Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EIHTzWQoHK433uPGqRsO7s_82iY.roa
File: EIHTzWQoHK433uPGqRsO7s_82iY.roa (raw, json)
Hash identifier: WNDNePxJKrRbyzZt8YZZ6BqDtqPAle8SGW8QPYfMSYY=
Subject key identifier: 10:81:D3:CD:64:28:1C:AE:37:DE:E3:C6:A9:1B:0E:EE:CF:FC:DA:26
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A4FBEE2DC6363E1C7104692D89E9A7690
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EIHTzWQoHK433uPGqRsO7s_82iY.roa
Signing time: Fri 01 Sep 2023 07:57:04 +0000
ROA not before: Fri 01 Sep 2023 07:57:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 5.105.22.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:be:e2:dc:63:63:e1:c7:10:46:92:d8:9e:9a:76:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 1 07:57:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1081d3cd64281cae37dee3c6a91b0eeecffcda26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:a3:ec:95:52:3d:b5:07:45:e9:66:45:20:
0d:8b:4b:d0:d7:2e:0e:16:0e:8e:ad:04:bb:37:90:
0d:99:b7:5a:26:ff:35:66:51:a9:b5:cd:ba:64:55:
a2:a2:80:04:16:8d:7d:46:53:5e:65:a4:a2:78:15:
21:2f:17:b5:6b:c1:22:80:d6:85:5b:5a:38:83:9a:
46:73:a8:15:3d:59:ba:5c:f0:29:2d:79:7e:1d:02:
ca:94:ba:71:ed:96:37:eb:95:db:01:b5:ff:d9:c3:
0d:92:6a:ec:bd:ab:aa:14:6d:3f:62:39:90:cb:54:
48:79:5e:26:78:64:f7:f7:c3:dc:3d:1d:03:f9:06:
a1:16:7c:bc:d4:09:1f:98:15:b5:91:4c:b6:60:ef:
b7:90:30:b4:b1:fb:97:2e:7a:bc:3b:da:cc:a1:bf:
b0:c7:82:f1:29:9d:e2:a6:00:61:65:7a:b1:dc:e7:
49:17:24:dc:00:7c:4b:0c:57:e7:d1:28:17:2e:c4:
e6:46:14:7c:65:45:90:d6:e5:21:b4:79:96:32:59:
f0:d6:57:08:d1:a5:b7:59:34:31:ec:12:3c:0d:d4:
79:ba:01:24:8d:70:6b:14:19:45:42:ec:9c:58:a3:
62:83:a9:3a:ff:22:36:44:82:aa:6a:d2:d9:90:49:
14:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:81:D3:CD:64:28:1C:AE:37:DE:E3:C6:A9:1B:0E:EE:CF:FC:DA:26
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EIHTzWQoHK433uPGqRsO7s_82iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.3.0/24
5.105.22.0/24
5.105.142.0/24
5.105.207.0/24
Signature Algorithm: sha256WithRSAEncryption
67:93:66:37:cf:67:f5:35:13:16:61:83:8a:6f:cc:6a:4d:a6:
4f:5d:43:65:7d:75:a5:41:73:51:5e:40:6c:82:9b:be:0a:dd:
b2:e4:45:61:24:a3:5b:ce:84:97:24:92:1b:2a:d9:d2:dd:38:
2f:8e:9c:ce:9a:c2:a4:55:7b:0a:50:71:4e:73:fd:d0:bf:c4:
7d:89:56:a9:58:76:90:34:42:a8:27:8f:42:14:61:74:f7:3b:
c7:34:d4:df:65:5a:85:ff:15:31:91:65:d5:02:b6:da:5e:3c:
d1:24:fa:1f:03:2b:03:b6:81:cf:5b:ca:45:73:7a:d4:22:20:
61:8d:52:59:04:7a:be:b7:01:3a:50:cb:48:7b:84:0b:78:25:
aa:1e:87:ee:44:28:69:3c:d3:4a:fc:a7:9f:29:05:4d:8c:8c:
e4:0b:ab:c9:5f:53:3f:7d:cb:a7:c6:07:4a:92:72:9f:44:a4:
c2:c5:24:08:d1:5d:3f:bb:f9:de:be:b2:2d:01:b2:12:ae:b5:
30:03:f4:b2:e1:02:f9:7a:d1:48:5c:c7:18:5f:b3:f0:1d:0b:
ae:c8:56:29:bd:85:79:ad:01:7a:7a:b0:21:0d:dc:22:61:5e:
cf:71:b6:7c:d5:f7:c1:ee:75:1a:0c:50:8d:3d:05:02:a3:8b:
b1:ae:15:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpPvuLcY2PhxxBGktiemnaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTAxMDc1NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDgxZDNjZDY0MjgxY2FlMzdkZWUzYzZhOTFiMGVlZWNmZmNkYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYGj7JVSPbUHRelmRSANi0vQ1y4O
Fg6OrQS7N5ANmbdaJv81ZlGptc26ZFWiooAEFo19RlNeZaSieBUhLxe1a8EigNaF
W1o4g5pGc6gVPVm6XPApLXl+HQLKlLpx7ZY365XbAbX/2cMNkmrsvauqFG0/YjmQ
y1RIeV4meGT398PcPR0D+QahFny81AkfmBW1kUy2YO+3kDC0sfuXLnq8O9rMob+w
x4LxKZ3ipgBhZXqx3OdJFyTcAHxLDFfn0SgXLsTmRhR8ZUWQ1uUhtHmWMlnw1lcI
0aW3WTQx7BI8DdR5ugEkjXBrFBlFQuycWKNig6k6/yI2RIKqatLZkEkUIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBCB081kKByuN97jxqkbDu7P/NomMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRUlIVHpXUW9ISzQzM3VQR3FSc083c184MmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWkDAwQA
BWkWAwQABWmOAwQABWnPMA0GCSqGSIb3DQEBCwUAA4IBAQBnk2Y3z2f1NRMWYYOK
b8xqTaZPXUNlfXWlQXNRXkBsgpu+Ct2y5EVhJKNbzoSXJJIbKtnS3TgvjpzOmsKk
VXsKUHFOc/3Qv8R9iVapWHaQNEKoJ49CFGF09zvHNNTfZVqF/xUxkWXVArbaXjzR
JPofAysDtoHPW8pFc3rUIiBhjVJZBHq+twE6UMtIe4QLeCWqHofuRChpPNNK/Kef
KQVNjIzkC6vJX1M/fcunxgdKknKfRKTCxSQI0V0/u/nevrItAbISrrUwA/Sy4QL5
etFIXMcYX7PwHQuuyFYpvYV5rQF6erAhDdwiYV7PcbZ81ffB7nUaDFCNPQUCo4ux
rhWq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:02 2025 by rpki-client