Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/O-t3faGQloU6l5cBbNOSvGgWObc.roa
File: O-t3faGQloU6l5cBbNOSvGgWObc.roa (raw, json)
Hash identifier: AYbs/drMk3JWzPoDHI89oTI3MulCEsJkJvyxJxWcivc=
Subject key identifier: 3B:EB:77:7D:A1:90:96:85:3A:97:97:01:6C:D3:92:BC:68:16:39:B7
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0183FB059BD0DF87D8BCAC8B5EB21E0A0957
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/O-t3faGQloU6l5cBbNOSvGgWObc.roa
Signing time: Fri 21 Oct 2022 14:49:52 +0000
ROA not before: Fri 21 Oct 2022 14:49:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 5.105.119.0/24 maxlen: 24
5.105.121.0/24 maxlen: 24
5.105.90.0/24 maxlen: 24
5.105.93.0/24 maxlen: 24
5.105.211.0/24 maxlen: 24
5.105.222.0/24 maxlen: 24
5.105.116.0/24 maxlen: 24
5.105.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:05:9b:d0:df:87:d8:bc:ac:8b:5e:b2:1e:0a:09:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 21 14:49:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3beb777da19096853a9797016cd392bc681639b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:d3:34:e7:9a:57:1e:f6:17:c7:72:b6:be:
1e:9f:6f:b1:33:c4:ee:11:72:b4:4d:12:2a:d2:19:
2c:f0:cc:6e:b9:0e:2e:7a:38:cd:32:d9:80:84:aa:
0b:36:1d:d8:2d:15:d6:48:b9:f5:50:02:49:5e:c1:
34:d5:40:b7:25:6c:40:2a:ac:16:f0:5a:01:e2:8b:
27:9c:68:3c:00:56:2a:60:d3:ed:93:4b:ef:2e:9b:
2a:15:5f:6b:f4:05:da:eb:4b:e5:28:68:01:55:2c:
35:81:87:d4:7f:a4:a1:9e:20:bc:0a:15:d3:ee:f4:
75:81:1e:bb:1b:cf:02:0b:da:db:4f:90:a4:25:11:
da:46:42:7e:ad:da:4b:ac:77:f3:6a:90:2d:bb:8f:
0a:8b:bc:e2:6e:d8:43:95:ab:ea:91:d5:01:ef:7b:
bd:23:02:10:77:c4:46:bc:cc:ea:87:23:81:e3:2c:
57:44:61:d8:66:74:ce:fb:c5:06:b2:fd:84:a0:c2:
37:59:3d:dc:ee:c8:4f:9f:0d:06:0e:d4:80:90:13:
e6:f5:12:98:e4:ce:74:96:6a:74:c6:fd:2e:1f:a3:
a8:ec:7a:67:b5:bf:72:1c:06:02:a0:78:15:6f:23:
08:88:b9:1a:4b:52:70:8c:4d:59:85:ad:45:3a:63:
f5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EB:77:7D:A1:90:96:85:3A:97:97:01:6C:D3:92:BC:68:16:39:B7
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/O-t3faGQloU6l5cBbNOSvGgWObc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.90.0/24
5.105.93.0/24
5.105.116.0/24
5.105.119.0/24
5.105.121.0/24
5.105.211.0/24
5.105.222.0/24
5.105.224.0/24
Signature Algorithm: sha256WithRSAEncryption
85:bd:1e:be:d7:10:51:58:02:d5:90:ea:50:b7:5d:4d:e9:d4:
8f:1e:db:9e:16:c5:e6:0b:39:b5:55:60:dc:f6:26:66:c8:a4:
5b:68:1d:1d:58:ac:a7:45:19:e8:1a:20:07:42:79:38:71:74:
74:8e:ab:89:4b:01:9e:15:f6:03:09:b1:4c:48:38:bb:c6:49:
12:d6:9d:70:e0:72:0c:a0:b0:a3:12:ff:f7:2f:02:cc:ec:4e:
17:d8:b6:1d:c9:38:a4:5f:aa:c4:31:94:08:d4:03:bb:33:62:
e2:c3:23:58:8d:06:58:61:16:1e:06:df:33:2e:c8:f7:8e:a5:
35:50:d4:0f:67:30:1e:41:4c:99:77:6a:a0:e9:b4:00:4e:58:
5c:ec:b7:31:12:cc:2d:40:eb:50:5e:30:35:be:77:83:43:2b:
b2:65:f9:11:4c:e6:21:02:95:d7:6d:5b:48:7a:75:7c:11:44:
c0:74:6a:6b:12:af:b7:f8:59:37:a0:56:e7:96:c3:8a:88:68:
3d:c4:5e:63:ce:2a:46:1a:25:31:04:e3:8d:ba:db:14:d6:19:
22:42:66:4e:4c:ea:92:a5:e1:3a:7c:8a:3d:79:52:21:3f:eb:
1a:35:7e:64:b7:fe:38:fd:3d:2b:8e:fa:02:1c:0f:8b:95:05:
93:1d:bb:ee
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYP7BZvQ34fYvKyLXrIeCglXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDIxMTQ0OTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmViNzc3ZGExOTA5Njg1M2E5Nzk3MDE2Y2QzOTJiYzY4MTYzOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUvTNOeaVx72F8dytr4en2+xM8Tu
EXK0TRIq0hks8MxuuQ4uejjNMtmAhKoLNh3YLRXWSLn1UAJJXsE01UC3JWxAKqwW
8FoB4osnnGg8AFYqYNPtk0vvLpsqFV9r9AXa60vlKGgBVSw1gYfUf6ShniC8ChXT
7vR1gR67G88CC9rbT5CkJRHaRkJ+rdpLrHfzapAtu48Ki7zibthDlavqkdUB73u9
IwIQd8RGvMzqhyOB4yxXRGHYZnTO+8UGsv2EoMI3WT3c7shPnw0GDtSAkBPm9RKY
5M50lmp0xv0uH6Oo7Hpntb9yHAYCoHgVbyMIiLkaS1JwjE1Zha1FOmP10QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDvrd32hkJaFOpeXAWzTkrxoFjm3MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTy10M2ZhR1Fsb1U2bDVjQmJOT1N2R2dXT2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABWlaAwQA
BWldAwQABWl0AwQABWl3AwQABWl5AwQABWnTAwQABWneAwQABWngMA0GCSqGSIb3
DQEBCwUAA4IBAQCFvR6+1xBRWALVkOpQt11N6dSPHtueFsXmCzm1VWDc9iZmyKRb
aB0dWKynRRnoGiAHQnk4cXR0jquJSwGeFfYDCbFMSDi7xkkS1p1w4HIMoLCjEv/3
LwLM7E4X2LYdyTikX6rEMZQI1AO7M2LiwyNYjQZYYRYeBt8zLsj3jqU1UNQPZzAe
QUyZd2qg6bQATlhc7LcxEswtQOtQXjA1vneDQyuyZfkRTOYhApXXbVtIenV8EUTA
dGprEq+3+Fk3oFbnlsOKiGg9xF5jzipGGiUxBOONutsU1hkiQmZOTOqSpeE6fIo9
eVIhP+saNX5kt/44/T0rjvoCHA+LlQWTHbvu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:39 2025 by rpki-client