Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ahnSGb1S-CD8IHQimGJ0K8-0amM.roa
File: ahnSGb1S-CD8IHQimGJ0K8-0amM.roa (raw, json)
Hash identifier: YZyRum06vGLVoFbpbfHlOECzuZkLY4GwyDK2FNOhBks=
Subject key identifier: 6A:19:D2:19:BD:52:F8:20:FC:20:74:22:98:62:74:2B:CF:B4:6A:63
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0183F6EE41059F9AE4BE890261B73FC9317B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ahnSGb1S-CD8IHQimGJ0K8-0amM.roa
Signing time: Thu 20 Oct 2022 19:45:52 +0000
ROA not before: Thu 20 Oct 2022 19:45:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 5.105.25.0/24 maxlen: 24
5.105.71.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:ee:41:05:9f:9a:e4:be:89:02:61:b7:3f:c9:31:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 20 19:45:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a19d219bd52f820fc2074229862742bcfb46a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dd:b5:24:ef:10:2f:bd:e8:2a:9e:ab:25:bd:
55:df:72:8a:2b:b6:18:17:c7:71:89:44:84:f8:dd:
5c:3e:d5:57:37:29:95:b9:37:82:5d:1b:99:e5:16:
7b:ba:bb:9d:91:06:5e:ec:93:f2:3f:14:82:00:02:
97:27:be:6d:87:bc:57:7b:07:8c:14:65:04:75:3a:
75:06:ce:37:66:a5:63:75:8d:fc:13:2b:71:13:ee:
a2:73:48:6f:07:d4:50:84:81:3c:62:1a:0c:dc:d4:
b9:14:e4:1c:e2:69:26:43:3a:34:fe:54:cf:d7:84:
be:04:a2:06:69:71:77:b6:3f:ad:7f:d8:22:96:49:
79:4c:c5:77:3b:32:fc:bc:87:16:31:e9:b6:9b:39:
da:02:83:38:6d:75:18:31:dd:68:93:be:b0:7f:ff:
01:c6:0b:43:69:c9:97:9f:ef:33:93:20:65:94:e7:
5a:ba:40:af:85:d0:40:d4:d2:3d:a3:c0:84:01:e7:
7c:74:25:08:d6:d9:57:25:cf:00:3e:cb:9a:42:ca:
ec:f3:83:5a:9f:2c:aa:23:4d:b3:0a:7e:79:48:ab:
2c:0b:7f:27:13:06:54:61:a0:82:a6:0a:a0:df:bc:
ca:12:26:82:70:cd:44:9b:f4:02:3b:e5:e6:10:ee:
ce:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:19:D2:19:BD:52:F8:20:FC:20:74:22:98:62:74:2B:CF:B4:6A:63
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ahnSGb1S-CD8IHQimGJ0K8-0amM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.25.0/24
5.105.71.0/24
5.105.117.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:aa:7d:58:a3:d9:21:63:9d:98:f3:d7:ba:8c:f0:9a:25:02:
30:5d:ca:c7:b2:ba:a4:df:10:fb:24:f1:b9:c8:b3:a7:b3:ea:
f2:b2:b4:2c:4a:be:e9:a3:5c:15:24:6b:93:e4:49:c6:3d:60:
01:24:31:e8:99:3b:8f:29:0a:24:25:dd:bd:8a:0e:ce:e1:f9:
11:35:50:0d:16:5b:8a:99:ea:d8:d8:13:6f:69:6f:ee:d6:d8:
bd:eb:bf:67:61:9e:7a:0d:5b:7c:59:03:40:27:9b:68:fd:d9:
26:f2:03:bc:ed:0a:d1:0c:9d:e9:ee:99:91:76:00:cf:ee:c8:
9b:2d:81:58:6f:80:eb:cf:e8:5e:30:94:cd:7c:66:ed:35:35:
2e:cb:b8:18:1c:10:c7:39:a8:78:87:9b:af:26:be:ba:56:df:
ce:3a:26:4f:6c:91:68:03:88:29:6e:3a:53:54:bd:02:6b:97:
49:40:99:c8:95:88:0e:da:16:3b:0c:e3:76:ec:7d:1d:b5:86:
10:fd:0f:d0:89:de:2e:d7:98:8a:be:d3:ee:52:8f:19:65:aa:
e5:45:34:56:40:be:c9:55:7f:b5:be:ed:e2:87:9e:c6:0e:a8:
df:6b:f6:d0:84:ab:7a:01:c8:34:c4:6f:25:c9:bf:c5:53:b4:
67:73:72:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP27kEFn5rkvokCYbc/yTF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDIwMTk0NTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTE5ZDIxOWJkNTJmODIwZmMyMDc0MjI5ODYyNzQyYmNmYjQ2YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN21JO8QL73oKp6rJb1V33KKK7YY
F8dxiUSE+N1cPtVXNymVuTeCXRuZ5RZ7urudkQZe7JPyPxSCAAKXJ75th7xXeweM
FGUEdTp1Bs43ZqVjdY38EytxE+6ic0hvB9RQhIE8YhoM3NS5FOQc4mkmQzo0/lTP
14S+BKIGaXF3tj+tf9gilkl5TMV3OzL8vIcWMem2mznaAoM4bXUYMd1ok76wf/8B
xgtDacmXn+8zkyBllOdaukCvhdBA1NI9o8CEAed8dCUI1tlXJc8APsuaQsrs84Na
nyyqI02zCn55SKssC38nEwZUYaCCpgqg37zKEiaCcM1Em/QCO+XmEO7O9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGoZ0hm9Uvgg/CB0IphidCvPtGpjMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYWhuU0diMVMtQ0Q4SUhRaW1HSjBLOC0wYW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkZAwQA
BWlHAwQABWl1MA0GCSqGSIb3DQEBCwUAA4IBAQChqn1Yo9khY52Y89e6jPCaJQIw
XcrHsrqk3xD7JPG5yLOns+rysrQsSr7po1wVJGuT5EnGPWABJDHomTuPKQokJd29
ig7O4fkRNVANFluKmerY2BNvaW/u1ti9679nYZ56DVt8WQNAJ5to/dkm8gO87QrR
DJ3p7pmRdgDP7sibLYFYb4Drz+heMJTNfGbtNTUuy7gYHBDHOah4h5uvJr66Vt/O
OiZPbJFoA4gpbjpTVL0Ca5dJQJnIlYgO2hY7DON27H0dtYYQ/Q/Qid4u15iKvtPu
Uo8ZZarlRTRWQL7JVX+1vu3ih57GDqjfa/bQhKt6Acg0xG8lyb/FU7Rnc3JL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org