Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/f0O8hWX45VJd5aVbkug013eo8iQ.roa
File: f0O8hWX45VJd5aVbkug013eo8iQ.roa (raw, json)
Hash identifier: AbraQMgnaFJ0j1FRJbzXftTA5/7cBhSz16xx0cXBMPs=
Subject key identifier: 7F:43:BC:85:65:F8:E5:52:5D:E5:A5:5B:92:E8:34:D7:77:A8:F2:24
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189C6D551CE61A6E0F50EF78A9A412B21F9
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/f0O8hWX45VJd5aVbkug013eo8iQ.roa
Signing time: Sat 05 Aug 2023 17:53:36 +0000
ROA not before: Sat 05 Aug 2023 17:53:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41095
IP address blocks: 5.105.247.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:d5:51:ce:61:a6:e0:f5:0e:f7:8a:9a:41:2b:21:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 5 17:53:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f43bc8565f8e5525de5a55b92e834d777a8f224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2d:c6:b6:98:a9:4d:9b:ec:0e:7a:4f:ad:66:
d2:ab:23:eb:6b:c5:b0:11:45:82:d1:4e:1f:d3:8f:
f0:89:33:93:14:50:3f:29:e5:86:52:e6:e8:17:54:
12:3b:ef:c6:58:28:41:41:26:7b:db:73:a3:8b:fe:
9a:0c:4f:99:6c:f0:f8:8f:c9:fe:1e:ea:0d:be:ee:
32:7a:e6:fc:2e:3a:09:f4:45:f6:53:14:50:5c:9f:
74:94:5c:09:05:4e:4f:cf:60:85:cc:c3:59:d4:ed:
12:a3:d7:50:87:0b:da:a1:0e:8c:8c:a6:02:9c:35:
85:40:c3:65:04:ce:6d:e9:eb:4b:40:78:9f:0c:3b:
4d:ee:53:05:fe:71:0f:08:b0:48:82:73:0b:0d:c4:
d6:b3:23:dd:c8:44:f1:4f:63:f4:dc:35:01:80:4d:
4a:3c:cd:24:8b:22:79:a5:31:4b:4f:bf:1f:d8:76:
44:5f:74:a9:5f:2f:42:ed:e5:ad:40:d1:61:01:f8:
a7:aa:c6:35:d9:bd:00:08:59:ea:4b:5e:43:89:c8:
dd:a4:cc:88:de:fc:ed:06:0c:7d:1e:3c:0a:b4:5e:
1e:45:09:c4:a8:38:ff:86:3a:15:c0:9f:6c:d1:da:
cb:7a:bd:b9:1c:a0:f1:f5:0a:1a:fb:ae:18:f3:a2:
ab:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:43:BC:85:65:F8:E5:52:5D:E5:A5:5B:92:E8:34:D7:77:A8:F2:24
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/f0O8hWX45VJd5aVbkug013eo8iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.68.0/24
5.105.247.0/24
Signature Algorithm: sha256WithRSAEncryption
10:23:7f:9e:72:f5:dd:f6:dc:5c:72:39:05:a5:a5:a5:73:f8:
4f:fc:15:0c:30:9d:26:19:68:00:1e:91:33:6d:18:31:62:34:
44:16:54:5b:d7:25:6f:fe:f1:bb:bf:84:81:34:81:71:28:1a:
ba:85:69:a5:fd:cd:0a:4e:6a:20:a9:f6:e1:d1:f1:46:78:ad:
ea:5b:18:cf:9b:47:af:21:21:ef:ff:a3:ed:50:48:1d:0d:b4:
0b:f1:02:17:c8:a9:25:36:97:1a:b6:13:30:bf:11:07:d0:4b:
f1:f4:cd:fa:78:a4:f4:39:54:8a:56:6a:f0:bc:66:35:e2:f5:
75:0b:68:8b:8b:9e:28:35:b2:d0:a1:89:ac:68:87:28:9f:db:
49:61:d9:07:1c:e9:54:2c:46:bf:5a:2b:9a:d3:25:14:aa:3b:
af:9f:7a:b1:37:33:7a:cd:fe:5d:fa:0c:53:9b:54:e0:e9:8c:
df:9e:b7:19:64:79:fb:0e:b4:d8:50:e2:51:73:4c:97:ef:1d:
e7:ba:55:74:06:59:0e:ca:89:21:70:5b:3b:b9:68:ff:94:42:
f1:7e:39:1f:03:ad:c7:e4:11:b6:09:1c:2c:cc:a1:5a:e5:4a:
82:85:97:55:16:dd:e7:5c:9d:ad:d8:87:58:09:c3:48:3e:93:
9e:d8:06:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnG1VHOYabg9Q73ippBKyH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODA1MTc1MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQzYmM4NTY1ZjhlNTUyNWRlNWE1NWI5MmU4MzRkNzc3YThmMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS3GtpipTZvsDnpPrWbSqyPra8Ww
EUWC0U4f04/wiTOTFFA/KeWGUuboF1QSO+/GWChBQSZ723Oji/6aDE+ZbPD4j8n+
HuoNvu4yeub8LjoJ9EX2UxRQXJ90lFwJBU5Pz2CFzMNZ1O0So9dQhwvaoQ6MjKYC
nDWFQMNlBM5t6etLQHifDDtN7lMF/nEPCLBIgnMLDcTWsyPdyETxT2P03DUBgE1K
PM0kiyJ5pTFLT78f2HZEX3SpXy9C7eWtQNFhAfinqsY12b0ACFnqS15DicjdpMyI
3vztBgx9HjwKtF4eRQnEqDj/hjoVwJ9s0drLer25HKDx9Qoa+64Y86KrWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH9DvIVl+OVSXeWlW5LoNNd3qPIkMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZjBPOGhXWDQ1VkpkNWFWYmt1ZzAxM2VvOGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWlEAwQA
BWn3MA0GCSqGSIb3DQEBCwUAA4IBAQAQI3+ecvXd9txccjkFpaWlc/hP/BUMMJ0m
GWgAHpEzbRgxYjREFlRb1yVv/vG7v4SBNIFxKBq6hWml/c0KTmogqfbh0fFGeK3q
WxjPm0evISHv/6PtUEgdDbQL8QIXyKklNpcathMwvxEH0Evx9M36eKT0OVSKVmrw
vGY14vV1C2iLi54oNbLQoYmsaIcon9tJYdkHHOlULEa/Wiua0yUUqjuvn3qxNzN6
zf5d+gxTm1Tg6YzfnrcZZHn7DrTYUOJRc0yX7x3nulV0BlkOyokhcFs7uWj/lELx
fjkfA63H5BG2CRwszKFa5UqChZdVFt3nXJ2t2IdYCcNIPpOe2Aaw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:44 2025 by rpki-client