Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/MgBgnmkbbkkmw0K8luB_jEmrdWE.roa
File: MgBgnmkbbkkmw0K8luB_jEmrdWE.roa (raw, json)
Hash identifier: me3vAeFHElkdTEOn1hzQnITNsg1bDjPcAp9UzphTpaE=
Subject key identifier: 32:00:60:9E:69:1B:6E:49:26:C3:42:BC:96:E0:7F:8C:49:AB:75:61
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184F12EA6C56C235AB1657F643672C36FE7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/MgBgnmkbbkkmw0K8luB_jEmrdWE.roa
Signing time: Thu 08 Dec 2022 10:01:17 +0000
ROA not before: Thu 08 Dec 2022 10:01:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 5.105.25.0/24 maxlen: 24
5.105.59.0/24 maxlen: 24
5.105.62.0/24 maxlen: 24
5.105.71.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:2e:a6:c5:6c:23:5a:b1:65:7f:64:36:72:c3:6f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 8 10:01:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3200609e691b6e4926c342bc96e07f8c49ab7561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4a:8e:b3:b9:b6:b8:1d:2e:58:5c:37:01:0f:
72:e5:de:27:93:7d:7c:4f:65:2f:a9:8a:c4:25:fb:
44:7e:e2:50:a5:2e:2a:34:a2:e6:b2:9e:af:6e:e6:
f0:b5:a6:2e:7b:d2:29:65:b5:2e:c0:d1:a5:6e:93:
57:15:b8:a4:d0:e5:a9:f1:8c:cb:a7:88:33:3a:76:
de:be:12:2b:52:e5:9a:00:fb:09:8d:02:d3:af:30:
03:09:fe:94:11:e1:ae:34:86:fd:ef:cf:2d:9e:56:
f8:ee:53:8a:e6:87:79:d2:d6:81:d9:25:3b:9b:48:
f4:43:76:50:89:ff:a4:77:af:1f:ea:21:13:8e:c9:
5b:2c:e0:23:b7:74:05:71:87:ba:51:5b:fd:41:0a:
b0:be:d7:d7:0b:15:87:4d:3b:bd:cc:20:3e:42:a7:
56:e0:22:b4:ea:82:ee:b9:dd:2b:8e:08:ed:89:c0:
55:5d:4a:b4:0a:70:77:49:77:3c:52:ee:7d:37:d2:
ee:98:7e:c1:c5:72:b6:2b:96:9f:85:e9:9d:0c:ab:
64:11:3d:a7:4a:af:87:c4:00:40:7a:c1:2c:20:9d:
cd:f1:5f:e8:14:b2:98:1f:56:7f:d2:26:0f:88:95:
f6:5d:cb:68:05:ef:72:bc:30:2c:54:58:34:6e:4b:
da:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:00:60:9E:69:1B:6E:49:26:C3:42:BC:96:E0:7F:8C:49:AB:75:61
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/MgBgnmkbbkkmw0K8luB_jEmrdWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.25.0/24
5.105.59.0/24
5.105.62.0/24
5.105.71.0/24
5.105.117.0/24
Signature Algorithm: sha256WithRSAEncryption
77:6b:dc:1f:ef:fa:80:ec:d4:bf:6f:f2:48:96:9c:63:b3:3d:
5d:81:46:97:d1:cc:3e:e8:6f:83:eb:a2:a1:80:b7:9b:0b:53:
2f:3b:04:e4:69:a5:0e:d5:e9:3c:b6:89:ae:4d:cd:a0:d2:16:
8d:e9:da:c2:cd:a9:3c:c4:3a:0c:af:23:4a:0f:b1:94:7f:9f:
a4:d0:65:56:d2:aa:95:db:f5:4a:f7:73:ef:f1:97:9f:b3:8e:
87:e4:2b:25:cd:da:78:73:b2:3f:78:8f:e3:08:61:ae:0e:47:
4e:95:60:ff:3a:cb:f9:df:75:82:62:90:ed:70:cb:ad:86:96:
0f:f3:43:9a:30:a8:2d:a0:6a:fe:94:f9:52:9a:9d:f8:ae:33:
e5:79:ff:61:11:41:b3:10:05:9a:86:04:c4:d8:b8:47:a8:59:
84:25:54:75:f3:61:da:7e:3b:89:22:a5:31:f3:69:22:79:ff:
e7:90:1f:80:4b:be:9e:c1:77:bd:ab:f4:9e:d5:42:d2:2f:e0:
5c:45:85:5a:c5:2c:79:eb:19:e5:7c:5b:28:3f:30:d5:cb:50:
ca:af:a3:03:1a:be:cc:8c:54:cd:72:44:7e:de:7d:a3:e5:cf:
90:db:dd:df:49:a5:3b:15:48:77:04:3c:c3:d3:d2:4f:6e:95:
ab:e0:da:c2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTxLqbFbCNasWV/ZDZyw2/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjA4MTAwMTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAwNjA5ZTY5MWI2ZTQ5MjZjMzQyYmM5NmUwN2Y4YzQ5YWI3NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUqOs7m2uB0uWFw3AQ9y5d4nk318
T2UvqYrEJftEfuJQpS4qNKLmsp6vbubwtaYue9IpZbUuwNGlbpNXFbik0OWp8YzL
p4gzOnbevhIrUuWaAPsJjQLTrzADCf6UEeGuNIb9788tnlb47lOK5od50taB2SU7
m0j0Q3ZQif+kd68f6iETjslbLOAjt3QFcYe6UVv9QQqwvtfXCxWHTTu9zCA+QqdW
4CK06oLuud0rjgjticBVXUq0CnB3SXc8Uu59N9LumH7BxXK2K5afhemdDKtkET2n
Sq+HxABAesEsIJ3N8V/oFLKYH1Z/0iYPiJX2XctoBe9yvDAsVFg0bkva+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDIAYJ5pG25JJsNCvJbgf4xJq3VhMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTWdCZ25ta2Jia2ttdzBLOGx1Ql9qRW1yZFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkZAwQA
BWk7AwQABWk+AwQABWlHAwQABWl1MA0GCSqGSIb3DQEBCwUAA4IBAQB3a9wf7/qA
7NS/b/JIlpxjsz1dgUaX0cw+6G+D66KhgLebC1MvOwTkaaUO1ek8tomuTc2g0haN
6drCzak8xDoMryNKD7GUf5+k0GVW0qqV2/VK93Pv8Zefs46H5Cslzdp4c7I/eI/j
CGGuDkdOlWD/Osv533WCYpDtcMuthpYP80OaMKgtoGr+lPlSmp34rjPlef9hEUGz
EAWahgTE2LhHqFmEJVR182HafjuJIqUx82kief/nkB+AS76ewXe9q/Se1ULSL+Bc
RYVaxSx56xnlfFsoPzDVy1DKr6MDGr7MjFTNckR+3n2j5c+Q293fSaU7FUh3BDzD
09JPbpWr4NrC
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:10:05 2025 by rpki-client