Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/S6129A7NKSdkwNhot0kNtvBI-aI.roa
File: S6129A7NKSdkwNhot0kNtvBI-aI.roa (raw, json)
Hash identifier: NTM2nrt6hMsP3UVbcNn8cQoxW6GPNrDIy+tB+D4vWmM=
Subject key identifier: 4B:AD:76:F4:0E:CD:29:27:64:C0:D8:68:B7:49:0D:B6:F0:48:F9:A2
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5A9A99DA7E1F9C5B7E8491D99886E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/S6129A7NKSdkwNhot0kNtvBI-aI.roa
Signing time: Sun 01 Jan 2023 05:54:51 +0000
ROA not before: Sun 01 Jan 2023 05:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 5.105.91.0/24 maxlen: 24
5.105.90.0/24 maxlen: 24
5.105.92.0/24 maxlen: 24
5.105.93.0/24 maxlen: 24
5.105.223.0/24 maxlen: 24
5.105.222.0/24 maxlen: 24
5.105.224.0/24 maxlen: 24
5.105.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:a9:a9:9d:a7:e1:f9:c5:b7:e8:49:1d:99:88:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bad76f40ecd292764c0d868b7490db6f048f9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:67:c8:c2:fc:35:26:a7:d3:5d:37:91:fe:
6b:3c:c6:92:02:1a:e8:3a:83:a8:5c:a0:44:03:11:
2d:ea:c2:21:ee:f6:da:44:4d:e1:41:37:78:50:30:
b8:53:2c:81:dd:5d:79:66:5e:78:1a:df:ca:73:5a:
40:0a:91:f7:c1:d1:de:77:48:90:54:3f:a9:6a:0f:
27:e5:e2:90:10:98:6f:ac:b1:60:fa:b7:fc:e5:56:
f4:21:f1:d4:2b:cc:46:88:3a:3c:1f:1d:15:a9:86:
86:8d:77:1e:cf:9c:a0:39:a2:08:52:1b:af:de:7a:
8d:46:1a:5b:9c:da:59:64:72:da:f1:38:0a:e7:c1:
c6:6f:27:1a:24:6a:03:cd:cf:d0:2f:3a:cc:d6:c6:
2d:53:29:38:2e:e6:6b:00:48:c8:dd:06:6d:11:db:
a9:0c:b0:db:5e:99:91:2b:90:ef:7b:7f:1d:b2:55:
92:d6:38:53:b9:62:cd:33:4b:7f:2a:70:d9:48:b5:
86:29:ea:67:ad:7c:a5:c0:c2:2c:e1:13:53:99:f9:
c5:58:82:cd:0d:5f:d9:26:62:20:01:86:cb:c2:d5:
f8:fd:ce:f3:b8:cb:b5:c4:00:ce:ec:ae:32:fa:ce:
c3:7e:d3:4a:a0:13:56:0c:5f:45:9c:1d:43:ea:7d:
99:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AD:76:F4:0E:CD:29:27:64:C0:D8:68:B7:49:0D:B6:F0:48:F9:A2
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/S6129A7NKSdkwNhot0kNtvBI-aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.90.0-5.105.93.255
5.105.222.0-5.105.225.255
Signature Algorithm: sha256WithRSAEncryption
c0:4b:40:66:57:b4:9b:6e:4e:2b:49:35:80:b1:e4:8b:16:4b:
fb:71:5f:a3:e7:b9:99:0f:07:31:05:e5:ba:49:cb:83:61:75:
12:0a:21:74:e5:c4:bc:48:8e:3b:eb:00:b6:2c:53:9f:33:af:
29:6f:92:3d:12:09:1c:5b:e2:69:c5:73:29:27:d3:6c:46:93:
24:01:d6:3d:84:ee:21:bc:8a:25:f8:14:a1:5d:ad:64:5c:ba:
b8:48:d4:d4:2b:0c:11:92:97:fb:94:aa:b4:48:2a:0a:b1:c5:
fe:0b:2f:b1:f0:bf:db:50:dc:68:f2:6c:db:8e:b8:7c:3f:a4:
c0:12:e3:58:c3:fa:4d:3f:23:dc:3e:76:1a:8f:32:b6:27:0c:
36:c9:2d:92:d4:55:81:24:4e:cc:0c:39:65:1a:fa:b6:e5:48:
9a:8a:00:9e:70:75:11:13:90:a3:d1:cc:79:6c:d4:6b:f2:31:
f3:98:81:a5:40:7d:20:73:4e:73:21:6c:86:7a:0e:c3:21:57:
fb:63:49:cb:76:69:1a:60:43:1a:13:51:8c:9e:92:bb:f6:63:
be:5a:0a:20:5e:1e:3c:10:ae:cb:0b:18:22:2f:4d:4f:73:e4:
e5:7d:27:5e:c3:39:ed:bf:bb:ba:01:d5:ee:65:9d:c3:e4:f6:
45:f0:73:55
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVr5ampnafh+cW36EkdmYhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFkNzZmNDBlY2QyOTI3NjRjMGQ4NjhiNzQ5MGRiNmYwNDhmOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtchnyML8NSan0103kf5rPMaSAhro
OoOoXKBEAxEt6sIh7vbaRE3hQTd4UDC4UyyB3V15Zl54Gt/Kc1pACpH3wdHed0iQ
VD+pag8n5eKQEJhvrLFg+rf85Vb0IfHUK8xGiDo8Hx0VqYaGjXcez5ygOaIIUhuv
3nqNRhpbnNpZZHLa8TgK58HGbycaJGoDzc/QLzrM1sYtUyk4LuZrAEjI3QZtEdup
DLDbXpmRK5Dve38dslWS1jhTuWLNM0t/KnDZSLWGKepnrXylwMIs4RNTmfnFWILN
DV/ZJmIgAYbLwtX4/c7zuMu1xADO7K4y+s7DftNKoBNWDF9FnB1D6n2ZSwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEutdvQOzSknZMDYaLdJDbbwSPmiMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUzYxMjlBN05LU2Rrd05ob3Qwa050dkJJLWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAEFaVoD
BAEFaVwwDAMEAQVp3gMEAQVp4DANBgkqhkiG9w0BAQsFAAOCAQEAwEtAZle0m25O
K0k1gLHkixZL+3Ffo+e5mQ8HMQXluknLg2F1EgohdOXEvEiOO+sAtixTnzOvKW+S
PRIJHFviacVzKSfTbEaTJAHWPYTuIbyKJfgUoV2tZFy6uEjU1CsMEZKX+5SqtEgq
CrHF/gsvsfC/21DcaPJs2464fD+kwBLjWMP6TT8j3D52Go8yticMNsktktRVgSRO
zAw5ZRr6tuVImooAnnB1EROQo9HMeWzUa/Ix85iBpUB9IHNOcyFshnoOwyFX+2NJ
y3ZpGmBDGhNRjJ6Su/ZjvloKIF4ePBCuywsYIi9NT3Pk5X0nXsM57b+7ugHV7mWd
w+T2RfBzVQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:21 2025 by rpki-client