Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/hXhFzmkAjNQ8p9LBqujwm7eBLSI.roa
File: hXhFzmkAjNQ8p9LBqujwm7eBLSI.roa (raw, json)
Hash identifier: nleS+xaXkMJWP8ryh3gFzYX39UFcuFq6/2ak2hMVNG8=
Subject key identifier: 85:78:45:CE:69:00:8C:D4:3C:A7:D2:C1:AA:E8:F0:9B:B7:81:2D:22
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0182A5BFF49252550CA91ADFF55FCCBD06B6
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/hXhFzmkAjNQ8p9LBqujwm7eBLSI.roa
Signing time: Tue 16 Aug 2022 08:23:16 +0000
ROA not before: Tue 16 Aug 2022 08:23:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 5.105.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a5:bf:f4:92:52:55:0c:a9:1a:df:f5:5f:cc:bd:06:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 16 08:23:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=857845ce69008cd43ca7d2c1aae8f09bb7812d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:f9:40:d8:a1:22:ed:9f:a7:c5:66:13:47:
2c:67:53:3b:a5:bb:9c:f3:0d:ac:22:90:20:e9:0e:
9a:57:f8:c0:dc:c2:32:98:da:f6:96:76:20:cf:48:
55:c6:bb:05:27:b6:01:9e:96:2e:f3:2b:f5:c6:1b:
0f:6d:df:a4:0e:04:e0:0c:4a:5e:33:a7:41:38:b4:
5f:84:3c:40:f8:2e:c4:ac:85:dd:b4:7f:50:73:8a:
00:64:1d:92:f8:e7:26:93:31:e1:0d:e7:54:80:7b:
1d:04:98:5d:7d:ca:b4:10:b1:6e:51:5e:77:da:fb:
c8:d2:37:9b:62:0a:f1:9c:2b:25:da:ee:a5:80:69:
cb:64:e5:f6:44:e7:b1:73:ed:11:3e:66:77:02:a9:
c5:01:70:a3:1b:b4:be:d3:ed:ae:2b:b3:d4:54:63:
31:ba:6e:cf:e4:0e:fd:bc:73:3a:22:5d:5d:2f:67:
6f:87:d0:05:48:fe:b7:f1:93:03:da:8f:ca:04:f5:
9a:ca:e7:5c:85:8a:47:e2:1a:c5:54:18:76:20:af:
23:d5:1c:f2:b0:eb:03:72:33:4d:5c:40:ef:3f:d5:
5b:08:09:87:91:5a:56:64:06:bf:d0:3f:10:f8:fe:
20:c6:d5:be:4c:e0:2a:ba:47:3f:a7:62:f1:17:e3:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:78:45:CE:69:00:8C:D4:3C:A7:D2:C1:AA:E8:F0:9B:B7:81:2D:22
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/hXhFzmkAjNQ8p9LBqujwm7eBLSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:71:22:de:bb:8d:a4:73:70:e9:7d:ed:38:43:a2:f1:4f:ba:
f9:70:18:73:db:e5:bc:65:9e:09:67:e4:77:a7:d5:d4:f0:c3:
8e:c2:fc:45:fe:45:57:12:e3:dc:fe:94:7e:bd:82:03:a3:95:
aa:8c:c6:1f:21:30:4b:6f:1b:0a:0b:ef:20:e9:04:bd:3f:3e:
24:91:30:cb:0b:96:d9:ba:4f:2d:8e:75:66:5f:a7:9a:75:12:
35:b5:08:53:97:69:0c:62:73:41:f6:21:91:48:42:ab:b8:fb:
bc:d9:dd:18:01:b9:03:18:a2:53:7f:4d:00:cd:76:da:9b:e3:
bf:ab:91:55:7a:e4:66:4e:12:60:7f:20:b5:2f:7d:1b:ed:10:
1a:37:67:bc:b0:6c:86:89:e3:f5:79:d0:e8:ef:14:6d:69:29:
bb:dc:54:8a:22:42:fe:3f:ba:14:ab:c1:8a:32:a5:ad:19:10:
af:4a:cd:08:6f:2f:5f:7e:0d:a6:a8:f4:3d:b9:17:70:fc:20:
17:b5:e3:d0:6c:74:55:05:71:54:f3:16:97:4b:a5:10:74:1b:
4a:0f:d5:53:34:a5:25:c7:57:8f:c0:7f:50:dd:b3:03:68:11:
4a:1c:cb:c5:6c:06:1c:88:7d:8c:b3:c6:eb:d9:0d:f3:7e:2d:
35:82:75:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKlv/SSUlUMqRrf9V/MvQa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwODE2MDgyMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc4NDVjZTY5MDA4Y2Q0M2NhN2QyYzFhYWU4ZjA5YmI3ODEyZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupv5QNihIu2fp8VmE0csZ1M7pbuc
8w2sIpAg6Q6aV/jA3MIymNr2lnYgz0hVxrsFJ7YBnpYu8yv1xhsPbd+kDgTgDEpe
M6dBOLRfhDxA+C7ErIXdtH9Qc4oAZB2S+OcmkzHhDedUgHsdBJhdfcq0ELFuUV53
2vvI0jebYgrxnCsl2u6lgGnLZOX2ROexc+0RPmZ3AqnFAXCjG7S+0+2uK7PUVGMx
um7P5A79vHM6Il1dL2dvh9AFSP638ZMD2o/KBPWayudchYpH4hrFVBh2IK8j1Rzy
sOsDcjNNXEDvP9VbCAmHkVpWZAa/0D8Q+P4gxtW+TOAqukc/p2LxF+O9oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIV4Rc5pAIzUPKfSwaro8Ju3gS0iMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvaFhoRnpta0FqTlE4cDlMQnF1andtN2VCTFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkDMA0G
CSqGSIb3DQEBCwUAA4IBAQAccSLeu42kc3Dpfe04Q6LxT7r5cBhz2+W8ZZ4JZ+R3
p9XU8MOOwvxF/kVXEuPc/pR+vYIDo5WqjMYfITBLbxsKC+8g6QS9Pz4kkTDLC5bZ
uk8tjnVmX6eadRI1tQhTl2kMYnNB9iGRSEKruPu82d0YAbkDGKJTf00AzXbam+O/
q5FVeuRmThJgfyC1L30b7RAaN2e8sGyGieP1edDo7xRtaSm73FSKIkL+P7oUq8GK
MqWtGRCvSs0Iby9ffg2mqPQ9uRdw/CAXtePQbHRVBXFU8xaXS6UQdBtKD9VTNKUl
x1ePwH9Q3bMDaBFKHMvFbAYciH2Ms8br2Q3zfi01gnWB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org