Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pHbngFnVQ2Zrr4motj4z2t_RCcw.roa
File: pHbngFnVQ2Zrr4motj4z2t_RCcw.roa (raw, json)
Hash identifier: oFYngMbeDkFmsqv1hyM/E0H+aKy0blUvrOIsnOqG9KQ=
Subject key identifier: A4:76:E7:80:59:D5:43:66:6B:AF:89:A8:B6:3E:33:DA:DF:D1:09:CC
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186834B9A7E6BEFF080372DEC1041D8D16D
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pHbngFnVQ2Zrr4motj4z2t_RCcw.roa
Signing time: Fri 24 Feb 2023 12:00:15 +0000
ROA not before: Fri 24 Feb 2023 12:00:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 5.105.126.0/24 maxlen: 24
5.105.132.0/24 maxlen: 24
5.105.141.0/24 maxlen: 24
5.105.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:4b:9a:7e:6b:ef:f0:80:37:2d:ec:10:41:d8:d1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 24 12:00:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a476e78059d543666baf89a8b63e33dadfd109cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:6b:e3:10:2c:9e:77:bd:1f:8d:a2:c1:8f:
4c:4f:8a:9d:ae:01:02:04:6e:ce:86:e3:de:ed:c1:
1d:16:f5:5c:77:1c:98:a3:af:84:ec:a3:2e:65:f0:
48:2b:92:ff:4a:71:a1:95:8f:b7:9b:1e:9e:45:2b:
43:39:5f:9e:ad:59:82:e4:e3:3b:81:77:35:26:f0:
76:68:52:da:c3:1e:1a:4b:04:6d:58:69:27:e1:6b:
f4:f1:72:a3:3a:82:9c:92:03:e3:4f:f5:d0:8a:4c:
1e:28:48:85:b0:3d:71:6d:a9:cd:1e:14:84:5d:d3:
9d:94:65:44:54:77:8e:43:af:65:9f:96:d1:e0:40:
25:43:5d:45:33:11:7b:cb:93:1b:28:f5:eb:66:de:
d0:31:12:ba:1f:0c:0b:ab:99:b4:a2:f4:1b:ee:ac:
8f:ab:d3:00:45:b0:10:a1:62:9b:07:10:7d:89:e1:
25:56:ca:0e:42:ee:23:ce:71:03:ce:43:71:6d:1b:
4b:8e:86:6d:d5:8c:c5:74:16:28:1c:9d:c3:40:31:
c9:39:81:ab:36:79:9c:e8:52:dd:5e:7b:17:a8:72:
47:0d:44:b4:3b:f1:a0:f4:0f:b1:93:4e:cd:0b:bc:
fb:6d:01:70:03:0f:97:ba:56:48:85:81:e5:c0:db:
bc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:76:E7:80:59:D5:43:66:6B:AF:89:A8:B6:3E:33:DA:DF:D1:09:CC
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/pHbngFnVQ2Zrr4motj4z2t_RCcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.72.0/24
5.105.126.0/24
5.105.132.0/24
5.105.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:7e:b2:62:a6:74:01:4c:50:3e:f4:81:73:0d:28:74:86:fe:
c6:13:0f:c1:7c:06:01:bd:0c:98:31:5e:33:11:33:ef:11:ea:
a1:27:96:39:db:d8:8b:94:1b:03:27:65:18:4d:03:e2:41:32:
6b:40:1e:3c:78:97:0d:4e:56:8b:3a:52:fe:46:be:30:ba:cd:
a2:dd:bd:a9:47:48:1b:8f:72:9a:0b:11:5c:74:89:e1:18:30:
71:1e:a3:b4:27:3f:74:36:6f:5a:92:eb:3f:00:56:19:75:29:
ba:49:e0:1c:11:04:7d:28:98:96:63:ec:27:a6:c8:da:d8:96:
0d:ac:4d:c1:20:30:a2:51:22:34:9b:43:16:3b:77:dd:9e:99:
88:95:20:25:68:ce:b8:40:18:cb:33:21:b1:43:68:4c:3d:e4:
7e:1a:90:83:87:cb:43:09:c3:cb:f4:16:7d:98:75:34:2b:12:
70:35:b8:40:62:78:4a:43:38:ea:d9:d5:70:e3:43:74:97:f6:
72:b2:6b:4d:c6:b6:ec:94:5e:1f:f4:06:bd:28:69:64:62:de:
25:b9:62:02:2c:cb:6b:a1:b4:71:d0:1a:34:6d:f7:44:92:3e:
64:9f:70:f9:c6:48:11:27:95:82:01:d9:4e:aa:ca:be:d0:c1:
d9:70:50:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaDS5p+a+/wgDct7BBB2NFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjI0MTIwMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc2ZTc4MDU5ZDU0MzY2NmJhZjg5YThiNjNlMzNkYWRmZDEwOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZFr4xAsnne9H42iwY9MT4qdrgEC
BG7OhuPe7cEdFvVcdxyYo6+E7KMuZfBIK5L/SnGhlY+3mx6eRStDOV+erVmC5OM7
gXc1JvB2aFLawx4aSwRtWGkn4Wv08XKjOoKckgPjT/XQikweKEiFsD1xbanNHhSE
XdOdlGVEVHeOQ69ln5bR4EAlQ11FMxF7y5MbKPXrZt7QMRK6HwwLq5m0ovQb7qyP
q9MARbAQoWKbBxB9ieElVsoOQu4jznEDzkNxbRtLjoZt1YzFdBYoHJ3DQDHJOYGr
Nnmc6FLdXnsXqHJHDUS0O/Gg9A+xk07NC7z7bQFwAw+XulZIhYHlwNu8vwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKR254BZ1UNma6+JqLY+M9rf0QnMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcEhibmdGblZRMlpycjRtb3RqNHoydF9SQ2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWlIAwQA
BWl+AwQABWmEAwQABWmNMA0GCSqGSIb3DQEBCwUAA4IBAQCkfrJipnQBTFA+9IFz
DSh0hv7GEw/BfAYBvQyYMV4zETPvEeqhJ5Y529iLlBsDJ2UYTQPiQTJrQB48eJcN
TlaLOlL+Rr4wus2i3b2pR0gbj3KaCxFcdInhGDBxHqO0Jz90Nm9akus/AFYZdSm6
SeAcEQR9KJiWY+wnpsja2JYNrE3BIDCiUSI0m0MWO3fdnpmIlSAlaM64QBjLMyGx
Q2hMPeR+GpCDh8tDCcPL9BZ9mHU0KxJwNbhAYnhKQzjq2dVw40N0l/ZysmtNxrbs
lF4f9Aa9KGlkYt4luWICLMtrobRx0Bo0bfdEkj5kn3D5xkgRJ5WCAdlOqsq+0MHZ
cFBm
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:59:09 2025 by rpki-client