Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/OnYhEMMMqfeWymmqbNCyey0v2NM.roa
File: OnYhEMMMqfeWymmqbNCyey0v2NM.roa (raw, json)
Hash identifier: 2CuuzAc5jPRq1RwT0VxndtOPaaGQIv+bULy1YToqU0Q=
Subject key identifier: 3A:76:21:10:C3:0C:A9:F7:96:CA:69:AA:6C:D0:B2:7B:2D:2F:D8:D3
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018419C28D5B4B94CB8A295D93805765F859
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/OnYhEMMMqfeWymmqbNCyey0v2NM.roa
Signing time: Thu 27 Oct 2022 14:04:51 +0000
ROA not before: Thu 27 Oct 2022 14:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.130.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:c2:8d:5b:4b:94:cb:8a:29:5d:93:80:57:65:f8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 27 14:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a762110c30ca9f796ca69aa6cd0b27b2d2fd8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:68:2e:56:85:c7:a0:cd:c8:30:6b:1d:15:65:
2c:34:c2:70:a7:56:98:0e:41:3a:b9:ef:bc:36:89:
e2:c4:22:7c:60:1f:bd:63:1c:ff:43:15:26:44:c1:
ad:00:f1:3c:50:b7:90:59:16:9f:e7:d2:b5:8a:15:
24:fd:8a:8d:44:b8:d7:d7:68:de:9f:1e:67:9e:0b:
55:3a:93:69:69:6e:72:79:a4:c3:97:38:1c:a0:e2:
aa:d5:c5:2e:b1:45:a7:f8:b4:1a:92:2d:8f:49:b4:
3b:b9:a2:ea:c1:5c:8a:a2:fb:b1:3f:ec:79:28:33:
59:dc:07:38:46:ed:5b:dd:79:67:5b:a6:80:09:13:
5d:31:93:cc:9f:09:a3:36:aa:f8:79:00:66:66:43:
ea:20:d4:74:7d:b0:26:8a:5c:44:cf:97:32:e6:da:
7a:cb:1d:7c:25:a1:b0:c5:7d:aa:27:8c:51:61:77:
9e:39:a3:a5:0e:ef:5b:94:8f:c0:ac:17:aa:3d:7b:
7d:45:50:e7:06:12:97:7e:4b:9b:0a:ff:d2:00:d4:
0d:73:d2:1e:4f:29:da:22:10:a6:07:9c:05:6b:bf:
45:24:7b:e2:4e:1a:b2:91:1c:78:62:cf:f7:14:1e:
6a:a1:91:f8:c3:7f:dd:80:7a:4d:e7:c8:30:43:bd:
ee:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:76:21:10:C3:0C:A9:F7:96:CA:69:AA:6C:D0:B2:7B:2D:2F:D8:D3
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/OnYhEMMMqfeWymmqbNCyey0v2NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.7.0/24
5.105.96.0/24
5.105.130.0/24
5.105.184.0/24
5.105.226.0/24
Signature Algorithm: sha256WithRSAEncryption
18:8a:7f:f9:43:89:b7:1e:4f:5a:97:0b:0a:58:54:93:57:79:
5e:11:d1:4a:6b:d3:be:a9:cb:8f:4e:ce:87:76:76:1a:e7:93:
1a:d7:5b:ba:a6:08:c0:cc:b8:61:6d:f0:90:34:de:c3:db:1f:
fb:c0:d3:2d:f4:44:cc:d6:26:f5:ec:0a:a3:1c:9a:d9:e2:ea:
33:ac:c8:34:0e:05:01:9f:b9:ae:8d:99:18:db:8a:95:be:84:
10:f5:b9:14:29:36:99:f1:19:c7:11:d1:37:dc:24:bd:56:88:
97:c6:6b:60:81:eb:b2:55:38:fb:ae:03:13:e7:72:c4:64:8b:
45:ac:34:c6:6a:42:53:17:0a:7f:54:d2:4a:93:ad:5e:b2:f3:
47:96:0e:95:4a:bb:6b:7a:14:7f:43:bf:b0:89:1f:3d:b9:cc:
f6:42:74:fe:0e:4d:85:3d:27:c3:4f:ff:fa:66:ee:c5:cf:38:
40:27:10:55:3e:d8:27:0b:c9:d6:8b:be:9f:08:46:72:42:3f:
b8:c7:cf:a6:07:3c:77:05:82:06:84:bd:c8:fa:9d:ad:76:33:
e0:f5:b4:85:a9:fb:c8:23:94:45:8b:39:67:31:c8:45:de:ca:
52:3e:e2:34:f6:99:a2:17:ba:63:5f:0a:de:46:0b:3a:63:4d:
47:ca:62:03
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQZwo1bS5TLiildk4BXZfhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDI3MTQwNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc2MjExMGMzMGNhOWY3OTZjYTY5YWE2Y2QwYjI3YjJkMmZkOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGguVoXHoM3IMGsdFWUsNMJwp1aY
DkE6ue+8NonixCJ8YB+9Yxz/QxUmRMGtAPE8ULeQWRaf59K1ihUk/YqNRLjX12je
nx5nngtVOpNpaW5yeaTDlzgcoOKq1cUusUWn+LQaki2PSbQ7uaLqwVyKovuxP+x5
KDNZ3Ac4Ru1b3XlnW6aACRNdMZPMnwmjNqr4eQBmZkPqINR0fbAmilxEz5cy5tp6
yx18JaGwxX2qJ4xRYXeeOaOlDu9blI/ArBeqPXt9RVDnBhKXfkubCv/SANQNc9Ie
TynaIhCmB5wFa79FJHviThqykRx4Ys/3FB5qoZH4w3/dgHpN58gwQ73uFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDp2IRDDDKn3lsppqmzQsnstL9jTMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvT25ZaEVNTU1xZmVXeW1tcWJOQ3lleTB2Mk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkHAwQA
BWlgAwQABWmCAwQABWm4AwQABWniMA0GCSqGSIb3DQEBCwUAA4IBAQAYin/5Q4m3
Hk9alwsKWFSTV3leEdFKa9O+qcuPTs6HdnYa55Ma11u6pgjAzLhhbfCQNN7D2x/7
wNMt9ETM1ib17AqjHJrZ4uozrMg0DgUBn7mujZkY24qVvoQQ9bkUKTaZ8RnHEdE3
3CS9VoiXxmtggeuyVTj7rgMT53LEZItFrDTGakJTFwp/VNJKk61esvNHlg6VSrtr
ehR/Q7+wiR89ucz2QnT+Dk2FPSfDT//6Zu7FzzhAJxBVPtgnC8nWi76fCEZyQj+4
x8+mBzx3BYIGhL3I+p2tdjPg9bSFqfvII5RFizlnMchF3spSPuI09pmiF7pjXwre
Rgs6Y01HymID
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:30:56 2025 by rpki-client