Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/RbrmzPW_yzKr1Drf3hU1xCif-kg.roa
File: RbrmzPW_yzKr1Drf3hU1xCif-kg.roa (raw, json)
Hash identifier: 5E6t1XDJsZsApTHZdJ5eZsN4rdNLbOQET/gZBoytGvk=
Subject key identifier: 45:BA:E6:CC:F5:BF:CB:32:AB:D4:3A:DF:DE:15:35:C4:28:9F:FA:48
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018A65CF71CEA78B5B7CFA1F6192D2317E51
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/RbrmzPW_yzKr1Drf3hU1xCif-kg.roa
Signing time: Tue 05 Sep 2023 14:46:48 +0000
ROA not before: Tue 05 Sep 2023 14:46:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.186.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:cf:71:ce:a7:8b:5b:7c:fa:1f:61:92:d2:31:7e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 5 14:46:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45bae6ccf5bfcb32abd43adfde1535c4289ffa48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f5:73:83:73:f4:ba:5f:6e:de:c0:b0:09:ba:
0e:6e:0e:91:ed:9f:39:8e:a7:13:df:27:43:5a:a8:
6f:f7:42:69:5b:58:90:85:b2:ef:ae:de:5d:e8:7d:
93:75:5e:82:06:92:6c:7f:f6:c3:4d:1a:f6:42:ad:
ab:31:c4:8a:8f:16:a7:85:db:50:20:70:5c:18:ab:
54:76:d2:1b:41:d6:9b:2c:97:35:92:80:a3:58:04:
44:21:07:1b:5b:1e:c6:72:26:78:62:04:67:92:fa:
45:48:1c:7b:ac:d1:ac:99:22:4e:ad:29:0e:9b:40:
0b:13:37:ab:d7:98:0d:c1:e3:4b:31:34:89:f0:3f:
85:89:2f:5e:d0:12:57:04:e7:44:6e:1c:13:d0:52:
69:aa:98:3d:2a:0b:35:4a:ac:42:20:59:94:9c:00:
5e:67:71:dd:6a:af:2e:e3:9b:5e:0b:35:cc:4f:a1:
b7:c9:db:50:c2:6f:ca:e0:73:d4:53:a3:31:ed:dc:
ae:5b:3c:d5:98:27:01:8c:22:37:86:fa:0e:5c:30:
7c:f2:c6:f2:76:2d:e5:e9:24:54:c0:04:83:af:79:
1c:65:0e:72:19:a8:76:a7:34:a6:d1:e6:27:05:ed:
ba:68:57:18:fe:0e:0e:fd:40:b2:ff:29:8c:44:b7:
77:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BA:E6:CC:F5:BF:CB:32:AB:D4:3A:DF:DE:15:35:C4:28:9F:FA:48
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/RbrmzPW_yzKr1Drf3hU1xCif-kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.107.0/24
5.105.186.0/24
5.105.202.0/24
Signature Algorithm: sha256WithRSAEncryption
77:92:f2:31:21:cd:8e:0f:66:3f:b5:c8:90:3d:1e:ce:8f:fc:
0c:de:86:f2:b0:d3:cf:a8:b4:cc:bb:f6:e6:62:de:91:50:49:
75:31:19:7d:3d:81:35:23:a1:ce:7a:0b:ba:8f:02:1e:0a:72:
2d:1c:68:09:80:17:1f:9e:5d:8a:ca:3b:1b:c4:70:7b:fc:98:
53:b2:92:a4:f4:53:eb:b0:15:2b:7f:5e:09:6b:29:dc:68:5f:
77:0a:0a:c1:30:3d:a8:98:ba:23:75:85:91:73:56:8a:80:96:
27:c8:d4:66:d2:f6:31:5a:d3:3d:94:2b:8c:55:b9:fe:78:b1:
98:f2:f1:9d:f7:95:75:ab:38:96:76:7e:3d:b0:24:bd:d6:59:
12:d0:90:40:57:49:09:de:0d:30:4e:d6:2c:94:43:65:10:fd:
87:20:3a:0c:ed:11:bf:76:89:6d:69:8c:cf:76:90:15:48:7f:
ed:9e:34:c5:e9:c1:36:78:0c:49:03:27:3a:27:c5:09:d5:0e:
82:bc:78:7b:cb:e8:7f:31:67:fc:a3:76:2b:c7:b5:32:cc:a0:
d8:1a:7c:13:7d:95:66:17:35:16:b9:f2:ac:a1:3f:c7:ca:63:
22:45:7d:15:51:f0:e2:04:58:fa:c9:14:2f:cc:4d:43:ea:93:
4f:e3:31:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYplz3HOp4tbfPofYZLSMX5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTA1MTQ0NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJhZTZjY2Y1YmZjYjMyYWJkNDNhZGZkZTE1MzVjNDI4OWZmYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPVzg3P0ul9u3sCwCboObg6R7Z85
jqcT3ydDWqhv90JpW1iQhbLvrt5d6H2TdV6CBpJsf/bDTRr2Qq2rMcSKjxanhdtQ
IHBcGKtUdtIbQdabLJc1koCjWAREIQcbWx7GciZ4YgRnkvpFSBx7rNGsmSJOrSkO
m0ALEzer15gNweNLMTSJ8D+FiS9e0BJXBOdEbhwT0FJpqpg9Kgs1SqxCIFmUnABe
Z3Hdaq8u45teCzXMT6G3ydtQwm/K4HPUU6Mx7dyuWzzVmCcBjCI3hvoOXDB88sby
di3l6SRUwASDr3kcZQ5yGah2pzSm0eYnBe26aFcY/g4O/UCy/ymMRLd3PwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEW65sz1v8syq9Q6394VNcQon/pIMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUmJybXpQV195ektyMURyZjNoVTF4Q2lmLWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWlrAwQA
BWm6AwQABWnKMA0GCSqGSIb3DQEBCwUAA4IBAQB3kvIxIc2OD2Y/tciQPR7Oj/wM
3obysNPPqLTMu/bmYt6RUEl1MRl9PYE1I6HOegu6jwIeCnItHGgJgBcfnl2Kyjsb
xHB7/JhTspKk9FPrsBUrf14JayncaF93CgrBMD2omLojdYWRc1aKgJYnyNRm0vYx
WtM9lCuMVbn+eLGY8vGd95V1qziWdn49sCS91lkS0JBAV0kJ3g0wTtYslENlEP2H
IDoM7RG/doltaYzPdpAVSH/tnjTF6cE2eAxJAyc6J8UJ1Q6CvHh7y+h/MWf8o3Yr
x7UyzKDYGnwTfZVmFzUWufKsoT/HymMiRX0VUfDiBFj6yRQvzE1D6pNP4zGj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:37 2025 by rpki-client