Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/nOQCMKqqxBUCb35HpNZnavAWy0I.roa
File: nOQCMKqqxBUCb35HpNZnavAWy0I.roa (raw, json)
Hash identifier: YShPhNSJuv3CBm7bU1YMngKoOBkGslEJTGXlxdFv5Ew=
Subject key identifier: 9C:E4:02:30:AA:AA:C4:15:02:6F:7E:47:A4:D6:67:6A:F0:16:CB:42
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186542F53E72A1CAA1B3718ACF91BBC2BF6
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/nOQCMKqqxBUCb35HpNZnavAWy0I.roa
Signing time: Wed 15 Feb 2023 08:27:13 +0000
ROA not before: Wed 15 Feb 2023 08:27:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.125.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.28.0/24 maxlen: 24
5.105.42.0/24 maxlen: 24
5.105.64.0/24 maxlen: 24
5.105.77.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:2f:53:e7:2a:1c:aa:1b:37:18:ac:f9:1b:bc:2b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 15 08:27:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ce40230aaaac415026f7e47a4d6676af016cb42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:de:67:7d:37:2b:b0:24:88:36:f8:d1:fc:dc:
b8:f5:d2:0a:50:29:c5:81:7b:50:36:34:54:34:fe:
f0:43:3f:b1:cb:0c:00:47:5c:25:a2:92:7a:01:dc:
1c:dd:0e:a0:06:29:24:ac:f2:f9:8c:a3:fa:50:0c:
58:bc:75:9a:77:3b:b3:84:44:6f:ac:c2:e1:f0:ba:
0d:fd:52:33:69:bd:9a:d1:5a:e3:7d:fd:83:a4:78:
8d:3b:a2:91:ca:0f:40:32:8e:d3:57:13:aa:32:52:
1b:28:9a:8d:7a:08:5c:55:4f:2e:50:cb:42:3c:85:
4e:1d:a7:94:ee:66:7b:f7:99:28:26:94:7f:1d:26:
19:f6:52:16:87:11:39:95:f4:db:82:25:6e:20:c7:
7d:8b:c7:41:52:79:02:91:28:17:53:ca:3b:e5:63:
b2:ee:ee:9d:f0:56:27:c8:26:cf:0a:ee:ce:6a:56:
60:4c:0d:46:62:7d:cb:b4:a3:e8:40:59:b5:72:a4:
1d:d2:4a:78:53:0d:4f:3c:ac:3b:58:12:94:89:0d:
cd:5c:a7:85:85:a2:66:2f:3c:91:1c:ba:86:26:ea:
32:2e:0b:2a:50:d1:06:4c:1e:0e:86:30:70:37:86:
a4:5b:91:b8:35:6c:62:21:18:4b:37:23:eb:73:56:
7b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E4:02:30:AA:AA:C4:15:02:6F:7E:47:A4:D6:67:6A:F0:16:CB:42
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/nOQCMKqqxBUCb35HpNZnavAWy0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.28.0/24
5.105.42.0/24
5.105.64.0/24
5.105.77.0/24
5.105.125.0/24
5.105.218.0/24
5.105.229.0/24
Signature Algorithm: sha256WithRSAEncryption
02:24:ae:4a:1d:5b:14:33:3e:2d:68:64:e7:52:47:6b:cd:a6:
89:3c:66:a4:d5:2f:2c:47:ca:95:d5:cf:c5:bd:e4:df:cc:05:
38:3a:90:91:69:97:00:b6:fe:84:1b:b3:f4:0e:a7:5e:2c:8d:
80:8c:75:70:ef:07:77:9f:17:cc:3e:22:6d:d4:04:62:35:22:
73:8b:ad:85:7d:dc:9a:da:ef:c1:cf:c2:92:6b:ea:fe:fa:0e:
fc:6a:14:65:c9:14:88:f9:6c:75:77:fb:b3:9d:20:f0:6e:46:
87:9a:23:ac:82:55:6e:74:c8:9e:3e:e0:0f:c7:0a:26:5f:8e:
68:d5:24:be:7d:1f:e0:d5:b0:0b:2a:1f:d5:72:a8:58:94:aa:
88:c0:4c:52:21:1f:75:f3:ac:70:56:9e:3b:fd:0a:ca:c8:54:
ec:7b:98:68:a5:09:7f:e7:15:19:37:d7:62:7c:52:df:5e:d5:
bc:8a:bc:4b:cc:ef:e7:26:9d:22:6f:b4:61:0f:f2:4f:71:5b:
6f:89:0e:f9:9b:70:15:e5:39:14:d7:0a:52:4b:b4:9e:76:4d:
68:83:8a:c6:33:4b:4e:88:dc:3a:99:84:eb:41:af:c3:3f:5d:
cf:8d:23:f4:0c:8a:8d:a6:21:f8:d4:5a:a0:46:ca:f5:37:db:
69:1c:41:fc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYZUL1PnKhyqGzcYrPkbvCv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjE1MDgyNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2U0MDIzMGFhYWFjNDE1MDI2ZjdlNDdhNGQ2Njc2YWYwMTZjYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp95nfTcrsCSINvjR/Ny49dIKUCnF
gXtQNjRUNP7wQz+xywwAR1wlopJ6Adwc3Q6gBikkrPL5jKP6UAxYvHWadzuzhERv
rMLh8LoN/VIzab2a0Vrjff2DpHiNO6KRyg9AMo7TVxOqMlIbKJqNeghcVU8uUMtC
PIVOHaeU7mZ795koJpR/HSYZ9lIWhxE5lfTbgiVuIMd9i8dBUnkCkSgXU8o75WOy
7u6d8FYnyCbPCu7OalZgTA1GYn3LtKPoQFm1cqQd0kp4Uw1PPKw7WBKUiQ3NXKeF
haJmLzyRHLqGJuoyLgsqUNEGTB4OhjBwN4akW5G4NWxiIRhLNyPrc1Z7UwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJzkAjCqqsQVAm9+R6TWZ2rwFstCMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbk9RQ01LcXF4QlVDYjM1SHBOWm5hdkFXeTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkcAwQA
BWkqAwQABWlAAwQABWlNAwQABWl9AwQABWnaAwQABWnlMA0GCSqGSIb3DQEBCwUA
A4IBAQACJK5KHVsUMz4taGTnUkdrzaaJPGak1S8sR8qV1c/FveTfzAU4OpCRaZcA
tv6EG7P0DqdeLI2AjHVw7wd3nxfMPiJt1ARiNSJzi62Ffdya2u/Bz8KSa+r++g78
ahRlyRSI+Wx1d/uznSDwbkaHmiOsglVudMiePuAPxwomX45o1SS+fR/g1bALKh/V
cqhYlKqIwExSIR9186xwVp47/QrKyFTse5hopQl/5xUZN9difFLfXtW8irxLzO/n
Jp0ib7RhD/JPcVtviQ75m3AV5TkU1wpSS7Sedk1og4rGM0tOiNw6mYTrQa/DP13P
jSP0DIqNpiH41FqgRsr1N9tpHEH8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:24 2025 by rpki-client