Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/SorctTp_-fYOV54Vw-A22eu8fsw.roa
File: SorctTp_-fYOV54Vw-A22eu8fsw.roa (raw, json)
Hash identifier: QTXMqoenXgt9lQ95MjUE8d6LJMrkgPDueUKqHqrINtw=
Subject key identifier: 4A:8A:DC:B5:3A:7F:F9:F6:0E:57:9E:15:C3:E0:36:D9:EB:BC:7E:CC
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018608135E3E43F9F0B88B53A84090E84D2E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/SorctTp_-fYOV54Vw-A22eu8fsw.roa
Signing time: Tue 31 Jan 2023 13:45:32 +0000
ROA not before: Tue 31 Jan 2023 13:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210913
IP address blocks: 5.105.122.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:13:5e:3e:43:f9:f0:b8:8b:53:a8:40:90:e8:4d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 31 13:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8adcb53a7ff9f60e579e15c3e036d9ebbc7ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cd:2d:ad:1f:8a:5e:4d:2b:b2:f5:bb:d3:41:
0d:e9:e8:66:8f:7b:60:23:7e:8a:be:fc:5c:61:06:
37:70:19:01:e9:d7:96:4e:7f:1a:29:20:81:f6:1e:
48:d1:20:eb:b7:49:b1:9f:a4:00:c5:1d:34:6a:63:
fa:fd:7b:93:a9:1c:3e:b0:91:4a:7d:1a:b9:64:c9:
d2:7a:d6:e5:98:2a:fb:b1:d7:eb:21:a1:4d:5f:46:
b4:00:eb:6a:5e:47:6f:9e:94:3c:d3:9f:f6:93:63:
eb:fc:de:0e:be:92:1e:67:e2:97:06:78:e7:1a:13:
5d:eb:48:5d:2a:77:cb:89:0a:8e:bd:e6:4d:96:f8:
7b:61:be:b9:c9:81:8a:c7:59:9f:78:0b:52:a3:bb:
80:7c:05:80:c6:11:0f:06:82:48:bd:f7:ab:17:70:
09:ca:b1:5f:06:69:a6:2f:2b:19:99:93:e9:db:53:
78:61:71:f8:b1:cf:87:de:0e:cd:8d:17:87:1b:00:
50:89:a4:21:f8:61:21:58:31:2e:c9:8e:90:fc:a0:
d0:20:e8:f1:e7:31:c3:3b:16:63:aa:cf:9e:a6:ff:
c6:ea:ba:ab:df:f9:69:fc:2b:7d:eb:47:2d:4b:4f:
af:fa:43:6c:41:e7:19:c9:e7:0d:d5:de:12:ee:f1:
0f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8A:DC:B5:3A:7F:F9:F6:0E:57:9E:15:C3:E0:36:D9:EB:BC:7E:CC
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/SorctTp_-fYOV54Vw-A22eu8fsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.122.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:d0:05:3c:1f:0c:27:33:9e:57:01:06:ad:10:09:da:30:f8:
e2:64:7f:7b:86:3d:4b:e2:51:31:0a:52:70:38:62:39:3d:fe:
37:f7:5a:4e:b5:42:f7:65:53:e7:e3:d6:1f:a1:5f:3c:8d:8a:
cb:f4:1d:ef:2a:ec:07:6f:a9:74:9d:f5:ba:82:da:85:72:9a:
bf:c6:58:28:6f:0a:44:3c:8f:2a:8d:80:5c:16:07:fa:ac:1d:
c9:65:10:be:24:22:59:86:ef:66:68:78:5c:d9:6e:f5:64:45:
17:89:4e:5d:3a:f6:c2:98:36:09:b4:4f:31:9b:42:3c:4a:24:
e9:ec:ff:0b:aa:77:00:33:99:69:b6:dd:2f:c0:7d:ac:8b:ff:
45:43:ec:b2:f4:49:a6:f6:bb:f3:f2:c3:5d:17:b9:b3:e4:52:
d3:38:95:1b:f1:1f:e6:6b:86:c3:c9:69:25:6d:05:3b:12:83:
ed:4b:cc:a7:42:51:9f:d3:47:c4:4e:79:fd:9b:cf:b2:fc:ef:
de:e9:42:58:8f:36:ea:2d:7d:da:6e:3a:e4:6d:7c:aa:2c:63:
15:de:56:2d:ff:c4:c9:66:7d:fa:37:0b:e7:c6:ff:ab:87:e8:
47:50:2d:f9:d0:e3:1c:97:de:32:24:42:18:25:45:3e:1d:53:
86:92:cd:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYIE14+Q/nwuItTqECQ6E0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTMxMTM0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThhZGNiNTNhN2ZmOWY2MGU1NzllMTVjM2UwMzZkOWViYmM3ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM0trR+KXk0rsvW700EN6ehmj3tg
I36KvvxcYQY3cBkB6deWTn8aKSCB9h5I0SDrt0mxn6QAxR00amP6/XuTqRw+sJFK
fRq5ZMnSetblmCr7sdfrIaFNX0a0AOtqXkdvnpQ805/2k2Pr/N4OvpIeZ+KXBnjn
GhNd60hdKnfLiQqOveZNlvh7Yb65yYGKx1mfeAtSo7uAfAWAxhEPBoJIvferF3AJ
yrFfBmmmLysZmZPp21N4YXH4sc+H3g7NjReHGwBQiaQh+GEhWDEuyY6Q/KDQIOjx
5zHDOxZjqs+epv/G6rqr3/lp/Ct960ctS0+v+kNsQecZyecN1d4S7vEPgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqK3LU6f/n2DleeFcPgNtnrvH7MMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvU29yY3RUcF8tZllPVjU0VnctQTIyZXU4ZnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBWl6MA0G
CSqGSIb3DQEBCwUAA4IBAQCO0AU8HwwnM55XAQatEAnaMPjiZH97hj1L4lExClJw
OGI5Pf4391pOtUL3ZVPn49YfoV88jYrL9B3vKuwHb6l0nfW6gtqFcpq/xlgobwpE
PI8qjYBcFgf6rB3JZRC+JCJZhu9maHhc2W71ZEUXiU5dOvbCmDYJtE8xm0I8SiTp
7P8LqncAM5lptt0vwH2si/9FQ+yy9Emm9rvz8sNdF7mz5FLTOJUb8R/ma4bDyWkl
bQU7EoPtS8ynQlGf00fETnn9m8+y/O/e6UJYjzbqLX3abjrkbXyqLGMV3lYt/8TJ
Zn36Nwvnxv+rh+hHUC350OMcl94yJEIYJUU+HVOGks3X
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:07 2025 by rpki-client