Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KQUoTzgYRpehviZupAxKjd1i7aY.roa
File: KQUoTzgYRpehviZupAxKjd1i7aY.roa (raw, json)
Hash identifier: is3dVB88gB+TEZy0z9wC2NZihgmI2ZpfzBkX3oaTy5w=
Subject key identifier: 29:05:28:4F:38:18:46:97:A1:BE:26:6E:A4:0C:4A:8D:DD:62:ED:A6
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01831275AA08DF1B19B3EC018B938C1A77D7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KQUoTzgYRpehviZupAxKjd1i7aY.roa
Signing time: Tue 06 Sep 2022 11:00:44 +0000
ROA not before: Tue 06 Sep 2022 11:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 5.105.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:75:aa:08:df:1b:19:b3:ec:01:8b:93:8c:1a:77:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 6 11:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2905284f38184697a1be266ea40c4a8ddd62eda6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bb:55:32:00:9a:3b:97:ce:28:4e:f2:32:31:
d0:6d:60:a9:1f:6a:98:f7:41:99:f2:41:44:57:b0:
3e:9a:f5:4b:dd:d8:62:1e:42:ea:1b:65:14:95:eb:
a5:01:7c:a3:af:73:21:61:fc:d1:bd:10:25:cb:a1:
a2:ab:c8:9c:6e:17:1e:29:ef:f6:c7:d8:d3:4a:18:
54:1a:87:79:a9:4b:7b:49:05:b6:5f:b5:7d:11:46:
37:b7:a9:9e:5e:ab:5b:51:09:4c:34:5a:63:31:8c:
f6:c9:97:72:cb:28:7f:87:47:a8:98:09:62:b1:c4:
67:8b:43:f5:16:52:0d:1b:c6:56:2e:36:17:a7:6d:
77:fe:55:5b:21:49:7e:ac:27:93:e8:c3:c0:12:e9:
94:d2:1d:22:a7:b7:a1:58:df:95:ab:91:f6:b8:bf:
b4:96:ee:2b:04:98:88:ad:ef:36:5a:95:29:99:24:
68:15:8d:10:15:fa:c2:6c:ff:b7:b8:4b:0a:66:2e:
7f:31:08:1d:29:dd:6d:9b:fd:cd:e9:fd:2b:fd:2d:
47:ec:43:a6:19:82:c0:4d:3c:44:db:80:25:1c:b0:
e8:77:9e:87:e5:48:34:d2:b0:45:35:5a:99:03:02:
64:2d:a3:99:c1:79:e0:3f:a1:2c:a1:d2:89:eb:3f:
83:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:05:28:4F:38:18:46:97:A1:BE:26:6E:A4:0C:4A:8D:DD:62:ED:A6
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KQUoTzgYRpehviZupAxKjd1i7aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.10.0/24
Signature Algorithm: sha256WithRSAEncryption
94:2e:6d:ed:38:4e:34:d8:03:7b:d3:9f:ef:db:2d:d2:0b:1a:
ef:bd:cc:19:fb:a9:18:d1:e7:b8:16:a2:95:0f:62:51:48:a8:
82:6e:f0:6c:d8:56:46:72:ed:48:96:c9:4e:50:8a:cc:f0:f9:
da:6a:68:0e:40:12:da:d4:5e:1c:83:b9:4f:71:ce:f3:2a:8f:
37:b5:0b:25:ea:75:5c:74:32:af:e0:86:bd:cc:ed:28:14:38:
30:ec:b9:f4:e0:f5:11:cd:b3:15:31:ca:28:08:f2:e9:9b:ba:
b2:50:8e:ee:01:34:86:dd:52:26:2d:06:4d:39:dc:87:b4:5a:
8a:1c:9d:00:f9:a9:4a:43:69:62:40:10:fd:d0:08:7e:2a:ad:
75:24:70:28:c7:28:80:2e:15:68:24:3c:10:70:6c:86:d7:f4:
ac:c5:62:d3:98:fe:eb:98:82:4b:bc:b4:0b:fc:b8:83:41:28:
1d:43:71:79:06:5d:a1:df:6c:24:24:ad:76:08:51:53:68:bf:
54:85:38:d2:26:f0:46:e7:b1:94:27:8a:42:80:1a:10:fc:c6:
4a:24:c8:3c:10:47:3a:55:73:43:7c:a6:12:e1:53:a6:40:ca:
4b:9f:57:94:1e:6d:00:6e:50:e2:19:dd:64:47:1e:7b:99:5e:
48:a7:a7:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMSdaoI3xsZs+wBi5OMGnfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwOTA2MTEwMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA1Mjg0ZjM4MTg0Njk3YTFiZTI2NmVhNDBjNGE4ZGRkNjJlZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7tVMgCaO5fOKE7yMjHQbWCpH2qY
90GZ8kFEV7A+mvVL3dhiHkLqG2UUleulAXyjr3MhYfzRvRAly6Giq8icbhceKe/2
x9jTShhUGod5qUt7SQW2X7V9EUY3t6meXqtbUQlMNFpjMYz2yZdyyyh/h0eomAli
scRni0P1FlING8ZWLjYXp213/lVbIUl+rCeT6MPAEumU0h0ip7ehWN+Vq5H2uL+0
lu4rBJiIre82WpUpmSRoFY0QFfrCbP+3uEsKZi5/MQgdKd1tm/3N6f0r/S1H7EOm
GYLATTxE24AlHLDod56H5Ug00rBFNVqZAwJkLaOZwXngP6EsodKJ6z+DUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkFKE84GEaXob4mbqQMSo3dYu2mMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvS1FVb1R6Z1lScGVodmladXBBeEtqZDFpN2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkKMA0G
CSqGSIb3DQEBCwUAA4IBAQCULm3tOE402AN705/v2y3SCxrvvcwZ+6kY0ee4FqKV
D2JRSKiCbvBs2FZGcu1IlslOUIrM8PnaamgOQBLa1F4cg7lPcc7zKo83tQsl6nVc
dDKv4Ia9zO0oFDgw7Ln04PURzbMVMcooCPLpm7qyUI7uATSG3VImLQZNOdyHtFqK
HJ0A+alKQ2liQBD90Ah+Kq11JHAoxyiALhVoJDwQcGyG1/SsxWLTmP7rmIJLvLQL
/LiDQSgdQ3F5Bl2h32wkJK12CFFTaL9UhTjSJvBG57GUJ4pCgBoQ/MZKJMg8EEc6
VXNDfKYS4VOmQMpLn1eUHm0AblDiGd1kRx57mV5Ip6f6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org