Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KKEQdDjTqOZMPy3KOVyj44sjVDg.roa
File: KKEQdDjTqOZMPy3KOVyj44sjVDg.roa (raw, json)
Hash identifier: eTYNMy2NRBYen8+e7X8KEklbF2nFS5f+0OABLWta4VY=
Subject key identifier: 28:A1:10:74:38:D3:A8:E6:4C:3F:2D:CA:39:5C:A3:E3:8B:23:54:38
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01839CD6388F84B1AB56D06899C160FDA5EB
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KKEQdDjTqOZMPy3KOVyj44sjVDg.roa
Signing time: Mon 03 Oct 2022 07:53:48 +0000
ROA not before: Mon 03 Oct 2022 07:53:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9c:d6:38:8f:84:b1:ab:56:d0:68:99:c1:60:fd:a5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 3 07:53:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a1107438d3a8e64c3f2dca395ca3e38b235438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:51:8f:6c:a6:b8:2c:18:f9:65:15:2e:c6:6c:
44:11:57:ae:9d:4e:28:d9:b4:90:9e:74:b7:26:80:
e5:bc:9c:7e:b4:86:00:36:e9:23:02:ae:42:54:17:
ed:7a:ab:e2:0a:eb:ad:50:97:66:1a:d3:b4:4f:65:
03:f5:75:76:d2:8e:fe:26:84:04:a4:39:94:7d:a2:
ae:02:f7:94:69:6a:e7:fa:b5:cd:ee:ff:0d:97:5a:
d7:6d:45:ff:4e:df:2a:93:a4:54:c4:04:3f:67:7a:
d2:1f:2c:bd:21:6d:dc:5d:88:08:c9:04:e0:2f:9d:
cb:c7:a8:64:88:88:b9:da:04:44:60:c1:85:1a:ae:
17:ce:d6:1f:d8:4c:b6:82:cb:18:de:6f:73:28:1b:
21:83:0a:47:14:ef:f7:8f:3f:18:35:96:01:0d:db:
0c:e5:8b:7d:28:f6:22:53:68:ce:6b:3a:7a:a3:0f:
a6:1b:0b:39:e1:cb:c5:b7:a1:ef:02:40:fe:74:27:
c7:f6:e8:8a:bc:39:f8:f8:c3:02:83:e3:1b:28:26:
04:73:d0:7b:2f:9b:93:3b:26:dc:0d:e7:11:68:47:
ef:60:79:ab:6f:d3:4e:d1:29:53:b2:7d:f0:8c:88:
ae:59:f1:3e:6c:0d:83:de:35:af:4f:82:7e:14:be:
fa:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A1:10:74:38:D3:A8:E6:4C:3F:2D:CA:39:5C:A3:E3:8B:23:54:38
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KKEQdDjTqOZMPy3KOVyj44sjVDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.15.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:76:06:33:e2:5c:a0:42:77:a1:52:65:34:7c:7a:b3:03:9d:
73:dc:3d:fb:b3:81:b8:82:a1:cf:67:0e:04:99:e8:1c:c8:48:
b9:eb:55:0c:b1:a2:1b:04:19:5b:4f:8b:a5:20:34:23:cf:4c:
bf:b4:df:d9:b3:a6:0c:d1:48:d4:47:aa:71:57:04:97:ad:30:
c5:e2:70:47:6b:63:05:c9:69:8c:98:6c:71:eb:c9:d1:98:40:
a3:26:15:d3:d2:de:44:9a:a9:6a:fe:e0:0c:c7:8b:74:68:5b:
18:1d:de:73:6e:95:96:d3:9c:9a:64:07:91:f5:70:95:44:4a:
da:72:53:b3:ff:ca:99:f0:5a:1e:ed:58:02:2c:8d:2c:e6:c5:
71:6d:9e:b5:55:8d:61:2b:51:00:40:05:64:5e:62:10:15:40:
c6:1b:06:61:bb:31:14:21:a3:2f:65:ae:bd:60:43:47:5e:6a:
8a:4b:0b:96:b4:54:7d:27:fe:a6:d6:cb:d0:c6:ce:c8:43:c9:
bf:ed:9a:c5:89:f6:10:eb:26:33:db:87:ab:48:26:f1:ba:70:
5b:d3:7f:c9:a3:3a:04:1d:f1:94:ad:b9:73:55:7a:ae:15:c1:
eb:20:99:ee:bd:00:0b:cd:79:a7:20:ea:e7:8d:fc:f2:80:49:
5c:21:f1:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOc1jiPhLGrVtBomcFg/aXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDAzMDc1MzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGExMTA3NDM4ZDNhOGU2NGMzZjJkY2EzOTVjYTNlMzhiMjM1NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlGPbKa4LBj5ZRUuxmxEEVeunU4o
2bSQnnS3JoDlvJx+tIYANukjAq5CVBfteqviCuutUJdmGtO0T2UD9XV20o7+JoQE
pDmUfaKuAveUaWrn+rXN7v8Nl1rXbUX/Tt8qk6RUxAQ/Z3rSHyy9IW3cXYgIyQTg
L53Lx6hkiIi52gREYMGFGq4XztYf2Ey2gssY3m9zKBshgwpHFO/3jz8YNZYBDdsM
5Yt9KPYiU2jOazp6ow+mGws54cvFt6HvAkD+dCfH9uiKvDn4+MMCg+MbKCYEc9B7
L5uTOybcDecRaEfvYHmrb9NO0SlTsn3wjIiuWfE+bA2D3jWvT4J+FL76tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCihEHQ406jmTD8tyjlco+OLI1Q4MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvS0tFUWREalRxT1pNUHkzS09WeWo0NHNqVkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkPMA0G
CSqGSIb3DQEBCwUAA4IBAQDBdgYz4lygQnehUmU0fHqzA51z3D37s4G4gqHPZw4E
megcyEi561UMsaIbBBlbT4ulIDQjz0y/tN/Zs6YM0UjUR6pxVwSXrTDF4nBHa2MF
yWmMmGxx68nRmECjJhXT0t5Emqlq/uAMx4t0aFsYHd5zbpWW05yaZAeR9XCVREra
clOz/8qZ8Foe7VgCLI0s5sVxbZ61VY1hK1EAQAVkXmIQFUDGGwZhuzEUIaMvZa69
YENHXmqKSwuWtFR9J/6m1svQxs7IQ8m/7ZrFifYQ6yYz24erSCbxunBb03/JozoE
HfGUrblzVXquFcHrIJnuvQALzXmnIOrnjfzygElcIfHl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:23 2025 by rpki-client