c:e9:5a:d9:93:e7:b9:e1:45:0c:de:4c:ad:b5:d7:36:3d:
66:25:3d:86:47:1c:5b:0a:d1:3d:5e:8a:35:72:15:16:e0:82:
f3:e7:1a:28:53:f8:3b:32:06:03:71:99:4e:4d:54:d0:e2:90:
34:2e:98:1a:44:16:3f:84:18:62:a8:73:bd:ea:2f:c8:6f:04:
95:ac:b9:92:d6:81:9f:84:9a:83:cc:8f:a3:bd:f4:eb:69:11:
49:ec:54:9d:f6:38:b7:49:82:56:1c:42:bf:5c:7d:12:cf:65:
40:ed:2e:e7:22:fe:dd:6b:4b:7c:63:46:4d:f8:3d:df:88:f0:
f6:42:08:c5:c2:2f:e4:94:64:68:0c:9a:cc:2b:f7:56:11:a3:
b0:35:fc:2a:23:b1:5f:4a:f8:37:11:ea:a5:1d:b1:d9:52:53:
28:60:18:23:01:84:c5:27:64:85:f9:36:98:27:77:cd:9f:29:
57:6f:a4:ac:55:87:53:09:55:eb:7f:fd:c1:05:8a:2c:b7:0e:
b3:08:35:b7:84:30:38:19:62:a8:78:d8:b5:12:78:26:88:07:
aa:6f:33:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfbEbNIAcUF2j4Tz8RZLw0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTAyMDYwNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMzYTVkNjNhMzYyYTllYWI1ZThiMjE5NWZjMDdiNDNhMWMwM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtoI8gKFbpajeXzINsAvgoU2CSG1
Wp7WU6ZsONe4sqpjMUF6XjJQFJY2tjgiwmhDf/GQ+2wLrDQjX0bP5Js0DNeoDMj8
/kfojIdPimDejNNs7FjDuL8r29eHbB6ib8sw5mz8TVKtck5PfRBV35/aZnl+AdVe
LXwty9BaasB2J4r6nOsfHoYwmjpsWvouX63OTj4zV7mLE47jDu3SAwGhUtDsCnoS
iyarclZIIpxgTcIR+8+7lJa+mzfRfrITcuiy+xq+FttttTb2bxM/y4CYHggRGiI9
8d7WBBIH3AS6BP3qGPi7qtjnqM4FYamhJ49+LaFbqt0ujKF3F5SJEh4rUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOLDpdY6Niqeq16LIZX8B7Q6HAP4MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvNHNPbDFqbzJLcDZyWG9zaGxmd0h0RG9jQV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkXAwQA
BWksAwQABWmsMA0GCSqGSIb3DQEBCwUAA4IBAQBSpQQ6QDBufDvClTK0NU/pdU04
4kJF6ioYLW0+3cNbNfx+ni+fHOla2ZPnueFFDN5MrbXXNj1mJT2GRxxbCtE9Xoo1
chUW4ILz5xooU/g7MgYDcZlOTVTQ4pA0LpgaRBY/hBhiqHO96i/IbwSVrLmS1oGf
hJqDzI+jvfTraRFJ7FSd9ji3SYJWHEK/XH0Sz2VA7S7nIv7da0t8Y0ZN+D3fiPD2
QgjFwi/klGRoDJrMK/dWEaOwNfwqI7FfSvg3EeqlHbHZUlMoYBgjAYTFJ2SF+TaY
J3fNnylXb6SsVYdTCVXrf/3BBYostw6zCDW3hDA4GWKoeNi1EngmiAeqbzPX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:39 2025 by rpki-client