Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XpvN_f1mKeVt14LwUg3YEEPDdQA.roa
File: XpvN_f1mKeVt14LwUg3YEEPDdQA.roa (raw, json)
Hash identifier: R40lKW8w2Ix6ma9vLnK4PA5FaazlKHmFgozRnD8yiCw=
Subject key identifier: 5E:9B:CD:FD:FD:66:29:E5:6D:D7:82:F0:52:0D:D8:10:43:C3:75:00
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0185463DEE36B48952D6CD1790935D5299FF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XpvN_f1mKeVt14LwUg3YEEPDdQA.roa
Signing time: Sat 24 Dec 2022 22:25:41 +0000
ROA not before: Sat 24 Dec 2022 22:25:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210993
IP address blocks: 5.105.48.0/24 maxlen: 24
5.105.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:46:3d:ee:36:b4:89:52:d6:cd:17:90:93:5d:52:99:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 24 22:25:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e9bcdfdfd6629e56dd782f0520dd81043c37500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1b:8e:b1:5e:d9:41:ec:ea:03:67:2c:d4:1a:
50:2c:33:c2:cc:1a:04:86:99:b6:6a:57:42:f5:86:
0f:6a:37:00:66:76:e6:8f:82:00:c7:d5:09:66:0d:
29:d9:e8:42:f0:a7:65:1f:ea:e2:57:46:5f:34:6f:
45:5e:bc:25:d3:0a:2b:3c:79:cb:72:de:ca:5c:f6:
98:5d:fd:a4:5a:8f:cf:65:53:e5:6c:56:b5:04:72:
3e:d0:e8:8b:55:c6:1e:f6:7d:0c:c0:5a:bd:b4:7b:
9a:26:49:3b:38:25:0b:e9:c7:f2:54:ca:6b:28:d8:
b0:d8:55:47:7b:5a:7a:9e:68:9f:19:ea:20:a8:4e:
b8:07:0c:32:cc:38:e3:b2:a6:8b:eb:9b:f4:bd:eb:
3d:d0:36:6a:3f:2b:34:10:2e:1d:d1:ec:55:18:fe:
33:24:74:56:a3:a6:5c:3e:a5:b4:8e:06:63:78:8d:
e7:86:54:3d:70:0a:7b:8a:00:9f:fd:97:63:f0:6b:
64:1d:d7:6e:72:70:8d:15:26:44:86:02:9b:ca:6b:
95:48:0b:b6:a2:0d:0a:24:e6:71:63:d3:30:3e:bc:
03:86:fc:1f:a9:e0:fd:f7:7e:d1:84:28:4e:ea:4d:
76:21:b9:e7:c3:54:06:96:c3:5b:66:8a:7b:77:c7:
a1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9B:CD:FD:FD:66:29:E5:6D:D7:82:F0:52:0D:D8:10:43:C3:75:00
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XpvN_f1mKeVt14LwUg3YEEPDdQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.48.0/23
Signature Algorithm: sha256WithRSAEncryption
23:63:2b:48:79:8d:ef:fa:53:b4:dc:e2:1d:59:f6:4b:3c:96:
67:23:47:30:d3:cd:25:e0:e4:87:75:fb:a7:fd:e6:b7:7a:4d:
41:ee:f9:94:20:c5:05:d9:49:34:43:c7:5b:83:7e:1d:20:9c:
81:ad:bb:5b:98:e0:75:77:e8:3a:5f:c8:d5:d6:9c:74:bb:a7:
70:d1:f2:fd:79:11:b4:8a:f3:ad:72:8e:8c:95:d7:90:b7:5d:
cf:f5:28:ae:a2:5f:62:35:3e:c7:0b:d3:8a:92:d6:c1:1f:c3:
b8:c9:33:a0:6a:c9:64:fa:6b:7b:7a:5c:69:7a:3c:e1:84:cb:
34:3a:b0:5c:10:dd:b1:34:ae:e1:4f:d6:9e:2f:70:6f:dc:1e:
44:a6:c8:a7:1a:02:7f:68:d5:b2:64:28:d2:7f:dc:64:10:9f:
e5:28:d3:48:ab:b1:68:2b:74:23:1c:77:1c:ac:89:c4:3e:98:
23:5f:7c:09:4d:7f:15:6a:d2:d6:12:3a:2e:f9:fd:79:0e:cf:
ce:42:39:de:fa:3f:73:45:3a:f2:0b:59:5e:dc:9f:54:f4:da:
45:58:22:a4:51:cb:fb:a6:5e:2e:42:ef:bf:46:58:59:7a:2b:
63:ed:c7:fa:62:9a:9e:b3:6e:65:b2:f5:a4:f8:0c:23:9a:7f:
e8:0c:d6:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVGPe42tIlS1s0XkJNdUpn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjI0MjIyNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTliY2RmZGZkNjYyOWU1NmRkNzgyZjA1MjBkZDgxMDQzYzM3NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRuOsV7ZQezqA2cs1BpQLDPCzBoE
hpm2aldC9YYPajcAZnbmj4IAx9UJZg0p2ehC8KdlH+riV0ZfNG9FXrwl0worPHnL
ct7KXPaYXf2kWo/PZVPlbFa1BHI+0OiLVcYe9n0MwFq9tHuaJkk7OCUL6cfyVMpr
KNiw2FVHe1p6nmifGeogqE64BwwyzDjjsqaL65v0ves90DZqPys0EC4d0exVGP4z
JHRWo6ZcPqW0jgZjeI3nhlQ9cAp7igCf/Zdj8GtkHdducnCNFSZEhgKbymuVSAu2
og0KJOZxY9MwPrwDhvwfqeD9937RhChO6k12Ibnnw1QGlsNbZop7d8eh7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6bzf39ZinlbdeC8FIN2BBDw3UAMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvWHB2Tl9mMW1LZVZ0MTRMd1VnM1lFRVBEZFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBWkwMA0G
CSqGSIb3DQEBCwUAA4IBAQAjYytIeY3v+lO03OIdWfZLPJZnI0cw080l4OSHdfun
/ea3ek1B7vmUIMUF2Uk0Q8dbg34dIJyBrbtbmOB1d+g6X8jV1px0u6dw0fL9eRG0
ivOtco6MldeQt13P9Siuol9iNT7HC9OKktbBH8O4yTOgaslk+mt7elxpejzhhMs0
OrBcEN2xNK7hT9aeL3Bv3B5EpsinGgJ/aNWyZCjSf9xkEJ/lKNNIq7FoK3QjHHcc
rInEPpgjX3wJTX8VatLWEjou+f15Ds/OQjne+j9zRTryC1le3J9U9NpFWCKkUcv7
pl4uQu+/RlhZeitj7cf6Ypqes25lsvWk+Awjmn/oDNb/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org