Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CaHPRlp6e99rL7uKaXpOic5iiiQ.roa
File: CaHPRlp6e99rL7uKaXpOic5iiiQ.roa (raw, json)
Hash identifier: C3KkNyi1eJaJteTNl9nEKB9r+d4yiKdPrGw814zQkGE=
Subject key identifier: 09:A1:CF:46:5A:7A:7B:DF:6B:2F:BB:8A:69:7A:4E:89:CE:62:8A:24
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189541E30C8C38A53C00C9D0904E21FFD2A
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CaHPRlp6e99rL7uKaXpOic5iiiQ.roa
Signing time: Fri 14 Jul 2023 11:16:51 +0000
ROA not before: Fri 14 Jul 2023 11:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207084
IP address blocks: 5.105.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:1e:30:c8:c3:8a:53:c0:0c:9d:09:04:e2:1f:fd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 14 11:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09a1cf465a7a7bdf6b2fbb8a697a4e89ce628a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e7:c7:c2:4b:7e:17:1e:32:23:4b:94:8f:9a:
e7:24:f7:62:c5:88:6a:82:fc:a2:76:e1:7d:de:17:
43:bd:69:a5:25:7a:e6:b1:02:0c:d4:f5:74:45:70:
0e:da:13:04:7c:d2:49:bc:91:fb:6d:95:5b:89:39:
e3:0d:8e:5b:69:8a:ff:50:ad:ed:1a:05:30:f0:33:
18:ff:ee:9d:03:af:0f:c5:0d:35:9b:9a:d9:a8:44:
8b:b1:61:62:b4:74:3e:a9:fa:19:c9:90:6e:10:bc:
cb:b3:6a:4e:a4:7e:08:6a:6f:aa:22:ba:ad:e8:c2:
f3:4b:4d:59:2d:12:b8:4f:84:26:78:00:f7:64:f5:
c7:a7:e9:41:eb:90:fc:f7:b6:b4:5f:5f:7b:27:72:
29:7a:08:bd:65:50:06:e1:b5:ba:34:f9:f7:f5:84:
3a:ed:2f:b9:7f:07:53:11:22:72:e5:d0:d8:fe:5e:
d8:8e:db:1c:cc:17:c3:f2:ed:1d:0b:f1:c6:66:3d:
6e:de:af:83:b2:0d:31:8b:63:6c:1e:ad:c5:95:d0:
06:aa:28:56:0a:7b:29:ae:c3:44:13:ef:c6:42:22:
d9:d1:9f:cf:0d:43:4c:d7:cc:0f:c7:57:df:84:0b:
14:80:29:4c:71:e0:fd:5c:95:81:26:2b:29:d9:88:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A1:CF:46:5A:7A:7B:DF:6B:2F:BB:8A:69:7A:4E:89:CE:62:8A:24
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CaHPRlp6e99rL7uKaXpOic5iiiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.69.0/24
Signature Algorithm: sha256WithRSAEncryption
98:31:96:50:04:ff:7c:6e:fe:b9:f2:08:08:a2:1f:8c:1e:4a:
8b:21:73:5d:4b:5a:88:a5:bb:2d:03:eb:ca:0d:34:16:a6:c8:
56:9e:7c:71:c8:19:d3:bd:51:3a:b5:a4:08:7d:59:79:4f:82:
78:41:f3:d7:88:0d:e2:8f:69:83:06:f9:a7:44:48:3e:95:db:
c2:b8:48:2b:4f:81:09:95:59:19:7b:de:9a:c7:61:f1:76:28:
6f:75:ec:02:27:37:8d:dd:11:3a:78:b1:f2:0d:e2:04:63:6b:
34:f0:71:04:83:41:b5:bb:5d:28:61:0e:14:bd:45:f7:fa:f9:
2b:1c:54:6e:24:5b:e2:ab:e9:11:1a:34:da:c5:44:08:10:1e:
1f:88:5d:03:75:39:39:9b:60:80:76:37:ca:ed:b6:1f:bb:cb:
6c:87:35:db:f5:53:ec:52:13:43:c7:d9:fa:49:12:71:d0:2b:
ac:cb:01:c4:c0:36:32:8a:ef:44:bf:73:d0:86:f6:54:13:1c:
cb:d6:f8:e6:d0:65:9b:2f:58:b5:be:52:17:22:2c:ba:11:eb:
d7:e4:f6:54:27:2b:91:c7:81:16:61:4b:60:03:9e:35:0d:2d:
c2:c7:1b:e2:eb:a9:63:2c:88:aa:4e:4d:6f:2d:97:26:55:6a:
d8:f5:08:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlUHjDIw4pTwAydCQTiH/0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzE0MTExNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWExY2Y0NjVhN2E3YmRmNmIyZmJiOGE2OTdhNGU4OWNlNjI4YTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+fHwkt+Fx4yI0uUj5rnJPdixYhq
gvyiduF93hdDvWmlJXrmsQIM1PV0RXAO2hMEfNJJvJH7bZVbiTnjDY5baYr/UK3t
GgUw8DMY/+6dA68PxQ01m5rZqESLsWFitHQ+qfoZyZBuELzLs2pOpH4Iam+qIrqt
6MLzS01ZLRK4T4QmeAD3ZPXHp+lB65D897a0X197J3Ipegi9ZVAG4bW6NPn39YQ6
7S+5fwdTESJy5dDY/l7YjtsczBfD8u0dC/HGZj1u3q+Dsg0xi2NsHq3FldAGqihW
CnsprsNEE+/GQiLZ0Z/PDUNM18wPx1ffhAsUgClMceD9XJWBJisp2YjCaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmhz0Zaenvfay+7iml6TonOYookMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQ2FIUFJscDZlOTlyTDd1S2FYcE9pYzVpaWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWlFMA0G
CSqGSIb3DQEBCwUAA4IBAQCYMZZQBP98bv658ggIoh+MHkqLIXNdS1qIpbstA+vK
DTQWpshWnnxxyBnTvVE6taQIfVl5T4J4QfPXiA3ij2mDBvmnREg+ldvCuEgrT4EJ
lVkZe96ax2HxdihvdewCJzeN3RE6eLHyDeIEY2s08HEEg0G1u10oYQ4UvUX3+vkr
HFRuJFviq+kRGjTaxUQIEB4fiF0DdTk5m2CAdjfK7bYfu8tshzXb9VPsUhNDx9n6
SRJx0CusywHEwDYyiu9Ev3PQhvZUExzL1vjm0GWbL1i1vlIXIiy6EevX5PZUJyuR
x4EWYUtgA541DS3Cxxvi66ljLIiqTk1vLZcmVWrY9Qga
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:08 2025 by rpki-client