Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/HUzJIl7IKXal03zkuj19dzgvBc0.roa
File: HUzJIl7IKXal03zkuj19dzgvBc0.roa (raw, json)
Hash identifier: tUMpg022wV4skeeqn+UUa9q1tVvKqRy7gU1NtPUU61k=
Subject key identifier: 1D:4C:C9:22:5E:C8:29:76:A5:D3:7C:E4:BA:3D:7D:77:38:2F:05:CD
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01889AE1DA2E3817F7A92BFA5BE1D269EF36
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/HUzJIl7IKXal03zkuj19dzgvBc0.roa
Signing time: Thu 08 Jun 2023 12:01:12 +0000
ROA not before: Thu 08 Jun 2023 12:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207084
IP address blocks: 5.105.49.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:e1:da:2e:38:17:f7:a9:2b:fa:5b:e1:d2:69:ef:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 8 12:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d4cc9225ec82976a5d37ce4ba3d7d77382f05cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f2:97:17:b8:fd:28:74:83:91:68:cb:06:49:
6b:df:0d:ee:cc:2a:fa:c3:ed:cd:ea:f5:06:df:19:
66:65:19:34:a2:c9:f2:19:63:c4:ad:c9:d9:f1:60:
2a:89:5e:56:85:be:25:19:c1:79:30:9f:09:3d:8d:
f6:85:0a:6c:9f:48:2a:7a:d6:91:89:e0:26:29:67:
6d:25:bf:44:0a:a1:bc:fe:1a:04:56:e6:09:fc:d9:
55:83:e6:11:d2:e3:1a:de:1e:60:de:b2:96:fd:12:
14:b2:fe:e4:67:bb:3b:84:42:3d:73:b2:99:20:f0:
b6:45:58:f2:8c:b3:2f:d3:73:20:06:d5:da:15:36:
62:e6:c6:1d:82:05:b2:49:5e:23:8d:c4:4a:ec:7b:
f0:64:53:96:8c:f7:0d:e7:8e:ea:6f:0e:02:07:2c:
91:27:a6:8b:f9:e4:c1:0b:db:56:d2:82:ac:6c:05:
9d:81:4d:06:bd:07:d2:4c:05:ab:09:e2:20:f8:e2:
e6:e3:ad:5c:4b:4f:7d:a4:41:47:f6:b6:cb:47:cd:
66:ca:7d:56:1e:5a:5c:b8:bd:8d:8f:ba:1f:06:f2:
c5:df:4b:d0:af:93:99:e8:e4:bf:2c:60:3f:96:f5:
53:36:68:be:cd:15:93:f0:85:f1:91:22:e5:6a:a4:
c8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4C:C9:22:5E:C8:29:76:A5:D3:7C:E4:BA:3D:7D:77:38:2F:05:CD
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/HUzJIl7IKXal03zkuj19dzgvBc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.49.0/24
5.105.69.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:f7:9e:91:9b:e3:28:0b:34:12:df:80:a9:c9:fe:3e:f1:e3:
a4:cb:5f:87:1e:28:83:ab:95:ce:68:02:b2:3c:52:b2:5f:3a:
cf:c2:38:ad:eb:7f:ad:c9:a9:22:2e:90:66:ea:4f:4c:53:27:
82:14:57:67:3a:1c:e2:2f:ae:b9:0d:af:1a:0e:75:9f:42:e8:
a9:3e:dd:2c:f6:2e:71:2c:e3:9c:09:38:bd:9c:98:e2:91:9a:
95:cf:89:81:77:0b:57:70:0c:fd:f9:9c:f5:50:f5:ae:52:f7:
4b:60:36:7a:0a:c7:16:f5:4a:fc:e2:fe:8d:a5:8e:c7:c6:56:
d8:5c:ac:45:07:96:c1:64:85:9b:e3:e8:92:83:ae:a0:26:b8:
d9:da:09:70:62:49:42:bc:91:53:78:d5:0c:16:f3:ee:78:2c:
35:1f:e9:03:9c:3f:0f:f2:ca:5c:a8:0a:da:dc:f6:3e:99:7f:
98:8c:2a:43:6c:8a:2e:45:37:e0:ff:7d:07:ed:51:4b:96:8b:
6b:3d:59:6e:c8:97:ea:ba:ea:43:a9:2f:fa:8b:d2:ac:92:43:
b9:38:43:c2:3b:7d:f2:f2:41:e3:39:3a:62:6a:34:57:3f:22:
27:8b:79:0d:f2:93:af:df:8d:9a:78:4f:2b:5e:4d:07:c0:c2:
29:65:c6:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYia4douOBf3qSv6W+HSae82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA4MTIwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDRjYzkyMjVlYzgyOTc2YTVkMzdjZTRiYTNkN2Q3NzM4MmYwNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/KXF7j9KHSDkWjLBklr3w3uzCr6
w+3N6vUG3xlmZRk0osnyGWPErcnZ8WAqiV5Whb4lGcF5MJ8JPY32hQpsn0gqetaR
ieAmKWdtJb9ECqG8/hoEVuYJ/NlVg+YR0uMa3h5g3rKW/RIUsv7kZ7s7hEI9c7KZ
IPC2RVjyjLMv03MgBtXaFTZi5sYdggWySV4jjcRK7HvwZFOWjPcN547qbw4CByyR
J6aL+eTBC9tW0oKsbAWdgU0GvQfSTAWrCeIg+OLm461cS099pEFH9rbLR81myn1W
HlpcuL2Nj7ofBvLF30vQr5OZ6OS/LGA/lvVTNmi+zRWT8IXxkSLlaqTIywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1MySJeyCl2pdN85Lo9fXc4LwXNMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSFV6SklsN0lLWGFsMDN6a3VqMTlkemd2QmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWkxAwQA
BWlFMA0GCSqGSIb3DQEBCwUAA4IBAQC2956Rm+MoCzQS34Cpyf4+8eOky1+HHiiD
q5XOaAKyPFKyXzrPwjit63+tyakiLpBm6k9MUyeCFFdnOhziL665Da8aDnWfQuip
Pt0s9i5xLOOcCTi9nJjikZqVz4mBdwtXcAz9+Zz1UPWuUvdLYDZ6CscW9Ur84v6N
pY7HxlbYXKxFB5bBZIWb4+iSg66gJrjZ2glwYklCvJFTeNUMFvPueCw1H+kDnD8P
8spcqAra3PY+mX+YjCpDbIouRTfg/30H7VFLlotrPVluyJfquupDqS/6i9KskkO5
OEPCO33y8kHjOTpiajRXPyIni3kN8pOv342aeE8rXk0HwMIpZcak
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:00 2025 by rpki-client