Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/HAgzvwcvodKWMdiwvVdqJKOcMUY.roa
File: HAgzvwcvodKWMdiwvVdqJKOcMUY.roa (raw, json)
Hash identifier: e8T2+qspGEENcqxtT2ot8Vfw/A9G3CXw5OHI+auXiSU=
Subject key identifier: 1C:08:33:BF:07:2F:A1:D2:96:31:D8:B0:BD:57:6A:24:A3:9C:31:46
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018902824178A6F609706F2AFD2B5FA5FF75
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/HAgzvwcvodKWMdiwvVdqJKOcMUY.roa
Signing time: Wed 28 Jun 2023 14:57:18 +0000
ROA not before: Wed 28 Jun 2023 14:57:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:82:41:78:a6:f6:09:70:6f:2a:fd:2b:5f:a5:ff:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 28 14:57:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c0833bf072fa1d29631d8b0bd576a24a39c3146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:de:02:bd:e3:d1:a3:ac:db:4e:96:cf:51:53:
5b:e7:12:58:9a:32:ab:78:c4:5c:b3:d5:95:36:c6:
cd:b5:be:d7:82:9d:eb:a7:b0:9a:35:39:58:ca:6e:
24:99:84:88:95:eb:2a:26:2b:8b:10:b0:c8:3c:45:
96:a1:9e:d1:c2:fc:82:ce:02:5d:9b:30:d8:e0:f2:
e1:87:5e:de:bd:f1:33:01:41:fe:b1:d5:24:6b:2c:
02:cb:30:8f:46:6a:97:ac:a2:90:44:7b:b4:83:22:
69:90:26:1a:55:7f:be:83:42:88:cc:52:9b:75:0f:
10:0f:3a:a1:15:4d:ee:57:ce:a6:69:e9:fc:a5:f8:
41:ba:4b:c1:00:9d:6e:10:33:78:3f:ab:97:c3:b7:
d6:11:bc:4b:3d:c4:d1:17:d1:f8:0e:ed:46:42:e8:
cb:be:a9:98:9a:83:dd:cd:f3:80:28:85:ad:4a:9c:
25:00:e8:32:ac:7c:8f:3f:90:46:d2:63:75:c4:a5:
f8:83:76:b0:cc:ec:6e:65:26:b7:2d:d4:cd:90:d4:
5f:c5:ea:1f:95:08:2a:6e:8f:89:b9:42:fe:60:02:
51:61:bb:76:20:13:e8:2c:da:1a:35:4c:6a:d5:db:
f5:f9:ba:f3:56:e7:71:3f:5d:58:89:09:db:c1:0a:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:08:33:BF:07:2F:A1:D2:96:31:D8:B0:BD:57:6A:24:A3:9C:31:46
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/HAgzvwcvodKWMdiwvVdqJKOcMUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.33.0/24
5.105.43.0/24
5.105.50.0/24
5.105.57.0/24
5.105.81.0/24
5.105.96.0/24
5.105.168.0/24
Signature Algorithm: sha256WithRSAEncryption
94:97:ff:84:d5:1f:84:f2:a3:87:60:41:69:d4:c5:66:d9:dd:
62:6d:9a:5e:12:4c:7b:02:49:1b:01:6d:b7:7d:8a:43:7a:0a:
4f:56:db:ff:6e:39:a0:c0:cc:a5:5f:66:d6:6a:1c:4b:3a:6b:
47:03:aa:d6:26:5f:58:67:42:fe:1f:5c:3f:dd:cd:a7:5e:6d:
f6:fc:ba:60:f0:01:0a:cb:04:c2:d8:97:0c:48:22:bb:70:2f:
04:1a:41:de:de:44:69:ba:f1:0c:93:b1:db:7b:43:7f:54:82:
e1:60:f0:d2:6a:01:eb:5c:7e:4c:26:4f:76:82:f5:0e:88:df:
9a:63:f6:52:0a:03:99:70:96:2c:b2:f9:26:89:79:cd:0e:ba:
31:cc:72:96:06:24:61:73:63:48:e2:3d:6b:c7:4d:9f:d1:15:
48:f0:61:97:09:37:e0:81:3e:25:36:2e:3e:a2:d3:c0:5e:74:
8e:97:0e:ca:3c:e9:34:c9:c0:cc:86:88:e9:a4:fe:a9:79:6a:
ba:87:67:71:ed:42:e3:8d:5d:51:ef:0c:13:ad:ce:a6:da:14:
a2:0b:d8:d1:0f:13:c7:43:ba:b9:a3:21:a3:86:71:a6:1c:4f:
a8:b7:18:ec:b0:5b:aa:68:4c:2d:0f:5f:98:9a:9f:55:89:8a:
c8:5d:87:07
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYkCgkF4pvYJcG8q/Stfpf91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjI4MTQ1NzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzA4MzNiZjA3MmZhMWQyOTYzMWQ4YjBiZDU3NmEyNGEzOWMzMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd4CvePRo6zbTpbPUVNb5xJYmjKr
eMRcs9WVNsbNtb7Xgp3rp7CaNTlYym4kmYSIlesqJiuLELDIPEWWoZ7RwvyCzgJd
mzDY4PLhh17evfEzAUH+sdUkaywCyzCPRmqXrKKQRHu0gyJpkCYaVX++g0KIzFKb
dQ8QDzqhFU3uV86maen8pfhBukvBAJ1uEDN4P6uXw7fWEbxLPcTRF9H4Du1GQujL
vqmYmoPdzfOAKIWtSpwlAOgyrHyPP5BG0mN1xKX4g3awzOxuZSa3LdTNkNRfxeof
lQgqbo+JuUL+YAJRYbt2IBPoLNoaNUxq1dv1+brzVudxP11YiQnbwQrPSQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBwIM78HL6HSljHYsL1XaiSjnDFGMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSEFnenZ3Y3ZvZEtXTWRpd3ZWZHFKS09jTVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBWkYAwQA
BWkhAwQABWkrAwQABWkyAwQABWk5AwQABWlRAwQABWlgAwQABWmoMA0GCSqGSIb3
DQEBCwUAA4IBAQCUl/+E1R+E8qOHYEFp1MVm2d1ibZpeEkx7AkkbAW23fYpDegpP
Vtv/bjmgwMylX2bWahxLOmtHA6rWJl9YZ0L+H1w/3c2nXm32/Lpg8AEKywTC2JcM
SCK7cC8EGkHe3kRpuvEMk7Hbe0N/VILhYPDSagHrXH5MJk92gvUOiN+aY/ZSCgOZ
cJYssvkmiXnNDroxzHKWBiRhc2NI4j1rx02f0RVI8GGXCTfggT4lNi4+otPAXnSO
lw7KPOk0ycDMhojppP6peWq6h2dx7ULjjV1R7wwTrc6m2hSiC9jRDxPHQ7q5oyGj
hnGmHE+otxjssFuqaEwtD1+Ymp9ViYrIXYcH
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:00 2025 by rpki-client