Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dSEs_1iRthEiJAdg1YrwotdzZEQ.roa
File: dSEs_1iRthEiJAdg1YrwotdzZEQ.roa (raw, json)
Hash identifier: R1AC+b/NKavIZXr/dAHQk/bE2u2X4bi7G1jC7Jcl17g=
Subject key identifier: 75:21:2C:FF:58:91:B6:11:22:24:07:60:D5:8A:F0:A2:D7:73:64:44
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01853049921BC603605B10B25955884775FE
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dSEs_1iRthEiJAdg1YrwotdzZEQ.roa
Signing time: Tue 20 Dec 2022 16:06:45 +0000
ROA not before: Tue 20 Dec 2022 16:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 5.105.120.0/24 maxlen: 24
5.105.48.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:49:92:1b:c6:03:60:5b:10:b2:59:55:88:47:75:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 20 16:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75212cff5891b61122240760d58af0a2d7736444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:26:e3:49:3d:b7:2e:fa:aa:f0:df:cc:3a:
ea:f8:2e:91:0f:77:58:39:3d:1e:05:47:83:bf:51:
0a:b8:48:6d:ae:a2:a3:6b:ba:4b:8a:bc:15:32:a8:
26:7b:3f:eb:79:c0:c7:85:11:a8:6f:b2:d0:53:10:
40:b5:b4:32:06:09:76:4b:ed:1a:ea:8a:d3:1f:8a:
4b:ca:e3:a3:7d:76:00:42:68:78:2a:8f:bf:84:4a:
95:25:0b:14:99:9a:a1:fe:a7:3d:db:d7:fc:d7:25:
a9:3b:82:2e:57:58:9e:2e:d7:ee:38:3e:95:84:b6:
81:4d:d2:63:72:c4:37:4a:34:71:50:0e:b2:d5:6f:
8d:6e:7f:55:8a:4b:12:45:43:3d:e0:e0:0f:ce:83:
41:14:00:51:45:1c:40:27:50:5f:c3:f7:3e:5d:fb:
2b:b5:db:0f:d2:ca:bc:27:df:52:ca:1a:7b:05:c3:
d6:37:8f:81:6f:70:de:96:31:58:45:c0:80:09:38:
25:49:0c:b9:56:68:fe:af:60:fa:c3:de:15:74:9b:
ec:d2:53:78:b0:16:a6:24:40:bc:f8:29:35:b7:bd:
65:e6:e7:88:96:1c:69:57:b7:37:20:d6:11:2e:aa:
62:08:7d:76:4c:4f:26:27:c7:cd:83:c6:dd:67:36:
89:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:21:2C:FF:58:91:B6:11:22:24:07:60:D5:8A:F0:A2:D7:73:64:44
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dSEs_1iRthEiJAdg1YrwotdzZEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.48.0/24
5.105.65.0/24
5.105.75.0/24
5.105.97.0/24
5.105.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:6d:00:ec:13:a2:75:3f:08:b2:49:d6:8d:5f:7d:b2:1f:8a:
6c:68:33:ee:62:f6:6a:7a:b3:96:95:82:99:a5:cf:a7:eb:c2:
4c:64:c9:74:21:df:e9:98:c1:9c:e0:6e:c7:af:48:29:ba:9c:
4d:99:6f:6e:41:9b:a5:98:64:03:42:19:a8:9a:30:75:c8:a3:
cf:81:2f:1d:d5:c9:01:2f:45:9d:57:a2:a2:c5:68:ac:f3:8d:
c9:73:ed:d4:4f:9a:6f:52:d0:f8:97:7e:c2:9c:62:1f:f3:25:
86:46:8f:00:2d:92:d9:ba:d5:ea:16:00:39:12:65:7a:03:f1:
83:84:05:6c:9a:46:8a:e9:29:72:37:a1:f3:77:96:21:39:93:
34:16:f3:7d:76:78:d8:0b:61:a5:e4:36:79:68:c3:3e:8e:6f:
37:09:0b:1a:0a:f6:73:e4:fe:a0:da:41:6c:b0:15:5b:d2:be:
fd:89:16:b9:94:fa:05:4c:dd:6d:14:89:c4:5b:35:3f:a0:e2:
15:68:71:85:4e:2b:b5:0b:0f:d7:29:05:6b:76:3d:5e:cb:e2:
4d:c0:f6:72:36:3b:03:93:39:88:e5:12:71:a1:56:d2:1c:7c:
eb:36:b5:61:42:aa:e8:c8:a0:75:d9:f8:e1:9f:ec:1f:51:d7:
93:88:4c:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUwSZIbxgNgWxCyWVWIR3X+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjIwMTYwNjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIxMmNmZjU4OTFiNjExMjIyNDA3NjBkNThhZjBhMmQ3NzM2NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUUm40k9ty76qvDfzDrq+C6RD3dY
OT0eBUeDv1EKuEhtrqKja7pLirwVMqgmez/recDHhRGob7LQUxBAtbQyBgl2S+0a
6orTH4pLyuOjfXYAQmh4Ko+/hEqVJQsUmZqh/qc929f81yWpO4IuV1ieLtfuOD6V
hLaBTdJjcsQ3SjRxUA6y1W+Nbn9ViksSRUM94OAPzoNBFABRRRxAJ1Bfw/c+Xfsr
tdsP0sq8J99Syhp7BcPWN4+Bb3DeljFYRcCACTglSQy5Vmj+r2D6w94VdJvs0lN4
sBamJEC8+Ck1t71l5ueIlhxpV7c3INYRLqpiCH12TE8mJ8fNg8bdZzaJhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHUhLP9YkbYRIiQHYNWK8KLXc2REMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZFNFc18xaVJ0aEVpSkFkZzFZcndvdGR6WkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkwAwQA
BWlBAwQABWlLAwQABWlhAwQABWl4MA0GCSqGSIb3DQEBCwUAA4IBAQA7bQDsE6J1
PwiySdaNX32yH4psaDPuYvZqerOWlYKZpc+n68JMZMl0Id/pmMGc4G7Hr0gpupxN
mW9uQZulmGQDQhmomjB1yKPPgS8d1ckBL0WdV6KixWis843Jc+3UT5pvUtD4l37C
nGIf8yWGRo8ALZLZutXqFgA5EmV6A/GDhAVsmkaK6SlyN6Hzd5YhOZM0FvN9dnjY
C2Gl5DZ5aMM+jm83CQsaCvZz5P6g2kFssBVb0r79iRa5lPoFTN1tFInEWzU/oOIV
aHGFTiu1Cw/XKQVrdj1ey+JNwPZyNjsDkzmI5RJxoVbSHHzrNrVhQqroyKB12fjh
n+wfUdeTiEyc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org