Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/AXOW0t6K9JdCnu0Y6bRlfRN5e9s.roa
File: AXOW0t6K9JdCnu0Y6bRlfRN5e9s.roa (raw, json)
Hash identifier: ZtZ5BI13wELZQvW+X2OFr1hjLIJ/s4F4/MhCpXMmQbw=
Subject key identifier: 01:73:96:D2:DE:8A:F4:97:42:9E:ED:18:E9:B4:65:7D:13:79:7B:DB
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187BC82CEDB07C0CD30E5BC75F4E35A2F42
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/AXOW0t6K9JdCnu0Y6bRlfRN5e9s.roa
Signing time: Wed 26 Apr 2023 07:41:41 +0000
ROA not before: Wed 26 Apr 2023 07:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 5.105.36.0/24 maxlen: 24
5.105.37.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:82:ce:db:07:c0:cd:30:e5:bc:75:f4:e3:5a:2f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 26 07:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017396d2de8af497429eed18e9b4657d13797bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b5:f4:f0:a5:df:17:4d:65:cf:ad:29:c3:d6:
0b:34:89:f9:2f:9d:c6:f1:dd:45:1e:a7:6d:65:b7:
a5:11:d2:3f:d4:ae:fb:c2:3b:a3:e3:63:13:00:27:
05:1f:ff:6d:66:c3:24:63:8b:8c:70:00:0c:82:28:
c7:42:28:c6:c3:fc:14:96:a8:5b:70:ed:78:74:d2:
e6:66:b7:e0:12:88:cb:a5:43:ac:e3:65:3e:d6:b6:
dd:b3:79:dc:d5:32:e0:1b:b7:5b:37:95:1b:07:73:
c1:ce:a8:d8:81:42:07:6c:db:97:d4:7e:9d:45:b8:
5c:87:9c:1f:61:ab:fe:72:26:81:8f:aa:6f:b6:bd:
ec:d2:cf:82:04:fc:cb:6b:cb:62:7c:e7:78:53:ea:
6b:b5:69:15:5d:8f:2d:c8:1b:31:13:f2:37:5f:f4:
fa:ba:cf:b2:82:0a:55:a3:1e:53:c0:a3:e0:60:62:
1b:22:61:eb:57:f6:bb:d1:b2:71:98:57:3e:b0:53:
73:5f:5f:e4:51:41:de:a0:60:22:54:0b:5b:6d:f8:
a0:21:74:91:78:25:17:d8:5a:c0:1f:ed:7e:9e:11:
72:17:42:5b:8f:ae:b7:83:0c:72:73:55:aa:f9:0b:
01:ea:4d:ab:2d:d6:59:4b:3c:9c:98:75:a8:72:84:
59:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:73:96:D2:DE:8A:F4:97:42:9E:ED:18:E9:B4:65:7D:13:79:7B:DB
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/AXOW0t6K9JdCnu0Y6bRlfRN5e9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.32.0/24
5.105.36.0/23
5.105.76.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d7:e6:62:c0:e2:d8:63:e3:de:69:fd:74:81:89:f8:a0:c0:
a2:9f:05:02:b6:13:9d:5c:99:47:46:c8:d8:79:79:48:f7:32:
6d:2a:4a:4e:26:4f:2d:e8:b2:d3:20:64:ac:76:a9:88:31:88:
7b:b2:23:1c:1d:a0:4d:fb:b3:83:54:53:a2:d5:1e:3c:55:8f:
bb:f0:59:ff:61:4d:2b:2f:78:bc:05:d1:4c:d3:f6:c3:e8:5a:
ab:c9:a3:a1:bf:fe:76:8e:93:a0:c0:d0:ae:ba:a3:f5:26:a6:
05:51:40:85:98:9d:d4:08:41:ed:8c:ad:87:c9:c8:a1:5e:a8:
1b:f8:de:eb:f7:0c:96:0f:f8:a7:8f:ba:98:5d:04:3a:8f:19:
24:9f:89:1a:f3:7d:7e:7b:b0:c2:1c:16:2d:b1:c0:75:7a:a8:
3d:bf:f2:88:8d:82:b4:8d:bd:2e:c2:45:a8:e2:14:28:c2:54:
66:26:5a:b3:cb:30:70:02:bc:b6:9d:0b:f2:e1:c4:5b:a6:08:
80:2c:1a:79:1b:c8:24:6a:6b:a9:f8:c6:d8:0b:02:38:b3:d2:
45:28:9a:3e:21:75:36:8d:08:8f:bb:c1:c0:67:f8:df:18:fd:
5a:56:a6:77:1b:02:3a:16:6b:0a:c9:5c:b5:a5:c7:65:e4:47:
82:f1:9e:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYe8gs7bB8DNMOW8dfTjWi9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDI2MDc0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTczOTZkMmRlOGFmNDk3NDI5ZWVkMThlOWI0NjU3ZDEzNzk3YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrX08KXfF01lz60pw9YLNIn5L53G
8d1FHqdtZbelEdI/1K77wjuj42MTACcFH/9tZsMkY4uMcAAMgijHQijGw/wUlqhb
cO14dNLmZrfgEojLpUOs42U+1rbds3nc1TLgG7dbN5UbB3PBzqjYgUIHbNuX1H6d
Rbhch5wfYav+ciaBj6pvtr3s0s+CBPzLa8tifOd4U+prtWkVXY8tyBsxE/I3X/T6
us+yggpVox5TwKPgYGIbImHrV/a70bJxmFc+sFNzX1/kUUHeoGAiVAtbbfigIXSR
eCUX2FrAH+1+nhFyF0Jbj663gwxyc1Wq+QsB6k2rLdZZSzycmHWocoRZ2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAFzltLeivSXQp7tGOm0ZX0TeXvbMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQVhPVzB0Nks5SmRDbnUwWTZiUmxmUk41ZTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkgAwQB
BWkkAwQABWlMMA0GCSqGSIb3DQEBCwUAA4IBAQCh1+ZiwOLYY+Peaf10gYn4oMCi
nwUCthOdXJlHRsjYeXlI9zJtKkpOJk8t6LLTIGSsdqmIMYh7siMcHaBN+7ODVFOi
1R48VY+78Fn/YU0rL3i8BdFM0/bD6FqryaOhv/52jpOgwNCuuqP1JqYFUUCFmJ3U
CEHtjK2HycihXqgb+N7r9wyWD/inj7qYXQQ6jxkkn4ka831+e7DCHBYtscB1eqg9
v/KIjYK0jb0uwkWo4hQowlRmJlqzyzBwAry2nQvy4cRbpgiALBp5G8gkamup+MbY
CwI4s9JFKJo+IXU2jQiPu8HAZ/jfGP1aVqZ3GwI6FmsKyVy1pcdl5EeC8Z79
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:25:52 2025 by rpki-client