Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Q1YpCT0wyeOv2q-sKuThcMJfQ2g.roa
File: Q1YpCT0wyeOv2q-sKuThcMJfQ2g.roa (raw, json)
Hash identifier: 5Hy3w8K64nnk1gzp/g24Uha/d3JB4QAvCMjIveGc9GY=
Subject key identifier: 43:56:29:09:3D:30:C9:E3:AF:DA:AF:AC:2A:E4:E1:70:C2:5F:43:68
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5B43187EB41CD720E8984EC9F98A2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Q1YpCT0wyeOv2q-sKuThcMJfQ2g.roa
Signing time: Sun 01 Jan 2023 05:54:54 +0000
ROA not before: Sun 01 Jan 2023 05:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204615
IP address blocks: 5.105.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:b4:31:87:eb:41:cd:72:0e:89:84:ec:9f:98:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=435629093d30c9e3afdaafac2ae4e170c25f4368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d9:96:41:b8:aa:55:8e:78:66:06:56:44:b6:
44:23:92:c7:b9:10:6e:12:d3:56:7c:78:27:43:ad:
ca:7f:27:14:f9:13:51:63:48:d2:47:ab:56:7e:91:
da:d2:44:0d:71:dc:8f:84:2b:01:46:c9:dc:71:61:
35:5a:58:fb:e2:48:68:08:ad:84:67:32:70:6e:b7:
72:47:de:c4:87:1c:f4:e8:90:bd:7e:ad:b6:91:5f:
14:df:82:cb:35:13:da:f3:8c:b5:52:2a:9f:f1:2a:
ec:84:7b:29:04:34:6c:3a:19:b7:da:04:09:48:23:
22:c8:8b:13:c7:33:c8:2d:92:ed:b1:2d:c3:ab:a8:
3a:75:17:0d:99:7f:15:4d:3b:ca:81:31:83:0b:8b:
5a:33:fc:cd:97:c2:4f:be:b8:81:65:cb:1d:7d:77:
9b:e9:c9:cb:99:6a:5f:e9:78:48:ec:77:27:b8:87:
b5:8f:06:ce:67:b1:d7:15:0a:d2:9f:bd:f9:bb:5d:
2d:cf:5a:af:af:fa:b1:6f:ec:97:8d:8b:1a:40:b3:
b6:7f:41:bf:f0:10:5c:1a:24:d7:e3:11:85:9a:34:
83:18:e8:44:56:3b:24:85:6f:f5:e0:dd:0c:a5:02:
6b:89:4f:6f:f4:58:f4:c0:55:6f:89:a8:7b:9e:a7:
ce:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:56:29:09:3D:30:C9:E3:AF:DA:AF:AC:2A:E4:E1:70:C2:5F:43:68
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Q1YpCT0wyeOv2q-sKuThcMJfQ2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.50.0/24
Signature Algorithm: sha256WithRSAEncryption
57:13:59:4a:9a:3b:37:82:1b:52:23:df:43:92:59:38:ef:cd:
c3:00:3a:6c:3b:36:cc:3a:6a:fe:65:5d:7f:65:c8:32:fa:dd:
a3:0a:d3:ee:d6:a9:1b:b2:0a:bd:34:d8:ec:72:b3:59:cd:eb:
0c:7b:a4:6b:a8:a2:e6:5a:87:31:65:de:49:a1:1d:40:86:7f:
e4:fa:72:e6:9f:72:8e:56:ad:e8:b9:e0:02:6e:48:da:36:bd:
da:8e:59:49:7f:b5:00:84:36:6f:f1:e4:4b:90:55:8d:00:fa:
fa:6a:89:6a:68:10:4d:7e:02:d2:10:4f:0f:9a:c0:59:cb:db:
77:c4:dd:a4:a6:17:66:97:9b:12:ad:e5:1f:6e:58:cc:ff:7f:
12:42:2b:d1:6d:1c:78:fc:b2:f9:cc:a2:95:76:90:0f:d1:e3:
b0:c3:b1:8c:35:15:1b:a8:3f:17:11:d8:b5:df:66:a4:6c:2d:
e3:08:4f:b2:15:25:d1:15:4b:aa:76:1e:13:44:c7:af:f2:e5:
17:fc:e7:65:82:a7:a8:29:03:32:3d:2c:bd:64:d7:28:d0:80:
13:47:e0:00:f4:ca:1d:39:e4:ec:00:eb:b0:eb:5f:21:b1:69:
b0:92:3c:a7:83:9b:7e:5d:9a:26:b8:4b:d6:91:fb:0d:45:af:
bf:3c:3b:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr5bQxh+tBzXIOiYTsn5iiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU2MjkwOTNkMzBjOWUzYWZkYWFmYWMyYWU0ZTE3MGMyNWY0MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtmWQbiqVY54ZgZWRLZEI5LHuRBu
EtNWfHgnQ63KfycU+RNRY0jSR6tWfpHa0kQNcdyPhCsBRsnccWE1Wlj74khoCK2E
ZzJwbrdyR97Ehxz06JC9fq22kV8U34LLNRPa84y1Uiqf8SrshHspBDRsOhm32gQJ
SCMiyIsTxzPILZLtsS3Dq6g6dRcNmX8VTTvKgTGDC4taM/zNl8JPvriBZcsdfXeb
6cnLmWpf6XhI7HcnuIe1jwbOZ7HXFQrSn735u10tz1qvr/qxb+yXjYsaQLO2f0G/
8BBcGiTX4xGFmjSDGOhEVjskhW/14N0MpQJriU9v9Fj0wFVviah7nqfOfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENWKQk9MMnjr9qvrCrk4XDCX0NoMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUTFZcENUMHd5ZU92MnEtc0t1VGhjTUpmUTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkyMA0G
CSqGSIb3DQEBCwUAA4IBAQBXE1lKmjs3ghtSI99Dklk4783DADpsOzbMOmr+ZV1/
Zcgy+t2jCtPu1qkbsgq9NNjscrNZzesMe6RrqKLmWocxZd5JoR1Ahn/k+nLmn3KO
Vq3oueACbkjaNr3ajllJf7UAhDZv8eRLkFWNAPr6aolqaBBNfgLSEE8PmsBZy9t3
xN2kphdml5sSreUfbljM/38SQivRbRx4/LL5zKKVdpAP0eOww7GMNRUbqD8XEdi1
32akbC3jCE+yFSXRFUuqdh4TRMev8uUX/OdlgqeoKQMyPSy9ZNco0IATR+AA9Mod
OeTsAOuw618hsWmwkjyng5t+XZomuEvWkfsNRa+/PDul
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:26 2025 by rpki-client