Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Hy93nvg3fjTY1v4FeSaFl_5T6nA.roa
File: Hy93nvg3fjTY1v4FeSaFl_5T6nA.roa (raw, json)
Hash identifier: c7nOhsLOwftx2P9dfEgzBDVZrrPIhwS0S3pg2B2yz7c=
Subject key identifier: 1F:2F:77:9E:F8:37:7E:34:D8:D6:FE:05:79:26:85:97:FE:53:EA:70
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01842805ACFF12F19FBCB1983B5C23F052F0
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Hy93nvg3fjTY1v4FeSaFl_5T6nA.roa
Signing time: Sun 30 Oct 2022 08:32:51 +0000
ROA not before: Sun 30 Oct 2022 08:32:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 5.105.12.0/24 maxlen: 24
5.105.104.0/24 maxlen: 24
5.105.103.0/24 maxlen: 24
5.105.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:28:05:ac:ff:12:f1:9f:bc:b1:98:3b:5c:23:f0:52:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 30 08:32:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f2f779ef8377e34d8d6fe0579268597fe53ea70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ff:9e:ba:9a:bb:62:01:03:57:ba:f7:6d:08:
5a:04:d2:3e:bd:c6:a2:49:87:9b:9f:19:11:12:a7:
d9:24:34:71:63:b8:09:e4:f9:80:e7:93:68:47:c6:
e6:c9:e4:da:ac:4e:74:78:2c:e5:3a:6f:23:61:fa:
9f:ca:a1:4e:f6:2d:c1:7b:48:23:f2:48:fa:e9:5c:
e4:7a:0c:d6:38:63:2d:b2:27:41:8a:87:4b:56:8e:
c8:35:e9:e1:46:2f:c1:ca:24:92:cc:d1:7f:3f:de:
bf:3d:71:f0:f3:ef:59:8d:cc:7e:2e:43:97:29:dc:
37:6c:a0:be:7e:d3:50:c4:11:54:5c:d5:95:fb:54:
56:37:83:d9:48:1f:7b:f9:2e:82:90:85:36:2e:e3:
a7:82:1b:32:97:d8:d2:44:4b:2c:84:de:30:3a:1d:
73:8e:5c:26:32:90:e9:df:65:f3:ea:6d:71:cc:1e:
c7:8c:18:e2:08:cb:6e:2e:7c:79:8b:e6:5a:b1:0e:
b8:c8:9c:87:f4:99:f4:30:63:32:e2:5b:0d:1a:5b:
d4:59:d9:7c:d2:ce:6d:1c:5e:5e:4d:48:1c:a0:df:
45:6a:f8:fe:7a:19:93:7c:1f:cc:5e:d2:42:ce:e0:
9c:84:4a:a8:3c:32:75:7b:fa:54:7e:ee:0b:05:98:
15:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:2F:77:9E:F8:37:7E:34:D8:D6:FE:05:79:26:85:97:FE:53:EA:70
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Hy93nvg3fjTY1v4FeSaFl_5T6nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.12.0/24
5.105.100.0/24
5.105.103.0-5.105.104.255
Signature Algorithm: sha256WithRSAEncryption
45:48:4c:c4:7c:bd:3e:dd:93:12:e3:40:57:ea:60:2e:aa:96:
00:f6:04:96:da:da:65:ba:53:dc:4b:f9:27:83:6c:b7:73:26:
c5:cf:0e:32:98:77:73:23:5e:8e:b0:b2:95:e2:4f:58:28:25:
f1:88:d8:86:f0:be:55:b0:48:2b:11:80:ca:ca:9e:85:ae:7e:
f7:b2:09:0a:f6:f0:82:f6:92:bb:b6:7d:e8:6e:d4:05:ba:58:
0a:99:b4:4d:b6:68:b7:43:b4:9c:41:ec:53:00:1e:4a:76:be:
72:f9:e8:96:dd:07:2b:db:07:77:f3:fb:b7:c4:6b:e0:56:08:
59:f6:33:2c:9b:ce:09:1a:03:7e:a3:6d:0f:8d:8d:9f:58:d2:
d3:00:11:ff:f2:30:7d:1d:b0:66:fc:6c:69:b4:aa:6d:47:4b:
32:d5:37:82:9b:31:15:d2:45:94:2b:4a:2f:1e:b1:a7:a7:74:
1b:0b:25:52:15:58:6e:d9:2e:f9:67:65:55:15:f9:57:1a:f6:
87:17:be:1a:43:3c:3e:73:e9:ff:8e:ef:fe:73:14:8c:2d:14:
a0:f5:8c:90:15:7e:5f:0d:ce:89:d8:82:53:89:f3:7c:e7:08:
eb:30:7e:36:25:62:e5:1b:e5:e2:43:c6:4b:9b:11:78:26:1e:
80:95:7d:e5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQoBaz/EvGfvLGYO1wj8FLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDMwMDgzMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjJmNzc5ZWY4Mzc3ZTM0ZDhkNmZlMDU3OTI2ODU5N2ZlNTNlYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP+eupq7YgEDV7r3bQhaBNI+vcai
SYebnxkREqfZJDRxY7gJ5PmA55NoR8bmyeTarE50eCzlOm8jYfqfyqFO9i3Be0gj
8kj66VzkegzWOGMtsidBiodLVo7INenhRi/ByiSSzNF/P96/PXHw8+9Zjcx+LkOX
Kdw3bKC+ftNQxBFUXNWV+1RWN4PZSB97+S6CkIU2LuOnghsyl9jSREsshN4wOh1z
jlwmMpDp32Xz6m1xzB7HjBjiCMtuLnx5i+ZasQ64yJyH9Jn0MGMy4lsNGlvUWdl8
0s5tHF5eTUgcoN9Favj+ehmTfB/MXtJCzuCchEqoPDJ1e/pUfu4LBZgVlwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB8vd574N3402Nb+BXkmhZf+U+pwMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSHk5M252ZzNmalRZMXY0RmVTYUZsXzVUNm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABWkMAwQA
BWlkMAwDBAAFaWcDBAAFaWgwDQYJKoZIhvcNAQELBQADggEBAEVITMR8vT7dkxLj
QFfqYC6qlgD2BJba2mW6U9xL+SeDbLdzJsXPDjKYd3MjXo6wspXiT1goJfGI2Ibw
vlWwSCsRgMrKnoWufveyCQr28IL2kru2fehu1AW6WAqZtE22aLdDtJxB7FMAHkp2
vnL56JbdByvbB3fz+7fEa+BWCFn2MyybzgkaA36jbQ+NjZ9Y0tMAEf/yMH0dsGb8
bGm0qm1HSzLVN4KbMRXSRZQrSi8esaendBsLJVIVWG7ZLvlnZVUV+Vca9ocXvhpD
PD5z6f+O7/5zFIwtFKD1jJAVfl8NzonYglOJ83znCOswfjYlYuUb5eJDxkubEXgm
HoCVfeU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:30 2025 by rpki-client