Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/n0i3DV5kvuuRxG5rPbmX6_uxHxs.roa
File: n0i3DV5kvuuRxG5rPbmX6_uxHxs.roa (raw, json)
Hash identifier: AQi/0sk0gyffqsiHEW5Hor/ooKWMtGCwFOMJv8wHU3o=
Subject key identifier: 9F:48:B7:0D:5E:64:BE:EB:91:C4:6E:6B:3D:B9:97:EB:FB:B1:1F:1B
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0185069F7FA49BB181EEDADC1C866C3E8CD6
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/n0i3DV5kvuuRxG5rPbmX6_uxHxs.roa
Signing time: Mon 12 Dec 2022 13:56:34 +0000
ROA not before: Mon 12 Dec 2022 13:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210388
IP address blocks: 5.105.18.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:9f:7f:a4:9b:b1:81:ee:da:dc:1c:86:6c:3e:8c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 12 13:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f48b70d5e64beeb91c46e6b3db997ebfbb11f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:dc:e4:d6:bb:6b:46:49:33:85:93:c4:da:37:
be:07:87:d8:2c:91:07:b2:fc:b2:11:39:f6:cd:a5:
2d:b9:56:f1:43:bd:3c:ca:8d:5b:9d:e6:5c:9e:a7:
a9:fe:61:cb:66:b5:ca:d6:d1:7f:d4:8d:40:63:83:
5d:04:a6:4a:57:c9:53:de:24:81:0a:97:d8:27:d3:
7a:51:85:8f:15:39:b5:ae:a6:60:64:dd:dd:4d:05:
8e:26:f1:38:f3:05:d5:93:01:24:d7:c1:b6:e1:4b:
0b:c3:21:42:3f:bc:a5:bd:0b:5e:f1:9d:af:51:32:
1b:ed:ea:13:d6:fa:de:8a:92:ba:78:12:0f:46:54:
ed:eb:be:29:b7:69:6c:e3:e6:cf:3a:1f:a8:e2:0b:
24:89:7c:38:e1:3c:d1:d5:4e:c0:ea:07:53:d8:97:
eb:22:2e:60:d2:1d:05:7d:ad:90:4d:79:df:24:d5:
81:3b:a7:a5:b9:8e:a9:77:47:3b:81:5d:3f:e3:49:
9c:db:4c:f7:cc:09:b3:40:1e:bd:36:67:e8:5c:a5:
5c:a7:d4:8c:9b:3f:72:c3:56:80:0f:a2:86:1b:83:
f7:5a:21:1e:1d:61:64:b0:73:15:f2:e0:a3:38:58:
4a:e3:4f:63:76:6f:00:df:15:cf:bc:98:31:bb:45:
cd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:48:B7:0D:5E:64:BE:EB:91:C4:6E:6B:3D:B9:97:EB:FB:B1:1F:1B
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/n0i3DV5kvuuRxG5rPbmX6_uxHxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.4.0/24
5.105.18.0/24
5.105.40.0/24
Signature Algorithm: sha256WithRSAEncryption
35:5e:9f:5a:89:82:23:df:c4:3d:04:14:3b:79:c7:4d:9a:70:
a0:92:f8:c0:f6:15:47:0b:41:20:cb:0a:fb:42:16:32:b1:6c:
f4:2f:70:32:fe:d2:a8:cd:e6:a1:00:60:00:9c:16:87:87:04:
5f:78:c2:06:54:9c:9f:16:be:6e:29:77:0e:a5:61:df:cf:69:
f8:15:01:b0:38:11:27:86:75:22:25:5d:e3:0e:cf:34:dc:92:
7e:2f:fa:fb:67:17:ce:c4:00:c1:d9:59:77:53:ec:8d:7b:55:
ea:4b:16:fd:60:14:87:cc:6d:60:17:84:c2:50:07:30:c0:e9:
6d:47:2d:0a:ee:42:26:71:75:d1:5f:f5:32:f6:e9:94:8f:cf:
2c:76:17:b5:38:1e:a9:65:61:d2:e3:d6:ed:92:9f:28:54:ba:
7d:3a:6f:1a:7d:45:fb:02:45:bf:1a:2e:68:c8:92:ff:6d:92:
c9:d3:98:16:d8:40:39:28:96:aa:b2:7a:6f:ee:13:a1:56:f6:
2e:58:1c:ae:0b:ae:b9:b6:80:84:0e:50:1a:36:62:b5:26:d5:
07:ef:8d:f1:75:33:5e:dc:a2:8d:3f:57:77:22:1b:d0:cf:a8:
d9:35:c5:a6:f9:94:b8:c2:00:02:a2:7b:24:70:dc:e2:48:d9:
9b:a4:c9:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUGn3+km7GB7trcHIZsPozWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjEyMTM1NjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ4YjcwZDVlNjRiZWViOTFjNDZlNmIzZGI5OTdlYmZiYjExZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdzk1rtrRkkzhZPE2je+B4fYLJEH
svyyETn2zaUtuVbxQ708yo1bneZcnqep/mHLZrXK1tF/1I1AY4NdBKZKV8lT3iSB
CpfYJ9N6UYWPFTm1rqZgZN3dTQWOJvE48wXVkwEk18G24UsLwyFCP7ylvQte8Z2v
UTIb7eoT1vreipK6eBIPRlTt674pt2ls4+bPOh+o4gskiXw44TzR1U7A6gdT2Jfr
Ii5g0h0Ffa2QTXnfJNWBO6eluY6pd0c7gV0/40mc20z3zAmzQB69NmfoXKVcp9SM
mz9yw1aAD6KGG4P3WiEeHWFksHMV8uCjOFhK409jdm8A3xXPvJgxu0XNkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ9Itw1eZL7rkcRuaz25l+v7sR8bMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbjBpM0RWNWt2dXVSeEc1clBibVg2X3V4SHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkEAwQA
BWkSAwQABWkoMA0GCSqGSIb3DQEBCwUAA4IBAQA1Xp9aiYIj38Q9BBQ7ecdNmnCg
kvjA9hVHC0Egywr7QhYysWz0L3Ay/tKozeahAGAAnBaHhwRfeMIGVJyfFr5uKXcO
pWHfz2n4FQGwOBEnhnUiJV3jDs803JJ+L/r7ZxfOxADB2Vl3U+yNe1XqSxb9YBSH
zG1gF4TCUAcwwOltRy0K7kImcXXRX/Uy9umUj88sdhe1OB6pZWHS49btkp8oVLp9
Om8afUX7AkW/Gi5oyJL/bZLJ05gW2EA5KJaqsnpv7hOhVvYuWByuC665toCEDlAa
NmK1JtUH743xdTNe3KKNP1d3IhvQz6jZNcWm+ZS4wgAConskcNziSNmbpMnD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org