Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/r0UpucyvjWiGt1TcD3rGrkmmEvc.roa
File: r0UpucyvjWiGt1TcD3rGrkmmEvc.roa (raw, json)
Hash identifier: Ie1A7lO8jxNgQOc4M/2YWZ7d3xPCegm+Vg58GH0ByV0=
Subject key identifier: AF:45:29:B9:CC:AF:8D:68:86:B7:54:DC:0F:7A:C6:AE:49:A6:12:F7
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189924871FC1CE3EBF3E884E4C90367A816
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/r0UpucyvjWiGt1TcD3rGrkmmEvc.roa
Signing time: Wed 26 Jul 2023 12:59:28 +0000
ROA not before: Wed 26 Jul 2023 12:59:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 5.105.16.0/24 maxlen: 24
5.105.20.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:48:71:fc:1c:e3:eb:f3:e8:84:e4:c9:03:67:a8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 26 12:59:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af4529b9ccaf8d6886b754dc0f7ac6ae49a612f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b0:79:f2:65:c2:56:c6:4e:72:11:7c:c5:0a:
f2:3c:4c:87:f7:e9:ba:c6:51:a5:ac:d4:1b:56:42:
46:d4:67:15:95:0f:c4:88:57:75:82:05:11:70:74:
83:29:1c:fa:90:07:b9:2a:99:2b:c0:33:37:85:a5:
33:2a:93:3d:c6:fc:89:58:f7:53:50:08:12:35:a2:
c5:9a:07:33:39:49:88:28:fc:df:20:4d:6c:b9:d6:
5a:cd:0f:80:5a:08:5d:73:fb:33:5b:d4:90:e1:1b:
6b:22:f9:9d:2f:05:ab:73:f9:1e:4c:03:80:ca:1a:
06:9c:a7:c0:d3:f8:95:1d:7e:04:4e:65:a2:c6:4a:
3e:1e:b8:ca:72:26:5a:73:c9:8a:f1:83:5e:69:c1:
8a:9b:d6:cc:9d:ee:d4:3d:78:41:d0:2c:72:a8:9e:
87:47:81:ab:f6:48:d8:b1:88:e9:bd:d6:9f:5f:6e:
4d:45:d2:af:91:0a:a2:d6:c5:00:cc:d2:25:6b:1e:
9c:f1:6a:bd:22:6a:c1:d5:fe:0b:0c:e5:f6:a0:19:
2f:92:f6:03:99:41:96:f4:16:91:17:1a:76:ac:03:
0f:c0:d2:4b:2b:a5:bb:5f:b6:73:28:c3:93:3c:7d:
61:d1:5b:b4:d9:fc:32:d1:7b:25:c6:fa:cd:88:3e:
14:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:45:29:B9:CC:AF:8D:68:86:B7:54:DC:0F:7A:C6:AE:49:A6:12:F7
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/r0UpucyvjWiGt1TcD3rGrkmmEvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.16.0/24
5.105.20.0/24
5.105.75.0/24
5.105.139.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:ec:9b:5f:ed:e5:83:da:c9:57:a0:25:3f:b8:50:d6:43:28:
4b:ac:f3:90:36:20:8d:c6:fc:62:9b:d2:57:e2:ae:ec:35:4b:
2f:84:8d:03:6e:8d:ac:e8:eb:05:71:53:52:07:52:9e:d0:c9:
02:0e:7b:03:51:d5:b7:25:01:15:35:95:21:ea:96:0b:27:25:
ec:0c:b5:df:2c:fa:80:b1:1a:25:f4:73:31:4d:f0:c6:f4:39:
86:32:3b:2b:1f:ef:55:87:9d:1f:47:06:c1:97:85:c8:ae:45:
b7:12:b9:f2:9d:58:cd:a4:19:48:ad:ed:e8:09:0e:91:73:9a:
e3:22:f4:87:9f:07:d0:2a:0c:3f:99:15:43:e5:20:aa:fe:92:
b4:c3:19:5d:69:ae:9b:98:70:90:f6:26:3c:0c:aa:11:2a:04:
c1:fc:06:42:b2:9d:e8:63:bd:e3:05:d8:c3:1f:c2:60:75:39:
36:01:7b:87:89:45:9b:19:b8:a1:41:9f:79:97:9b:06:4b:db:
74:96:ba:c8:42:37:f8:73:28:05:0c:85:e3:78:77:6a:25:df:
84:c8:74:60:66:bc:45:30:d8:aa:49:bd:b7:37:36:1d:8e:12:
83:3f:c8:54:de:6d:4a:3e:36:07:5b:e0:c0:d8:0b:c3:26:6d:
50:5a:53:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmSSHH8HOPr8+iE5MkDZ6gWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzI2MTI1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQ1MjliOWNjYWY4ZDY4ODZiNzU0ZGMwZjdhYzZhZTQ5YTYxMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7B58mXCVsZOchF8xQryPEyH9+m6
xlGlrNQbVkJG1GcVlQ/EiFd1ggURcHSDKRz6kAe5KpkrwDM3haUzKpM9xvyJWPdT
UAgSNaLFmgczOUmIKPzfIE1sudZazQ+AWghdc/szW9SQ4RtrIvmdLwWrc/keTAOA
yhoGnKfA0/iVHX4ETmWixko+HrjKciZac8mK8YNeacGKm9bMne7UPXhB0CxyqJ6H
R4Gr9kjYsYjpvdafX25NRdKvkQqi1sUAzNIlax6c8Wq9ImrB1f4LDOX2oBkvkvYD
mUGW9BaRFxp2rAMPwNJLK6W7X7ZzKMOTPH1h0Vu02fwy0XslxvrNiD4UjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK9FKbnMr41ohrdU3A96xq5JphL3MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcjBVcHVjeXZqV2lHdDFUY0Qzckdya21tRXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWkQAwQA
BWkUAwQABWlLAwQABWmLMA0GCSqGSIb3DQEBCwUAA4IBAQDS7Jtf7eWD2slXoCU/
uFDWQyhLrPOQNiCNxvxim9JX4q7sNUsvhI0Dbo2s6OsFcVNSB1Ke0MkCDnsDUdW3
JQEVNZUh6pYLJyXsDLXfLPqAsRol9HMxTfDG9DmGMjsrH+9Vh50fRwbBl4XIrkW3
ErnynVjNpBlIre3oCQ6Rc5rjIvSHnwfQKgw/mRVD5SCq/pK0wxldaa6bmHCQ9iY8
DKoRKgTB/AZCsp3oY73jBdjDH8JgdTk2AXuHiUWbGbihQZ95l5sGS9t0lrrIQjf4
cygFDIXjeHdqJd+EyHRgZrxFMNiqSb23NzYdjhKDP8hU3m1KPjYHW+DA2AvDJm1Q
WlPx
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:46 2025 by rpki-client