Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/h9VzuK6jlwEasCxxpEodkawfpK4.roa
File: h9VzuK6jlwEasCxxpEodkawfpK4.roa (raw, json)
Hash identifier: J4IHXcn0ksNTYY2cU+oCX8IQDWbJF3jgFtouF2yAAHo=
Subject key identifier: 87:D5:73:B8:AE:A3:97:01:1A:B0:2C:71:A4:4A:1D:91:AC:1F:A4:AE
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018969B7885A385BB1CADA5BD4E174517550
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/h9VzuK6jlwEasCxxpEodkawfpK4.roa
Signing time: Tue 18 Jul 2023 15:56:22 +0000
ROA not before: Tue 18 Jul 2023 15:56:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 5.105.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:69:b7:88:5a:38:5b:b1:ca:da:5b:d4:e1:74:51:75:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 18 15:56:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87d573b8aea397011ab02c71a44a1d91ac1fa4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:74:9d:bf:08:13:4e:e7:75:b0:d5:1b:9d:a7:
60:1f:7d:38:06:da:38:1c:f0:8b:77:1c:ac:da:cb:
92:9e:2b:42:3d:09:9e:8a:68:25:e4:14:71:46:b1:
8f:ed:af:b6:bf:84:35:de:30:f0:e2:22:ce:05:4d:
e1:99:91:a9:a1:af:25:90:d1:64:0e:bf:64:82:4b:
6e:f7:ac:cb:72:17:e7:30:d4:42:01:e0:68:43:29:
66:d9:34:dd:46:b8:58:7f:ec:5c:05:89:4e:13:dc:
87:01:41:3a:a0:7c:2f:fa:02:5e:e0:8d:89:ac:27:
af:c6:05:9d:59:97:21:8c:b8:7d:ae:3f:df:47:ef:
d0:95:c3:b0:40:d6:7f:a0:53:fa:ce:73:94:5b:9a:
d2:ac:4e:9f:7c:9b:22:3a:f1:f1:b8:0f:4d:60:f0:
d9:d5:60:8d:57:27:b7:46:6d:59:a7:d6:e0:e0:d2:
3c:4b:ff:10:3a:92:7d:0b:33:b0:38:18:56:05:38:
85:20:08:89:60:ac:c6:fe:33:ab:21:f0:e8:d1:18:
4d:cc:09:d2:6b:2d:35:64:d2:e5:bb:7d:88:52:51:
df:04:bf:02:2e:97:3f:ea:d7:e5:c4:a8:87:ac:87:
e8:fa:e6:6e:c6:74:0d:0b:1f:65:3b:a8:bc:e6:55:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D5:73:B8:AE:A3:97:01:1A:B0:2C:71:A4:4A:1D:91:AC:1F:A4:AE
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/h9VzuK6jlwEasCxxpEodkawfpK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.66.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:19:f4:4c:d0:97:9e:54:44:79:02:0d:d6:07:ba:3d:57:10:
2e:2b:45:a0:5f:4c:0b:8d:46:a6:c3:b8:74:73:b1:b8:91:50:
07:06:ae:07:58:9f:98:ab:3e:3c:e8:d2:2e:b2:6f:78:5f:05:
32:25:cb:12:57:7e:cc:fd:78:6d:50:89:58:32:4a:ae:b9:46:
e7:7a:d9:4f:66:a8:24:d2:1b:01:d3:5d:6e:56:28:fc:01:2a:
49:a6:ee:f3:a2:d3:d8:82:93:7a:42:39:6e:cc:6b:67:73:06:
16:a4:06:8e:fb:6f:2c:f8:43:a6:64:71:45:4a:9c:46:b4:fd:
c8:e8:a5:93:68:74:41:3b:83:67:e7:4f:e5:e7:43:09:9a:0f:
43:d7:3c:38:f1:e6:1f:6f:1d:09:78:4c:09:98:d7:66:f3:1e:
a9:28:38:6d:b9:c3:1c:0a:82:0c:89:ee:6b:2d:cd:10:d5:0e:
0b:94:0c:f6:91:d9:5b:c8:41:8a:f7:51:12:58:ca:45:55:ef:
d8:d8:73:12:b3:33:60:ae:4b:31:63:ee:09:fe:9f:5f:20:12:
84:a3:57:6f:80:a8:b2:d5:cd:20:55:53:07:2b:87:84:4e:cf:
f5:85:f6:c4:80:d5:25:2a:f9:f3:0c:74:f1:31:0d:88:90:2b:
4d:7e:12:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlpt4haOFuxytpb1OF0UXVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzE4MTU1NjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q1NzNiOGFlYTM5NzAxMWFiMDJjNzFhNDRhMWQ5MWFjMWZhNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43SdvwgTTud1sNUbnadgH304Bto4
HPCLdxys2suSnitCPQmeimgl5BRxRrGP7a+2v4Q13jDw4iLOBU3hmZGpoa8lkNFk
Dr9kgktu96zLchfnMNRCAeBoQylm2TTdRrhYf+xcBYlOE9yHAUE6oHwv+gJe4I2J
rCevxgWdWZchjLh9rj/fR+/QlcOwQNZ/oFP6znOUW5rSrE6ffJsiOvHxuA9NYPDZ
1WCNVye3Rm1Zp9bg4NI8S/8QOpJ9CzOwOBhWBTiFIAiJYKzG/jOrIfDo0RhNzAnS
ay01ZNLlu32IUlHfBL8CLpc/6tflxKiHrIfo+uZuxnQNCx9lO6i85lUOuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfVc7iuo5cBGrAscaRKHZGsH6SuMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvaDlWenVLNmpsd0Vhc0N4eHBFb2RrYXdmcEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWlCMA0G
CSqGSIb3DQEBCwUAA4IBAQB/GfRM0JeeVER5Ag3WB7o9VxAuK0WgX0wLjUamw7h0
c7G4kVAHBq4HWJ+Yqz486NIusm94XwUyJcsSV37M/XhtUIlYMkquuUbnetlPZqgk
0hsB011uVij8ASpJpu7zotPYgpN6QjluzGtncwYWpAaO+28s+EOmZHFFSpxGtP3I
6KWTaHRBO4Nn50/l50MJmg9D1zw48eYfbx0JeEwJmNdm8x6pKDhtucMcCoIMie5r
Lc0Q1Q4LlAz2kdlbyEGK91ESWMpFVe/Y2HMSszNgrksxY+4J/p9fIBKEo1dvgKiy
1c0gVVMHK4eETs/1hfbEgNUlKvnzDHTxMQ2IkCtNfhJ6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:45 2025 by rpki-client