Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aT_m9SktQseG1-Evm_hsV-bAeFA.roa
File: aT_m9SktQseG1-Evm_hsV-bAeFA.roa (raw, json)
Hash identifier: dFZ9zl/330dfw0nbbE77opFd8fd01rEefK45bbZB0sg=
Subject key identifier: 69:3F:E6:F5:29:2D:42:C7:86:D7:E1:2F:9B:F8:6C:57:E6:C0:78:50
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01835C8828AC76CAE4EF81F3211BF4D6DF0B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aT_m9SktQseG1-Evm_hsV-bAeFA.roa
Signing time: Tue 20 Sep 2022 20:12:50 +0000
ROA not before: Tue 20 Sep 2022 20:12:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210718
IP address blocks: 5.105.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5c:88:28:ac:76:ca:e4:ef:81:f3:21:1b:f4:d6:df:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 20 20:12:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=693fe6f5292d42c786d7e12f9bf86c57e6c07850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:44:66:1d:11:7e:12:1d:3f:6a:0e:2f:84:
d4:b8:ff:10:5d:e6:1e:79:44:1d:fd:18:28:11:af:
25:f7:0e:20:d9:32:8f:1d:39:56:80:cf:03:5e:07:
80:69:15:cf:ab:93:4a:5f:30:2c:05:2d:73:45:7b:
ea:48:eb:37:23:8f:50:9a:6f:51:69:88:9f:1e:58:
ad:e2:c6:c8:31:eb:9c:d3:76:f4:2b:0a:db:48:81:
41:89:6b:31:19:0d:23:a8:73:12:ce:d6:25:d5:79:
e4:4e:b0:d4:0d:a4:94:09:6a:25:d4:1d:53:65:b0:
b1:5c:f5:54:85:49:bf:60:d5:73:7f:4a:cd:bc:e5:
7d:ce:f1:58:17:e9:af:4f:fb:88:10:ed:e2:a3:cc:
34:6c:94:bb:1f:6f:f9:bc:30:43:9b:c6:f9:5b:79:
c3:d7:8b:c1:40:48:bf:fc:67:1e:23:e3:a0:c5:cc:
2e:1c:9b:9d:13:c8:ce:8d:5b:90:72:4c:23:02:88:
3f:25:99:2b:a8:48:5b:bf:63:2c:a5:52:e0:f2:dc:
d7:a0:41:86:b2:ad:62:de:f2:45:a1:47:67:f7:3b:
e2:8d:2a:74:a1:43:0c:67:d9:4e:39:47:ac:bf:6b:
3e:ef:54:5b:f0:65:ae:8b:4c:18:b3:ac:4c:de:9c:
4f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3F:E6:F5:29:2D:42:C7:86:D7:E1:2F:9B:F8:6C:57:E6:C0:78:50
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aT_m9SktQseG1-Evm_hsV-bAeFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.105.0/24
Signature Algorithm: sha256WithRSAEncryption
35:d1:0f:b5:3a:2f:2a:a3:50:99:3c:b4:8f:dc:54:d4:ef:9d:
64:16:da:aa:b8:25:b9:d4:1f:c8:e3:0a:b0:d6:05:ac:ac:f4:
60:ad:2e:a2:72:d4:90:38:6e:68:0d:ce:5a:50:81:20:68:78:
7e:d7:48:bb:cd:cc:f3:1e:6d:26:99:15:9d:f4:67:84:38:da:
68:20:ad:35:49:ce:5a:bd:b9:25:16:c7:f0:bd:48:9b:fb:78:
c5:45:bc:41:ec:a8:21:29:cd:44:2d:cd:89:7b:44:ea:51:47:
e8:25:83:08:9d:e5:fd:ab:da:4b:b8:c8:b9:57:3f:76:ce:43:
18:d9:05:13:ba:ac:17:64:4b:10:cd:0d:2f:ba:5f:10:d0:6b:
f8:d3:b1:2f:bb:f4:81:de:a1:e8:39:bc:d6:e2:93:97:4a:cd:
6e:e7:35:b5:43:67:34:7f:cc:ab:a9:3f:46:d5:7a:78:30:11:
a8:33:1e:a4:d2:f3:ca:d2:46:70:da:01:27:40:8a:bf:52:d6:
28:80:3f:60:1d:d1:ac:10:58:0b:fc:3a:ab:31:5c:ed:17:32:
3d:bd:f3:21:2b:fb:1d:64:ae:87:2d:cd:01:fc:cf:67:d3:eb:
f3:c7:75:5c:76:79:60:50:33:7f:14:ee:5e:21:a4:bd:6e:e8:
7a:20:a5:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNciCisdsrk74HzIRv01t8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwOTIwMjAxMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNmZTZmNTI5MmQ0MmM3ODZkN2UxMmY5YmY4NmM1N2U2YzA3ODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwVEZh0RfhIdP2oOL4TUuP8QXeYe
eUQd/RgoEa8l9w4g2TKPHTlWgM8DXgeAaRXPq5NKXzAsBS1zRXvqSOs3I49Qmm9R
aYifHlit4sbIMeuc03b0KwrbSIFBiWsxGQ0jqHMSztYl1XnkTrDUDaSUCWol1B1T
ZbCxXPVUhUm/YNVzf0rNvOV9zvFYF+mvT/uIEO3io8w0bJS7H2/5vDBDm8b5W3nD
14vBQEi//GceI+OgxcwuHJudE8jOjVuQckwjAog/JZkrqEhbv2MspVLg8tzXoEGG
sq1i3vJFoUdn9zvijSp0oUMMZ9lOOUesv2s+71Rb8GWui0wYs6xM3pxPxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGk/5vUpLULHhtfhL5v4bFfmwHhQMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYVRfbTlTa3RRc2VHMS1Fdm1faHNWLWJBZUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWlpMA0G
CSqGSIb3DQEBCwUAA4IBAQA10Q+1Oi8qo1CZPLSP3FTU751kFtqquCW51B/I4wqw
1gWsrPRgrS6ictSQOG5oDc5aUIEgaHh+10i7zczzHm0mmRWd9GeEONpoIK01Sc5a
vbklFsfwvUib+3jFRbxB7KghKc1ELc2Je0TqUUfoJYMIneX9q9pLuMi5Vz92zkMY
2QUTuqwXZEsQzQ0vul8Q0Gv407Evu/SB3qHoObzW4pOXSs1u5zW1Q2c0f8yrqT9G
1Xp4MBGoMx6k0vPK0kZw2gEnQIq/UtYogD9gHdGsEFgL/DqrMVztFzI9vfMhK/sd
ZK6HLc0B/M9n0+vzx3VcdnlgUDN/FO5eIaS9buh6IKUm
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:45 2025 by rpki-client