Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XTL5gRFVB1apXsUPN6RCnje0c8M.roa
File: XTL5gRFVB1apXsUPN6RCnje0c8M.roa (raw, json)
Hash identifier: qOxhgpjJIa4R9KChqEV+hjQNmS9gqrzAHyo/hmwJtFc=
Subject key identifier: 5D:32:F9:81:11:55:07:56:A9:5E:C5:0F:37:A4:42:9E:37:B4:73:C3
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188B03E28AA2F25823C6770DA3378C5808C
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XTL5gRFVB1apXsUPN6RCnje0c8M.roa
Signing time: Mon 12 Jun 2023 15:34:03 +0000
ROA not before: Mon 12 Jun 2023 15:34:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 5.105.22.0/24 maxlen: 24
5.105.45.0/24 maxlen: 24
5.105.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b0:3e:28:aa:2f:25:82:3c:67:70:da:33:78:c5:80:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 12 15:34:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d32f98111550756a95ec50f37a4429e37b473c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:ca:03:a9:5f:bb:63:e6:30:50:8b:d8:d3:
bb:ef:97:11:a7:31:49:db:b5:84:96:d6:af:74:33:
f8:8d:fb:92:ef:e9:cc:3e:13:e5:ba:96:3e:c8:48:
13:f1:92:cf:33:73:31:5c:63:82:d8:be:c2:99:5c:
fe:11:7e:13:a0:ea:61:42:68:54:32:f6:82:45:55:
82:98:64:95:69:02:da:41:1d:c2:9b:43:5c:06:6a:
81:1b:b5:e3:14:21:2f:3c:19:29:67:30:38:b7:c1:
37:f5:9a:d2:78:48:0f:82:df:35:45:10:0a:77:0f:
b4:af:4c:78:31:c9:8c:f2:3c:7e:1f:e3:a3:18:59:
5c:4f:b3:0e:0c:1d:35:63:a1:1a:2e:0a:98:b6:36:
8b:19:f1:a7:5f:8a:af:b9:86:a9:d9:63:93:77:6b:
10:6d:92:f0:87:73:99:c2:46:8b:93:fa:76:13:d3:
c1:3d:1c:9d:4b:09:fe:79:93:d9:71:d0:a0:87:ae:
3f:df:64:00:6c:90:7c:7b:60:6a:70:c1:d1:8a:dd:
a7:fd:61:a8:20:18:50:84:ba:2b:fb:65:80:84:30:
2e:d0:11:10:8a:f5:b6:ee:81:0c:e2:70:9d:8d:b8:
28:bd:ce:e5:82:f6:b7:7c:3d:a1:ec:ff:67:25:5e:
1a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:32:F9:81:11:55:07:56:A9:5E:C5:0F:37:A4:42:9E:37:B4:73:C3
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XTL5gRFVB1apXsUPN6RCnje0c8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.22.0/24
5.105.45.0/24
5.105.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:3d:30:10:90:a7:5e:09:7d:5b:70:56:f0:f9:53:d4:37:70:
8d:07:98:70:58:16:78:4c:8e:9f:cc:b5:75:e4:38:e6:d1:5b:
4b:0e:6a:0a:5a:b6:1b:58:a4:6c:f7:97:d1:f4:be:b1:fa:51:
1d:80:56:6a:b4:64:61:d7:02:18:7d:98:45:90:bd:db:d2:64:
1c:8b:ec:49:7e:c3:ff:21:6b:44:e0:5a:52:b4:55:94:ee:56:
e1:f7:f0:1b:b1:dc:4b:7a:58:23:21:09:09:b4:db:c0:d0:c2:
2c:10:0e:c4:1b:8e:33:2a:ff:f1:33:4e:d5:75:63:de:cc:d8:
6d:3f:5f:98:e1:2f:42:38:e3:21:23:6a:0d:68:90:90:a9:fd:
28:be:1f:c6:21:67:94:e0:51:a8:fc:01:31:02:c8:81:cb:91:
ce:fb:7a:28:3d:f1:f0:54:17:1b:c4:11:b7:fb:aa:86:02:0a:
e3:39:95:09:2f:ac:b7:46:83:3c:8b:46:f0:a7:0f:02:b2:87:
64:0b:af:33:f8:b4:a8:97:95:1e:d6:e2:3e:98:77:32:ae:73:
a4:ec:fe:37:c5:7e:bd:4e:49:51:ba:5f:f0:d9:07:35:56:ad:
75:17:ca:de:34:9c:f3:5d:24:21:f5:bd:25:49:4d:c6:4e:fd:
50:79:18:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiwPiiqLyWCPGdw2jN4xYCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjEyMTUzNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMyZjk4MTExNTUwNzU2YTk1ZWM1MGYzN2E0NDI5ZTM3YjQ3M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9zKA6lfu2PmMFCL2NO775cRpzFJ
27WEltavdDP4jfuS7+nMPhPlupY+yEgT8ZLPM3MxXGOC2L7CmVz+EX4ToOphQmhU
MvaCRVWCmGSVaQLaQR3Cm0NcBmqBG7XjFCEvPBkpZzA4t8E39ZrSeEgPgt81RRAK
dw+0r0x4McmM8jx+H+OjGFlcT7MODB01Y6EaLgqYtjaLGfGnX4qvuYap2WOTd2sQ
bZLwh3OZwkaLk/p2E9PBPRydSwn+eZPZcdCgh64/32QAbJB8e2BqcMHRit2n/WGo
IBhQhLor+2WAhDAu0BEQivW27oEM4nCdjbgovc7lgva3fD2h7P9nJV4atwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF0y+YERVQdWqV7FDzekQp43tHPDMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvWFRMNWdSRlZCMWFwWHNVUE42UkNuamUwYzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkWAwQA
BWktAwQABWkvMA0GCSqGSIb3DQEBCwUAA4IBAQBePTAQkKdeCX1bcFbw+VPUN3CN
B5hwWBZ4TI6fzLV15Djm0VtLDmoKWrYbWKRs95fR9L6x+lEdgFZqtGRh1wIYfZhF
kL3b0mQci+xJfsP/IWtE4FpStFWU7lbh9/AbsdxLelgjIQkJtNvA0MIsEA7EG44z
Kv/xM07VdWPezNhtP1+Y4S9COOMhI2oNaJCQqf0ovh/GIWeU4FGo/AExAsiBy5HO
+3ooPfHwVBcbxBG3+6qGAgrjOZUJL6y3RoM8i0bwpw8CsodkC68z+LSol5Ue1uI+
mHcyrnOk7P43xX69TklRul/w2Qc1Vq11F8reNJzzXSQh9b0lSU3GTv1QeRhA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:05 2025 by rpki-client