Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ipF9oMtbMjbzyxfda7JcY9T8A94.roa
File: ipF9oMtbMjbzyxfda7JcY9T8A94.roa (raw, json)
Hash identifier: uXFFLgu4cVez0WW83QH/xSgF14LPveWMyfAOUJA7ec0=
Subject key identifier: 8A:91:7D:A0:CB:5B:32:36:F3:CB:17:DD:6B:B2:5C:63:D4:FC:03:DE
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018AFBD9A4164A84109DE32C77839D305200
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ipF9oMtbMjbzyxfda7JcY9T8A94.roa
Signing time: Wed 04 Oct 2023 18:00:58 +0000
ROA not before: Wed 04 Oct 2023 18:00:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 5.105.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:d9:a4:16:4a:84:10:9d:e3:2c:77:83:9d:30:52:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 4 18:00:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a917da0cb5b3236f3cb17dd6bb25c63d4fc03de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1c:9c:8f:3b:8c:2b:a9:c9:52:8c:c7:9d:c3:
b4:10:a6:42:bc:ed:61:68:e9:da:fe:63:e7:a7:34:
91:a8:e3:79:63:0e:b0:d6:01:c9:aa:38:42:31:dc:
b6:9d:30:19:37:15:38:3a:4d:fd:0d:7c:a9:a1:9f:
6f:19:f5:55:cd:c3:90:91:9e:98:28:fb:6a:10:86:
5a:c4:7a:a3:af:78:62:fa:ca:ea:63:66:3f:f3:a2:
07:78:1e:80:58:b6:2c:9c:56:92:71:64:6b:a9:6e:
dc:69:90:97:72:21:38:01:f7:7b:d3:4e:90:10:80:
12:87:1f:8c:bd:eb:7a:92:ec:e6:93:bb:4c:76:51:
05:d3:15:c7:6b:ad:5b:42:58:79:62:75:02:4b:9f:
ea:3d:47:3d:e5:83:b1:0b:cb:06:50:74:81:35:e9:
68:89:4b:5e:49:6d:46:1c:a4:cf:a6:b8:01:f7:32:
8e:df:2d:f2:9e:a3:71:fd:53:b3:37:5d:15:8c:5d:
3d:74:ad:80:bc:6a:1c:eb:e7:64:58:0b:bc:9b:27:
f4:a9:13:17:de:da:5d:ca:9a:91:bc:f8:4a:6d:b2:
25:be:22:a5:60:1b:ac:50:6b:4b:e1:d2:37:19:a4:
e2:5e:94:a3:44:f2:91:ea:8c:c0:06:34:1b:78:8c:
c4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:91:7D:A0:CB:5B:32:36:F3:CB:17:DD:6B:B2:5C:63:D4:FC:03:DE
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ipF9oMtbMjbzyxfda7JcY9T8A94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.220.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:26:6f:f9:46:bb:af:10:c6:2c:06:e4:18:8d:ac:4b:96:65:
43:7e:4c:53:a4:1a:c6:93:41:c5:1a:e4:df:12:d5:f1:a8:0f:
e6:ae:0f:3f:88:b2:44:d3:3e:cf:66:be:19:c1:8b:1b:60:2a:
23:55:2b:6c:fa:cc:1b:2f:0f:2e:6d:96:d2:9f:1d:bb:d0:78:
9b:84:29:1f:4b:62:f6:84:e2:0e:93:7a:cb:bf:2b:46:e9:1e:
0a:63:d5:6e:62:3e:fb:0e:4e:77:9d:2b:43:6c:7b:a1:8e:1b:
32:5e:4b:15:2b:90:92:59:80:1e:df:69:2b:40:37:a2:f8:27:
72:8f:48:c1:31:23:a7:2e:9f:46:8c:d5:48:c9:50:28:bf:20:
5b:80:ad:51:dc:96:7c:b8:78:53:3c:69:77:4f:92:5e:c5:ee:
d6:c1:9d:4f:15:a7:5d:3e:21:f3:32:71:62:ad:76:26:d2:80:
88:46:32:0a:80:28:a6:85:ce:dc:94:72:05:03:2a:d6:50:f1:
44:4b:8a:94:5d:f4:6d:bc:0b:d6:4b:f7:1e:ca:aa:a5:43:f4:
c8:79:a1:37:0e:02:b9:ba:5f:50:22:58:58:79:4d:56:74:b1:
78:75:34:11:21:c9:3c:57:32:ef:2b:dc:2a:1b:b5:7c:6a:29:
4a:43:f2:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr72aQWSoQQneMsd4OdMFIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMxMDA0MTgwMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTkxN2RhMGNiNWIzMjM2ZjNjYjE3ZGQ2YmIyNWM2M2Q0ZmMwM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBycjzuMK6nJUozHncO0EKZCvO1h
aOna/mPnpzSRqON5Yw6w1gHJqjhCMdy2nTAZNxU4Ok39DXypoZ9vGfVVzcOQkZ6Y
KPtqEIZaxHqjr3hi+srqY2Y/86IHeB6AWLYsnFaScWRrqW7caZCXciE4Afd7006Q
EIAShx+Mvet6kuzmk7tMdlEF0xXHa61bQlh5YnUCS5/qPUc95YOxC8sGUHSBNelo
iUteSW1GHKTPprgB9zKO3y3ynqNx/VOzN10VjF09dK2AvGoc6+dkWAu8myf0qRMX
3tpdypqRvPhKbbIlviKlYBusUGtL4dI3GaTiXpSjRPKR6ozABjQbeIzEgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqRfaDLWzI288sX3WuyXGPU/APeMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvaXBGOW9NdGJNamJ6eXhmZGE3SmNZOVQ4QTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWncMA0G
CSqGSIb3DQEBCwUAA4IBAQC2Jm/5RruvEMYsBuQYjaxLlmVDfkxTpBrGk0HFGuTf
EtXxqA/mrg8/iLJE0z7PZr4ZwYsbYCojVSts+swbLw8ubZbSnx270HibhCkfS2L2
hOIOk3rLvytG6R4KY9VuYj77Dk53nStDbHuhjhsyXksVK5CSWYAe32krQDei+Cdy
j0jBMSOnLp9GjNVIyVAovyBbgK1R3JZ8uHhTPGl3T5Jexe7WwZ1PFaddPiHzMnFi
rXYm0oCIRjIKgCimhc7clHIFAyrWUPFES4qUXfRtvAvWS/ceyqqlQ/TIeaE3DgK5
ul9QIlhYeU1WdLF4dTQRIck8VzLvK9wqG7V8ailKQ/KV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:21 2025 by rpki-client