Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_0PwW8pkREUkY66iWDG9Ullvtj8.roa
File: _0PwW8pkREUkY66iWDG9Ullvtj8.roa (raw, json)
Hash identifier: D9oFGVC0IPfkN2JwgYgm92B8w+MnFpdM8+y+MDTwElQ=
Subject key identifier: FF:43:F0:5B:CA:64:44:45:24:63:AE:A2:58:31:BD:52:59:6F:B6:3F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018B1596A4D503BC6211EABB99B6130132B1
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_0PwW8pkREUkY66iWDG9Ullvtj8.roa
Signing time: Mon 09 Oct 2023 17:57:55 +0000
ROA not before: Mon 09 Oct 2023 17:57:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 5.105.250.0/24 maxlen: 24
5.105.251.0/24 maxlen: 24
5.105.255.0/24 maxlen: 24
5.105.254.0/24 maxlen: 24
5.105.160.0/24 maxlen: 24
5.105.191.0/24 maxlen: 24
5.105.190.0/24 maxlen: 24
5.105.192.0/24 maxlen: 24
5.105.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:96:a4:d5:03:bc:62:11:ea:bb:99:b6:13:01:32:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 9 17:57:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff43f05bca6444452463aea25831bd52596fb63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:40:99:4a:dd:0c:44:8b:d3:7c:a4:64:cc:c1:
de:77:f7:ab:4d:d6:f4:65:27:36:a5:99:0d:80:9a:
2f:67:00:d2:cf:3f:0a:5f:44:e5:1a:70:30:4b:e8:
65:8c:da:1c:e9:d3:1d:4a:af:15:cb:bc:a0:9d:80:
18:4f:b5:c4:5b:c0:01:79:49:34:c0:a5:46:09:98:
25:3a:44:fd:eb:c9:e3:b3:0b:27:ad:69:7f:97:4b:
e5:6b:46:d8:cf:46:69:49:90:93:fa:46:88:ef:2a:
bd:0e:0a:fe:31:62:2a:f1:dd:f0:b4:81:f2:b3:88:
50:46:2a:9c:2d:84:4b:ef:b9:6b:a6:7a:92:c2:56:
92:6b:48:66:c0:e4:1e:a3:40:c1:a0:a5:7c:e3:40:
59:1e:23:47:50:8d:e5:64:62:a8:c4:0c:ab:e6:aa:
cc:0e:c9:ad:ec:dd:fe:bb:5e:e5:29:02:3b:ef:41:
34:e7:9c:ea:b4:a5:7b:df:17:ef:2f:2b:6b:b6:28:
ad:a8:d6:9d:77:00:05:e0:e1:6d:d8:d0:1f:dc:4d:
59:55:62:44:98:e1:3b:c6:57:02:ce:23:81:e5:37:
88:3a:f4:74:e7:5a:a7:4a:27:b8:a0:9a:e2:16:e0:
92:02:47:b4:92:d4:61:2a:e1:24:19:a7:af:56:d7:
12:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:43:F0:5B:CA:64:44:45:24:63:AE:A2:58:31:BD:52:59:6F:B6:3F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_0PwW8pkREUkY66iWDG9Ullvtj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.160.0/24
5.105.190.0-5.105.192.255
5.105.194.0/24
5.105.250.0/23
5.105.254.0/23
Signature Algorithm: sha256WithRSAEncryption
36:e2:d2:92:51:f8:6b:cc:ad:81:a8:a9:2f:c8:e9:81:bc:09:
76:05:34:df:e7:9e:f3:2f:57:66:ce:c4:34:d2:d6:6a:de:97:
b8:03:d5:bf:50:5f:ab:52:ef:b3:40:05:c8:62:cb:67:2c:b2:
38:e8:f3:ba:e6:7c:e0:11:dd:a6:61:c3:12:5b:d6:86:8e:bc:
cd:75:cd:6b:59:1c:ee:59:91:e3:4d:78:9a:d0:55:6b:9e:0d:
5e:9b:60:e1:3b:56:8f:e8:bd:7d:ef:38:57:ec:18:cf:62:27:
9c:7d:a0:63:12:ea:8f:d0:28:58:98:d2:35:09:c0:79:71:b1:
38:6d:08:aa:b0:37:a4:54:75:2b:61:ce:b5:e2:d0:45:72:fc:
d5:0d:92:15:f5:d4:19:eb:6e:e4:28:54:f8:bb:fe:1c:14:d6:
be:2f:29:44:7c:2c:8d:b5:1a:fd:53:ac:bc:18:65:ad:06:5d:
5d:ec:6d:af:42:81:5f:16:95:42:4e:07:d8:fd:e5:71:b7:fb:
c6:21:0b:cb:f2:99:6e:64:70:d4:02:f5:d5:12:c9:e3:dd:49:
5a:e2:43:58:fc:95:f2:1f:84:2c:09:39:26:f9:46:37:0e:e3:
c1:83:05:89:11:af:04:33:6d:e0:aa:2d:e8:15:ef:6f:20:c9:
ca:7f:1b:c1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYsVlqTVA7xiEeq7mbYTATKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMxMDA5MTc1NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQzZjA1YmNhNjQ0NDQ1MjQ2M2FlYTI1ODMxYmQ1MjU5NmZiNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ECZSt0MRIvTfKRkzMHed/erTdb0
ZSc2pZkNgJovZwDSzz8KX0TlGnAwS+hljNoc6dMdSq8Vy7ygnYAYT7XEW8ABeUk0
wKVGCZglOkT968njswsnrWl/l0vla0bYz0ZpSZCT+kaI7yq9Dgr+MWIq8d3wtIHy
s4hQRiqcLYRL77lrpnqSwlaSa0hmwOQeo0DBoKV840BZHiNHUI3lZGKoxAyr5qrM
Dsmt7N3+u17lKQI770E055zqtKV73xfvLytrtiitqNaddwAF4OFt2NAf3E1ZVWJE
mOE7xlcCziOB5TeIOvR051qnSie4oJriFuCSAke0ktRhKuEkGaevVtcSWQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP9D8FvKZERFJGOuolgxvVJZb7Y/MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvXzBQd1c4cGtSRVVrWTY2aVdERzlVbGx2dGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABWmgMAwD
BAEFab4DBAAFacADBAAFacIDBAEFafoDBAEFaf4wDQYJKoZIhvcNAQELBQADggEB
ADbi0pJR+GvMrYGoqS/I6YG8CXYFNN/nnvMvV2bOxDTS1mrel7gD1b9QX6tS77NA
Bchiy2cssjjo87rmfOAR3aZhwxJb1oaOvM11zWtZHO5ZkeNNeJrQVWueDV6bYOE7
Vo/ovX3vOFfsGM9iJ5x9oGMS6o/QKFiY0jUJwHlxsThtCKqwN6RUdSthzrXi0EVy
/NUNkhX11BnrbuQoVPi7/hwU1r4vKUR8LI21Gv1TrLwYZa0GXV3sba9CgV8WlUJO
B9j95XG3+8YhC8vymW5kcNQC9dUSyePdSVriQ1j8lfIfhCwJOSb5RjcO48GDBYkR
rwQzbeCqLegV728gycp/G8E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:40 2025 by rpki-client