Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/q3Aargqic6CyS8zqGuVBFGpSq5E.roa
File: q3Aargqic6CyS8zqGuVBFGpSq5E.roa (raw, json)
Hash identifier: ekXBBsGNkq1HAcMXvjAk78h3M016ZImv9pmeny0oxAI=
Subject key identifier: AB:70:1A:AE:0A:A2:73:A0:B2:4B:CC:EA:1A:E5:41:14:6A:52:AB:91
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0183FB03C8FCD44464E71C47771EC14E3E34
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/q3Aargqic6CyS8zqGuVBFGpSq5E.roa
Signing time: Fri 21 Oct 2022 14:47:52 +0000
ROA not before: Fri 21 Oct 2022 14:47:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397373
IP address blocks: 5.105.159.0/24 maxlen: 24
5.105.167.0/24 maxlen: 24
5.105.171.0/24 maxlen: 24
5.105.173.0/24 maxlen: 24
5.105.205.0/24 maxlen: 24
5.105.213.0/24 maxlen: 24
5.105.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:03:c8:fc:d4:44:64:e7:1c:47:77:1e:c1:4e:3e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 21 14:47:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab701aae0aa273a0b24bccea1ae541146a52ab91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:2b:6b:1a:a7:70:53:5e:52:a3:f1:60:88:
d3:a3:e5:5e:0c:63:ac:a0:b3:47:97:f7:37:47:97:
30:79:ab:35:e2:25:2e:d5:a0:c8:c6:40:b0:ac:ea:
88:51:7b:b7:da:93:08:55:9b:56:bb:54:93:5b:c0:
4a:a9:c9:eb:85:59:cb:a0:b0:32:cd:71:08:71:8f:
ca:ec:e7:33:f9:8a:2e:76:a9:60:6c:21:e6:7d:87:
a0:1c:47:a3:c9:8d:a5:57:24:bf:3f:8f:56:99:bb:
80:ed:5e:1f:4d:99:c9:22:90:78:1d:71:b1:b1:3a:
3b:b9:c6:c7:70:65:5d:f5:28:6e:9c:d1:9c:80:b3:
77:82:ba:fa:b3:47:13:ed:85:98:85:10:b3:89:78:
5d:4e:ad:d6:74:43:0f:e7:a5:26:7b:69:0d:10:f7:
82:5e:e3:ab:00:c2:e7:03:cb:a8:94:62:c5:d4:f9:
47:28:5d:fe:39:fd:fb:17:15:8d:36:1e:7b:22:6e:
a4:bc:bb:df:56:f6:81:e5:cc:63:39:be:98:e6:05:
65:01:2a:a4:45:41:26:78:fd:4b:51:0f:d8:f5:46:
2c:f2:02:8f:d6:01:4b:70:4f:f2:ba:09:c9:49:52:
28:3f:6a:13:ff:b1:21:46:14:c8:bc:99:30:e8:8a:
0c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:70:1A:AE:0A:A2:73:A0:B2:4B:CC:EA:1A:E5:41:14:6A:52:AB:91
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/q3Aargqic6CyS8zqGuVBFGpSq5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.159.0/24
5.105.167.0/24
5.105.171.0/24
5.105.173.0/24
5.105.205.0/24
5.105.213.0/24
5.105.217.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:3f:31:46:a5:1b:13:77:3d:83:b6:ca:2b:37:0c:56:8c:3f:
fc:22:22:9c:7c:47:1a:2e:b4:de:6b:be:88:9a:b1:d7:4b:0b:
48:18:e8:a6:d3:4d:b3:12:e1:18:f7:d9:7d:92:16:ff:98:b6:
1f:86:36:ec:4e:37:79:df:b4:f5:6c:3c:a4:ef:c1:ad:27:f4:
38:05:7a:a5:d1:0a:b7:e8:29:d8:ad:2f:f3:c4:64:f6:39:61:
ac:7a:d2:b9:ca:af:4c:f9:ca:6d:6a:df:a8:02:3b:76:31:59:
a4:88:98:df:d3:f0:de:90:96:67:73:27:63:d4:a1:2a:26:af:
ec:0c:ac:3f:12:35:87:dd:3d:f4:cf:3c:a2:e2:e8:66:6b:72:
74:b0:09:fa:e3:7e:ab:45:ba:8a:4b:bd:a8:ae:b1:b6:2d:37:
79:ff:8d:34:2d:fa:74:02:92:b1:ce:0e:83:83:ee:9a:c6:fb:
d8:f9:62:c7:3c:10:73:1f:d5:ab:56:c6:30:95:de:3f:53:b3:
02:54:30:31:db:94:42:c3:20:77:65:32:33:43:52:b0:de:78:
1e:d9:0d:a9:cb:3d:3c:ff:f2:ac:d0:27:5f:88:52:9f:f0:da:
4b:6d:c5:1a:85:b2:6f:58:a2:03:f8:27:8a:82:18:45:8a:3b:
7b:c7:a9:5d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYP7A8j81ERk5xxHdx7BTj40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDIxMTQ0NzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjcwMWFhZTBhYTI3M2EwYjI0YmNjZWExYWU1NDExNDZhNTJhYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIEraxqncFNeUqPxYIjTo+VeDGOs
oLNHl/c3R5cweas14iUu1aDIxkCwrOqIUXu32pMIVZtWu1STW8BKqcnrhVnLoLAy
zXEIcY/K7Ocz+YoudqlgbCHmfYegHEejyY2lVyS/P49WmbuA7V4fTZnJIpB4HXGx
sTo7ucbHcGVd9ShunNGcgLN3grr6s0cT7YWYhRCziXhdTq3WdEMP56Ume2kNEPeC
XuOrAMLnA8uolGLF1PlHKF3+Of37FxWNNh57Im6kvLvfVvaB5cxjOb6Y5gVlASqk
RUEmeP1LUQ/Y9UYs8gKP1gFLcE/yugnJSVIoP2oT/7EhRhTIvJkw6IoMrQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKtwGq4KonOgskvM6hrlQRRqUquRMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcTNBYXJncWljNkN5Uzh6cUd1VkJGR3BTcTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWmfAwQA
BWmnAwQABWmrAwQABWmtAwQABWnNAwQABWnVAwQABWnZMA0GCSqGSIb3DQEBCwUA
A4IBAQCrPzFGpRsTdz2DtsorNwxWjD/8IiKcfEcaLrTea76ImrHXSwtIGOim002z
EuEY99l9khb/mLYfhjbsTjd537T1bDyk78GtJ/Q4BXql0Qq36CnYrS/zxGT2OWGs
etK5yq9M+cptat+oAjt2MVmkiJjf0/DekJZncydj1KEqJq/sDKw/EjWH3T30zzyi
4uhma3J0sAn6436rRbqKS72orrG2LTd5/400Lfp0ApKxzg6Dg+6axvvY+WLHPBBz
H9WrVsYwld4/U7MCVDAx25RCwyB3ZTIzQ1Kw3nge2Q2pyz08//Ks0CdfiFKf8NpL
bcUahbJvWKID+CeKghhFijt7x6ld
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:30 2025 by rpki-client