Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/VrpQYwsDWRgyxc2jkotLJXbQyn8.roa
File: VrpQYwsDWRgyxc2jkotLJXbQyn8.roa (raw, json)
Hash identifier: QIzgwlI5E3pyMBDM3tZ7nRYXzsSn5XuJxT3URTOhyNw=
Subject key identifier: 56:BA:50:63:0B:03:59:18:32:C5:CD:A3:92:8B:4B:25:76:D0:CA:7F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184BEF1AFC88C69807C7EDA66E29943A9D0
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/VrpQYwsDWRgyxc2jkotLJXbQyn8.roa
Signing time: Mon 28 Nov 2022 15:53:40 +0000
ROA not before: Mon 28 Nov 2022 15:53:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.184.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:f1:af:c8:8c:69:80:7c:7e:da:66:e2:99:43:a9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 28 15:53:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56ba50630b03591832c5cda3928b4b2576d0ca7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:73:fc:c3:bf:1d:f6:fb:70:ee:61:72:37:
e0:00:22:0a:60:8c:42:7b:df:ca:c6:91:df:c0:96:
49:2a:4a:96:22:d5:7f:80:a9:24:c5:f5:f3:c8:d1:
7c:cc:d2:76:4d:05:13:cd:1a:0c:58:c8:f3:0c:a5:
3f:69:e6:d3:78:b6:f3:c0:07:f4:e4:44:de:dc:0d:
09:ed:88:5e:5c:66:d8:a1:b9:f6:0d:c9:de:c1:10:
91:f9:c1:fd:d0:12:e0:d2:27:22:22:98:e7:c8:e9:
18:d1:89:ff:e9:e6:88:7e:75:20:5a:e4:3c:6e:fe:
d2:a6:e8:cf:09:cc:c1:07:ec:2e:00:e7:a4:e5:2a:
32:6f:04:71:78:87:bb:86:55:64:f3:f2:62:b7:94:
1e:55:92:d0:35:b4:be:59:ad:1f:8e:91:5c:ba:c9:
2b:e4:50:8d:3f:f4:eb:30:3b:2c:a7:c6:02:da:ea:
7f:b8:ff:d7:4d:fe:ff:73:59:33:6f:66:f8:bc:80:
a6:54:74:c6:06:f8:a8:b8:5c:70:94:92:55:08:b1:
79:2e:d3:92:11:f7:5a:92:44:96:89:14:de:a5:49:
b6:67:32:6f:f4:01:1e:cc:cc:fe:86:5c:9c:68:5b:
5d:20:b4:75:43:aa:dd:e3:5b:5d:91:75:cc:ba:9a:
61:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BA:50:63:0B:03:59:18:32:C5:CD:A3:92:8B:4B:25:76:D0:CA:7F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/VrpQYwsDWRgyxc2jkotLJXbQyn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:91:29:9b:9c:e1:79:90:75:87:29:73:5c:39:ba:17:cd:0e:
e5:e3:c0:84:d6:6e:d0:e8:d7:b8:69:e9:4d:67:66:68:d5:92:
f6:00:ff:b3:85:de:e6:be:52:8a:71:af:52:c6:bb:66:fe:64:
c0:65:f3:44:d2:b7:1e:17:0a:5c:69:72:35:5a:d5:5c:42:37:
0d:80:0c:f9:ea:ac:7f:f0:11:78:8d:3d:0e:0e:3f:47:98:fe:
2c:c6:a9:fb:65:ce:7b:d5:55:fd:9e:c6:3e:c8:86:57:33:8a:
91:60:0a:8f:4e:a3:80:ee:5e:26:db:51:0c:fa:fc:de:cd:d3:
0d:9b:50:f0:8a:02:a5:ba:51:07:e3:84:df:94:c9:e0:32:d2:
a7:f8:4d:9e:c5:44:31:5a:89:53:c1:fe:91:8c:5c:37:f0:b9:
b2:89:db:12:cf:7e:37:49:89:3a:37:8c:c1:a7:bf:6d:9e:fb:
5c:55:12:da:6d:43:1f:51:df:0f:4c:98:46:0a:f7:16:7d:43:
33:6c:c1:17:55:cc:7f:40:4b:07:5f:e9:89:9b:8f:c1:0a:fc:
60:56:75:0d:a4:62:c5:fc:2d:2e:e4:90:53:58:2c:f5:b1:d5:
02:65:25:e5:c9:69:32:47:dd:1e:bd:b2:7c:80:3f:d1:b6:9e:
44:51:91:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS+8a/IjGmAfH7aZuKZQ6nQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTI4MTU1MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmJhNTA2MzBiMDM1OTE4MzJjNWNkYTM5MjhiNGIyNTc2ZDBjYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj1z/MO/Hfb7cO5hcjfgACIKYIxC
e9/KxpHfwJZJKkqWItV/gKkkxfXzyNF8zNJ2TQUTzRoMWMjzDKU/aebTeLbzwAf0
5ETe3A0J7YheXGbYobn2DcnewRCR+cH90BLg0iciIpjnyOkY0Yn/6eaIfnUgWuQ8
bv7SpujPCczBB+wuAOek5SoybwRxeIe7hlVk8/Jit5QeVZLQNbS+Wa0fjpFcuskr
5FCNP/TrMDssp8YC2up/uP/XTf7/c1kzb2b4vICmVHTGBviouFxwlJJVCLF5LtOS
EfdakkSWiRTepUm2ZzJv9AEezMz+hlycaFtdILR1Q6rd41tdkXXMupphNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFa6UGMLA1kYMsXNo5KLSyV20Mp/MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVnJwUVl3c0RXUmd5eGMyamtvdExKWGJReW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWm4AwQA
BWnIAwQABWnXMA0GCSqGSIb3DQEBCwUAA4IBAQDIkSmbnOF5kHWHKXNcOboXzQ7l
48CE1m7Q6Ne4aelNZ2Zo1ZL2AP+zhd7mvlKKca9Sxrtm/mTAZfNE0rceFwpcaXI1
WtVcQjcNgAz56qx/8BF4jT0ODj9HmP4sxqn7Zc571VX9nsY+yIZXM4qRYAqPTqOA
7l4m21EM+vzezdMNm1DwigKlulEH44TflMngMtKn+E2exUQxWolTwf6RjFw38Lmy
idsSz343SYk6N4zBp79tnvtcVRLabUMfUd8PTJhGCvcWfUMzbMEXVcx/QEsHX+mJ
m4/BCvxgVnUNpGLF/C0u5JBTWCz1sdUCZSXlyWkyR90evbJ8gD/Rtp5EUZGK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:40 2025 by rpki-client