Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CZXavqkmtofEkUUjkUT1g0VW8-k.roa
File: CZXavqkmtofEkUUjkUT1g0VW8-k.roa (raw, json)
Hash identifier: 1rnlNrSxUYDtCwM07hk0bGCELDY/xrVDOkFlt+Ot4L8=
Subject key identifier: 09:95:DA:BE:A9:26:B6:87:C4:91:45:23:91:44:F5:83:45:56:F3:E9
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186BBD535EBEA601CD76F1184580925FF6D
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CZXavqkmtofEkUUjkUT1g0VW8-k.roa
Signing time: Tue 07 Mar 2023 11:29:17 +0000
ROA not before: Tue 07 Mar 2023 11:29:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 5.105.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bb:d5:35:eb:ea:60:1c:d7:6f:11:84:58:09:25:ff:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 7 11:29:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0995dabea926b687c49145239144f5834556f3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:af:86:3b:ec:aa:73:de:b2:65:53:be:4d:95:
4b:86:26:2f:ec:d3:55:d0:9c:d4:ec:0a:91:e0:75:
f6:08:ee:43:13:be:76:ee:2b:81:35:da:65:3c:ad:
9c:9a:80:da:19:9f:d2:0b:29:f2:63:61:56:38:de:
61:0f:74:4c:4f:a4:55:57:ad:09:50:23:67:37:79:
7e:72:81:04:8b:ad:ce:ee:ba:1a:bc:c6:95:29:61:
40:cd:6f:4b:93:92:78:57:a6:1e:03:6c:20:cb:66:
81:f7:ec:a9:3c:8d:2a:b5:99:41:65:1e:ff:c7:21:
2f:8b:a9:e2:76:e2:ae:3e:f2:a6:ba:33:f7:53:cd:
6b:e0:0c:5c:d1:56:95:eb:f4:01:f5:d1:b0:b6:df:
b1:97:51:d7:34:be:3a:4a:7c:5c:8a:ca:03:31:e4:
4c:f7:99:9c:95:24:23:40:ce:7c:32:59:9b:cb:de:
c6:07:63:53:cf:40:87:40:e5:23:d3:60:6b:1d:72:
b3:62:cf:e5:b2:da:9e:cc:38:c0:2f:39:23:3d:42:
f5:15:25:2d:29:58:4c:dc:b2:51:42:77:1a:1d:73:
63:02:4c:e3:e8:03:b0:1f:1d:dc:77:5b:b7:fe:e9:
bd:87:49:6c:8e:49:d6:02:9b:b9:8f:39:a8:89:a4:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:95:DA:BE:A9:26:B6:87:C4:91:45:23:91:44:F5:83:45:56:F3:E9
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CZXavqkmtofEkUUjkUT1g0VW8-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.10.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:a0:a0:cd:f3:69:e7:c4:d0:a6:a4:c3:59:83:00:4a:e4:44:
b9:8f:dd:fa:a6:ab:e7:59:ae:d7:b9:28:42:f8:04:85:ef:09:
0e:be:88:b2:d3:3e:c7:8d:88:88:cf:ad:8f:b4:39:c5:bc:e2:
93:58:4a:5b:b5:6c:bc:36:4f:cf:64:69:98:43:8f:09:85:45:
79:4b:3d:eb:a0:8d:6e:c3:92:73:60:df:3a:35:8a:55:11:53:
6e:39:5f:57:a3:8d:7b:bf:cc:4d:e7:46:0b:66:cb:f9:a8:ce:
a9:de:65:5f:f4:e5:e0:b9:7b:f5:ca:29:24:a0:3a:ff:01:5c:
09:96:43:94:7e:0d:3d:2f:e2:ea:fd:cd:5a:ea:67:13:4f:65:
8c:5d:6d:5b:33:e3:b2:74:0d:7c:b3:dc:5e:37:3f:09:02:7f:
c8:37:1d:0c:a1:68:ad:13:25:03:d2:37:ce:76:f1:06:a0:11:
76:9d:b9:f6:29:23:53:3a:d3:f6:03:51:5d:61:17:37:63:df:
f6:e5:26:87:4c:20:d5:8b:d7:77:a5:8d:a0:db:3b:d2:e3:5f:
20:dd:47:a2:b8:6d:c1:53:4c:2d:c6:f9:ff:60:7a:07:4e:6e:
5e:31:de:12:70:12:bb:e2:c0:58:b5:17:f8:64:e1:f3:33:4b:
d9:6c:4f:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa71TXr6mAc128RhFgJJf9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzA3MTEyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk1ZGFiZWE5MjZiNjg3YzQ5MTQ1MjM5MTQ0ZjU4MzQ1NTZmM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4K+GO+yqc96yZVO+TZVLhiYv7NNV
0JzU7AqR4HX2CO5DE7527iuBNdplPK2cmoDaGZ/SCynyY2FWON5hD3RMT6RVV60J
UCNnN3l+coEEi63O7roavMaVKWFAzW9Lk5J4V6YeA2wgy2aB9+ypPI0qtZlBZR7/
xyEvi6niduKuPvKmujP3U81r4Axc0VaV6/QB9dGwtt+xl1HXNL46SnxcisoDMeRM
95mclSQjQM58Mlmby97GB2NTz0CHQOUj02BrHXKzYs/lstqezDjALzkjPUL1FSUt
KVhM3LJRQncaHXNjAkzj6AOwHx3cd1u3/um9h0lsjknWApu5jzmoiaTD4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmV2r6pJraHxJFFI5FE9YNFVvPpMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQ1pYYXZxa210b2ZFa1VVamtVVDFnMFZXOC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkKMA0G
CSqGSIb3DQEBCwUAA4IBAQDJoKDN82nnxNCmpMNZgwBK5ES5j936pqvnWa7XuShC
+ASF7wkOvoiy0z7HjYiIz62PtDnFvOKTWEpbtWy8Nk/PZGmYQ48JhUV5Sz3roI1u
w5JzYN86NYpVEVNuOV9Xo417v8xN50YLZsv5qM6p3mVf9OXguXv1yikkoDr/AVwJ
lkOUfg09L+Lq/c1a6mcTT2WMXW1bM+OydA18s9xeNz8JAn/INx0MoWitEyUD0jfO
dvEGoBF2nbn2KSNTOtP2A1FdYRc3Y9/25SaHTCDVi9d3pY2g2zvS418g3UeiuG3B
U0wtxvn/YHoHTm5eMd4ScBK74sBYtRf4ZOHzM0vZbE/m
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:25 2025 by rpki-client