Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_hykrN_C281P5nvM3hWRUZc-KJ8.roa
File: _hykrN_C281P5nvM3hWRUZc-KJ8.roa (raw, json)
Hash identifier: iakPrIKuDEh3rxcNOT0F4pxpPbvYSaFjOuWpylxTghw=
Subject key identifier: FE:1C:A4:AC:DF:C2:DB:CD:4F:E6:7B:CC:DE:15:91:51:97:3E:28:9F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018475F16201B12E2850A419337C1C4C8BEF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_hykrN_C281P5nvM3hWRUZc-KJ8.roa
Signing time: Mon 14 Nov 2022 11:41:04 +0000
ROA not before: Mon 14 Nov 2022 11:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 5.105.196.0/24 maxlen: 24
5.105.212.0/24 maxlen: 24
5.105.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:f1:62:01:b1:2e:28:50:a4:19:33:7c:1c:4c:8b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 14 11:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe1ca4acdfc2dbcd4fe67bccde159151973e289f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:13:1b:e4:ff:9c:dd:36:cd:92:73:e5:8a:2d:
8c:ae:ce:9b:13:8b:26:8a:d4:70:d3:4a:e2:6f:88:
eb:d3:0c:08:ba:1a:7c:e0:4a:c4:5c:38:ab:45:88:
83:5c:2d:76:15:67:47:39:b2:92:c9:e6:8d:03:de:
cc:ed:ba:4a:ce:29:ec:9f:47:a2:af:d9:23:14:76:
94:3d:71:5f:eb:34:90:f0:bb:50:34:c2:97:4d:5e:
e4:d3:94:87:d0:95:09:61:1a:85:69:b7:38:26:a5:
15:10:f7:20:9c:93:62:7f:28:23:77:c2:df:c4:61:
57:39:03:70:be:7b:f2:30:db:70:e7:2e:b4:a0:2b:
01:f6:3f:1c:6c:e6:e1:d7:fd:bc:77:19:0b:b6:26:
1c:55:6c:6b:4b:1a:a7:c4:24:f5:ae:b5:e1:81:88:
d7:9f:20:97:f8:9d:41:f2:4b:80:57:6b:1d:92:bb:
83:fe:db:17:1d:a5:4e:47:a8:70:18:de:6d:86:28:
b0:ce:a9:e8:16:6d:ef:b3:2c:28:4e:e7:f0:e4:a8:
a7:27:0f:4f:b4:02:55:9d:c0:22:cc:ac:75:8e:21:
81:32:3f:4c:9c:20:5c:20:74:e5:1d:3c:0d:65:0a:
70:e9:7b:2c:ae:e4:87:61:8c:1f:86:d7:bd:67:a5:
86:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1C:A4:AC:DF:C2:DB:CD:4F:E6:7B:CC:DE:15:91:51:97:3E:28:9F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_hykrN_C281P5nvM3hWRUZc-KJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.3.0/24
5.105.196.0/24
5.105.212.0/24
Signature Algorithm: sha256WithRSAEncryption
32:73:ce:28:16:42:71:14:1f:d5:25:ef:31:6a:0a:12:30:eb:
77:2b:61:c5:aa:0c:3b:59:c4:7a:9f:12:22:f5:75:9f:ec:96:
98:05:d7:07:25:09:01:c5:f5:92:64:77:56:ce:5b:f8:a9:bc:
19:c7:e3:19:e5:36:67:d9:39:5e:67:fc:dd:37:26:84:a1:21:
d2:2a:31:95:5f:9e:7f:6b:a0:e1:65:d0:b8:f5:c8:6a:d2:61:
7a:9f:4d:70:ee:68:31:64:e6:60:71:7a:dd:99:08:e1:e4:ee:
31:db:06:c5:d7:61:db:e9:df:9f:b6:9f:31:39:68:c8:1d:c7:
b7:10:0c:0f:b2:43:e4:97:ea:77:ec:7d:43:df:ff:51:61:f0:
b0:2b:b7:54:71:8a:e2:ce:65:80:95:38:91:7f:f4:e8:bc:cd:
3b:0f:ca:8f:2a:b6:e3:72:b9:0e:e6:c3:b7:d2:89:5c:3a:97:
df:c7:71:b7:84:55:f1:8a:1d:d8:81:9d:d6:5d:fd:d0:4b:cd:
40:8c:cd:8b:f5:98:30:64:8a:a6:a2:3c:45:04:f5:2b:2c:61:
56:a9:f1:89:f8:e3:c9:b1:15:4f:3f:c3:30:e1:a0:24:7b:b3:
fb:1c:3a:e3:b8:af:4c:49:49:3b:49:3d:d3:a5:8b:7d:20:30:
ab:6d:c5:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYR18WIBsS4oUKQZM3wcTIvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTE0MTE0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTFjYTRhY2RmYzJkYmNkNGZlNjdiY2NkZTE1OTE1MTk3M2UyODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRMb5P+c3TbNknPlii2Mrs6bE4sm
itRw00rib4jr0wwIuhp84ErEXDirRYiDXC12FWdHObKSyeaNA97M7bpKzinsn0ei
r9kjFHaUPXFf6zSQ8LtQNMKXTV7k05SH0JUJYRqFabc4JqUVEPcgnJNifygjd8Lf
xGFXOQNwvnvyMNtw5y60oCsB9j8cbObh1/28dxkLtiYcVWxrSxqnxCT1rrXhgYjX
nyCX+J1B8kuAV2sdkruD/tsXHaVOR6hwGN5thiiwzqnoFm3vsywoTufw5KinJw9P
tAJVncAizKx1jiGBMj9MnCBcIHTlHTwNZQpw6XssruSHYYwfhte9Z6WGCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP4cpKzfwtvNT+Z7zN4VkVGXPiifMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvX2h5a3JOX0MyODFQNW52TTNoV1JVWmMtS0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkDAwQA
BWnEAwQABWnUMA0GCSqGSIb3DQEBCwUAA4IBAQAyc84oFkJxFB/VJe8xagoSMOt3
K2HFqgw7WcR6nxIi9XWf7JaYBdcHJQkBxfWSZHdWzlv4qbwZx+MZ5TZn2TleZ/zd
NyaEoSHSKjGVX55/a6DhZdC49chq0mF6n01w7mgxZOZgcXrdmQjh5O4x2wbF12Hb
6d+ftp8xOWjIHce3EAwPskPkl+p37H1D3/9RYfCwK7dUcYrizmWAlTiRf/TovM07
D8qPKrbjcrkO5sO30olcOpffx3G3hFXxih3YgZ3WXf3QS81AjM2L9ZgwZIqmojxF
BPUrLGFWqfGJ+OPJsRVPP8Mw4aAke7P7HDrjuK9MSUk7ST3TpYt9IDCrbcVy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org