Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/TctnFSeUCAO-uNDlBXyWg02RlQ4.roa
File: TctnFSeUCAO-uNDlBXyWg02RlQ4.roa (raw, json)
Hash identifier: AcVQwl0ou6pKAOJpqhqnC7hqa8ePYOYrKvWozKZokVY=
Subject key identifier: 4D:CB:67:15:27:94:08:03:BE:B8:D0:E5:05:7C:96:83:4D:91:95:0E
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187EAF9330BE0255B229733D678D1C83421
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/TctnFSeUCAO-uNDlBXyWg02RlQ4.roa
Signing time: Fri 05 May 2023 08:13:32 +0000
ROA not before: Fri 05 May 2023 08:13:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 5.105.166.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ea:f9:33:0b:e0:25:5b:22:97:33:d6:78:d1:c8:34:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: May 5 08:13:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dcb671527940803beb8d0e5057c96834d91950e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a9:30:60:20:e5:5d:88:1d:c7:f2:79:63:64:
01:5c:8e:8e:77:ef:c7:71:3d:90:f1:33:ac:5e:36:
d5:d5:5a:48:13:00:82:51:5a:e2:a5:23:bd:c8:ab:
c4:e4:58:db:50:b1:b0:d0:11:2f:2b:1b:be:90:5f:
2e:ce:6c:83:b5:dd:56:cb:8d:4f:05:fa:35:16:45:
8f:ee:cc:3b:d3:cd:6d:46:ce:dd:6f:e2:9d:01:b9:
35:79:7d:2a:1c:68:21:a2:c9:44:85:5c:1d:38:1c:
e3:d3:5b:b2:92:fc:90:5d:f5:83:9c:28:4b:f6:b4:
3f:d8:70:95:d5:da:3e:b6:ce:e2:05:46:ab:c2:d4:
c2:55:0e:ca:c7:e4:76:38:5c:2f:df:4f:6e:ea:06:
57:eb:50:a9:0c:39:46:34:25:ef:0b:25:31:12:9b:
80:49:8d:31:45:31:36:37:d0:14:32:13:a9:52:1e:
de:06:55:9f:f6:16:b9:c0:6f:8c:55:c8:bb:5a:a9:
09:68:9f:85:b2:d5:15:ce:6a:cb:46:91:9b:d0:86:
39:17:46:ba:c2:ef:11:83:c3:b2:f4:dd:8b:ae:75:
3f:96:7c:81:f6:b4:fd:4e:d3:81:26:26:64:df:db:
f0:6a:02:84:32:6c:e5:8b:54:ea:85:5e:a1:ae:96:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CB:67:15:27:94:08:03:BE:B8:D0:E5:05:7C:96:83:4D:91:95:0E
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/TctnFSeUCAO-uNDlBXyWg02RlQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.69.0/24
5.105.166.0/24
5.105.206.0/24
Signature Algorithm: sha256WithRSAEncryption
93:b2:ae:f7:fd:0e:c0:fc:bf:f2:57:4d:fc:23:e2:2c:ce:9d:
2f:36:f4:16:98:93:c9:98:75:f5:18:6e:e1:b7:d9:3b:ca:1f:
43:a5:ed:35:3f:3a:78:bc:57:cf:db:b9:13:89:41:19:49:89:
e9:b8:51:c8:3d:2d:67:4d:81:82:79:c4:52:0f:dd:ff:9c:6e:
41:fb:99:03:da:4c:ed:36:8d:1b:bb:27:96:01:d1:44:e9:cc:
07:2a:3b:95:dd:a0:14:71:23:5c:0c:a3:4d:eb:21:8c:b1:7c:
ce:cd:95:f6:77:7a:fb:fa:23:17:28:e0:14:71:68:97:65:de:
10:79:0e:83:e0:60:47:9e:fe:e5:ac:23:2b:0d:c0:12:b4:0a:
76:04:56:e3:bd:57:89:d4:7a:aa:d3:29:fd:be:85:9b:e5:eb:
a2:a4:13:ca:fe:32:54:f9:e2:8d:b7:f8:11:60:97:fd:0a:ce:
a4:0d:7f:08:5e:a7:27:f6:7e:b7:93:9b:8c:38:cc:58:8d:62:
3e:d5:c9:a7:3c:7f:eb:5c:1c:bb:59:f0:05:e1:aa:fb:a9:09:
f3:48:f2:bd:5d:73:87:f0:c4:bd:8b:ec:73:b9:28:e4:10:5a:
3f:c7:8a:ac:f9:fb:eb:18:08:64:77:91:6f:7f:03:e6:a8:a2:
e0:d6:cb:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfq+TML4CVbIpcz1njRyDQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTA1MDgxMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNiNjcxNTI3OTQwODAzYmViOGQwZTUwNTdjOTY4MzRkOTE5NTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6kwYCDlXYgdx/J5Y2QBXI6Od+/H
cT2Q8TOsXjbV1VpIEwCCUVripSO9yKvE5FjbULGw0BEvKxu+kF8uzmyDtd1Wy41P
Bfo1FkWP7sw7081tRs7db+KdAbk1eX0qHGghoslEhVwdOBzj01uykvyQXfWDnChL
9rQ/2HCV1do+ts7iBUarwtTCVQ7Kx+R2OFwv309u6gZX61CpDDlGNCXvCyUxEpuA
SY0xRTE2N9AUMhOpUh7eBlWf9ha5wG+MVci7WqkJaJ+FstUVzmrLRpGb0IY5F0a6
wu8Rg8Oy9N2LrnU/lnyB9rT9TtOBJiZk39vwagKEMmzli1TqhV6hrpYO/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE3LZxUnlAgDvrjQ5QV8loNNkZUOMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVGN0bkZTZVVDQU8tdU5EbEJYeVdnMDJSbFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWlFAwQA
BWmmAwQABWnOMA0GCSqGSIb3DQEBCwUAA4IBAQCTsq73/Q7A/L/yV038I+Iszp0v
NvQWmJPJmHX1GG7ht9k7yh9Dpe01Pzp4vFfP27kTiUEZSYnpuFHIPS1nTYGCecRS
D93/nG5B+5kD2kztNo0buyeWAdFE6cwHKjuV3aAUcSNcDKNN6yGMsXzOzZX2d3r7
+iMXKOAUcWiXZd4QeQ6D4GBHnv7lrCMrDcAStAp2BFbjvVeJ1Hqq0yn9voWb5eui
pBPK/jJU+eKNt/gRYJf9Cs6kDX8IXqcn9n63k5uMOMxYjWI+1cmnPH/rXBy7WfAF
4ar7qQnzSPK9XXOH8MS9i+xzuSjkEFo/x4qs+fvrGAhkd5FvfwPmqKLg1sv1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:14 2025 by rpki-client