Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CQf0vw20QJ-Xb6iHUeRaGNpdVYo.roa
File: CQf0vw20QJ-Xb6iHUeRaGNpdVYo.roa (raw, json)
Hash identifier: 8PozKF1owBkYEop8i8qiTBeXKWd7tdIk2hFmivTXxAA=
Subject key identifier: 09:07:F4:BF:0D:B4:40:9F:97:6F:A8:87:51:E4:5A:18:DA:5D:55:8A
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189B0D79D44CC94FAF34CD77A9C78A140AB
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CQf0vw20QJ-Xb6iHUeRaGNpdVYo.roa
Signing time: Tue 01 Aug 2023 11:24:27 +0000
ROA not before: Tue 01 Aug 2023 11:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.138.0/24 maxlen: 24
5.105.205.0/24 maxlen: 24
5.105.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:d7:9d:44:cc:94:fa:f3:4c:d7:7a:9c:78:a1:40:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 1 11:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0907f4bf0db4409f976fa88751e45a18da5d558a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a3:a5:66:aa:1d:14:b1:99:cf:75:ba:71:9c:
5c:33:58:a8:f6:6a:a2:33:f2:33:69:15:18:25:1e:
2c:c8:40:9e:62:fd:32:29:04:98:d3:a0:69:fd:24:
2d:76:9f:56:86:88:9b:8b:48:51:0a:ee:b8:06:49:
b6:81:95:2c:6b:da:80:43:46:bc:d8:49:80:d6:02:
bb:d6:1b:43:3f:86:ba:5c:b5:c5:f8:53:29:43:33:
f5:34:ac:59:07:58:78:e4:26:8c:d6:a8:ec:a9:57:
53:c5:54:3e:be:10:f3:5b:98:bf:d4:fa:b0:70:a7:
b2:7e:48:27:73:48:ab:61:98:2e:0c:65:7b:f6:29:
91:d2:77:8c:c3:c5:1a:3b:06:0d:17:fd:67:9d:a8:
3b:1c:51:eb:48:7e:70:db:db:d8:88:fe:59:3c:89:
9b:55:aa:9c:5c:7a:85:af:e1:4c:81:e3:af:58:b2:
98:00:93:8d:25:a8:23:72:35:0b:95:11:dd:14:6b:
23:cd:f5:3e:98:5b:38:a2:6a:33:a2:38:4d:4e:47:
b0:1a:1c:c3:e8:5a:e1:5c:67:0c:77:41:99:f5:5c:
e6:9b:47:98:ef:e4:4d:e6:4d:24:ca:4b:d9:80:20:
61:73:3c:7f:fa:15:9d:ad:2b:1b:20:78:ef:cb:30:
e5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:07:F4:BF:0D:B4:40:9F:97:6F:A8:87:51:E4:5A:18:DA:5D:55:8A
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CQf0vw20QJ-Xb6iHUeRaGNpdVYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.107.0/24
5.105.138.0/24
5.105.205.0/24
Signature Algorithm: sha256WithRSAEncryption
80:63:ac:8c:84:2a:7c:bc:90:d7:7c:84:89:6f:fe:50:08:1c:
4c:ec:6e:c6:8d:46:4e:de:72:33:92:c3:3b:8d:e6:5a:73:bc:
9b:03:24:8f:d9:82:5f:44:e2:24:d4:af:8f:97:bf:ae:da:33:
22:0d:3d:0b:e4:c7:0d:31:ad:fb:3b:ef:8c:5b:26:12:b1:b0:
25:58:cb:65:2b:3c:89:7c:29:b4:f5:b3:2b:fa:5b:4d:bb:0d:
c2:25:02:f5:0c:f4:5d:f3:34:96:84:26:7f:d6:05:43:4b:16:
e4:61:d5:0b:3f:7a:86:b5:d8:0b:1a:7b:aa:3e:a0:7d:b9:41:
92:34:6b:19:48:c4:70:37:41:2a:ca:6f:14:34:0d:14:3b:23:
55:34:6f:cd:d5:78:97:c5:ec:a7:5b:e1:c3:bf:83:00:91:99:
c9:96:92:f1:e1:ce:d4:3e:84:91:9e:3c:73:58:b6:e4:ed:83:
34:07:c6:6e:22:fe:d8:96:26:cb:29:a0:c1:d7:79:bb:ff:c3:
9f:a6:83:8a:70:58:5a:15:aa:9d:a8:09:f1:36:17:f4:7f:f7:
73:1f:90:04:63:33:df:e5:a8:05:d4:22:0a:89:c6:e6:f7:2e:
ac:64:97:a6:8c:89:3c:0d:4b:48:e5:22:fc:21:b0:a2:e7:6d:
06:73:62:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmw151EzJT680zXepx4oUCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODAxMTEyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA3ZjRiZjBkYjQ0MDlmOTc2ZmE4ODc1MWU0NWExOGRhNWQ1NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKOlZqodFLGZz3W6cZxcM1io9mqi
M/IzaRUYJR4syECeYv0yKQSY06Bp/SQtdp9Whoibi0hRCu64Bkm2gZUsa9qAQ0a8
2EmA1gK71htDP4a6XLXF+FMpQzP1NKxZB1h45CaM1qjsqVdTxVQ+vhDzW5i/1Pqw
cKeyfkgnc0irYZguDGV79imR0neMw8UaOwYNF/1nnag7HFHrSH5w29vYiP5ZPImb
VaqcXHqFr+FMgeOvWLKYAJONJagjcjULlRHdFGsjzfU+mFs4omozojhNTkewGhzD
6FrhXGcMd0GZ9Vzmm0eY7+RN5k0kykvZgCBhczx/+hWdrSsbIHjvyzDlRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAkH9L8NtECfl2+oh1HkWhjaXVWKMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQ1FmMHZ3MjBRSi1YYjZpSFVlUmFHTnBkVllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWlrAwQA
BWmKAwQABWnNMA0GCSqGSIb3DQEBCwUAA4IBAQCAY6yMhCp8vJDXfISJb/5QCBxM
7G7GjUZO3nIzksM7jeZac7ybAySP2YJfROIk1K+Pl7+u2jMiDT0L5McNMa37O++M
WyYSsbAlWMtlKzyJfCm09bMr+ltNuw3CJQL1DPRd8zSWhCZ/1gVDSxbkYdULP3qG
tdgLGnuqPqB9uUGSNGsZSMRwN0Eqym8UNA0UOyNVNG/N1XiXxeynW+HDv4MAkZnJ
lpLx4c7UPoSRnjxzWLbk7YM0B8ZuIv7YlibLKaDB13m7/8OfpoOKcFhaFaqdqAnx
Nhf0f/dzH5AEYzPf5agF1CIKicbm9y6sZJemjIk8DUtI5SL8IbCi520Gc2KO
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:41:58 2025 by rpki-client