Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/sWzStSsgJoPkT-PT1RcXOao6wuU.roa
File: sWzStSsgJoPkT-PT1RcXOao6wuU.roa (raw, json)
Hash identifier: dLRX2FXDWnZ/furH6WFZb6GD+4AimWdwcZN7wudu6rE=
Subject key identifier: B1:6C:D2:B5:2B:20:26:83:E4:4F:E3:D3:D5:17:17:39:AA:3A:C2:E5
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184AE48B4812604920FA519471AB4849DBB
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/sWzStSsgJoPkT-PT1RcXOao6wuU.roa
Signing time: Fri 25 Nov 2022 10:15:11 +0000
ROA not before: Fri 25 Nov 2022 10:15:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.15.0/24 maxlen: 24
5.105.28.0/24 maxlen: 24
5.105.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:48:b4:81:26:04:92:0f:a5:19:47:1a:b4:84:9d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 25 10:15:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b16cd2b52b202683e44fe3d3d5171739aa3ac2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:2d:50:42:26:83:10:ba:3f:d8:1b:78:2b:
8b:e7:37:df:31:66:b0:56:03:c6:24:e4:ba:1b:e8:
27:0e:c1:0c:e8:05:be:64:06:30:ed:d8:9f:42:7a:
31:a0:d4:f7:86:43:d6:e9:5b:f5:aa:99:79:03:eb:
aa:89:4d:26:7f:f5:95:46:ba:4a:52:76:fe:cd:da:
c1:35:7d:cc:f0:dd:61:c6:4b:5f:e7:d7:92:1f:5f:
a5:fc:01:19:06:5d:f4:b3:3a:44:64:bc:73:b6:ac:
af:78:bf:90:fc:62:4f:6f:f1:29:fe:f5:15:d6:d6:
e7:57:dc:c3:d6:41:77:29:da:61:21:c5:ae:56:33:
38:96:90:f3:2f:90:2d:26:86:32:2b:ba:79:3d:22:
ee:1f:d4:c0:39:9c:fb:ee:92:b9:15:d6:78:51:b4:
1d:dd:10:b5:e9:61:27:0c:cb:ff:d4:af:04:20:6f:
1c:51:a1:f0:f9:ce:02:4b:04:76:fa:dd:bf:df:1c:
84:46:1b:e7:b7:44:5a:38:5c:30:51:27:7b:04:02:
8a:18:ca:cc:d0:69:44:e3:e2:21:24:88:00:d5:37:
34:08:39:9d:d3:14:95:07:79:f3:da:1f:e7:34:fa:
bf:0f:c6:88:41:42:14:8c:51:05:51:f7:46:ce:cf:
0d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6C:D2:B5:2B:20:26:83:E4:4F:E3:D3:D5:17:17:39:AA:3A:C2:E5
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/sWzStSsgJoPkT-PT1RcXOao6wuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.15.0/24
5.105.28.0/24
5.105.42.0/24
Signature Algorithm: sha256WithRSAEncryption
81:b3:59:17:5e:28:33:bd:69:01:81:b2:b4:33:06:ed:1f:af:
b8:f2:fd:01:7f:09:74:08:86:8d:83:0b:c0:41:17:ef:eb:63:
3c:8d:ec:d3:eb:db:86:83:50:dd:aa:fa:23:c4:7d:9b:73:2d:
fb:c0:4e:b8:9b:ff:8a:20:05:b7:c4:83:3e:c6:c8:75:60:66:
70:eb:3e:d7:54:88:5c:85:73:b9:22:52:86:63:59:b0:2a:22:
63:38:b9:bc:83:cd:fe:fa:61:f7:a7:57:f3:9c:30:16:9d:c4:
6f:82:7e:f0:29:8a:8e:df:25:5a:a3:48:bf:ff:ad:bb:d2:6a:
8a:d2:75:69:62:0c:01:a3:7a:70:a7:e5:5e:4d:b1:fe:26:5f:
8a:18:63:47:7a:6e:b6:0e:a2:76:f7:af:54:7e:d6:16:8b:84:
bb:5b:1a:17:ab:4f:17:4a:77:24:d4:f0:08:0d:3b:8a:01:b1:
dd:a2:8f:0e:52:68:6f:fa:d1:c0:1e:57:d1:02:41:7d:b7:4a:
61:d1:e4:21:12:28:d6:1d:ed:e1:d5:52:b0:9c:0a:0f:65:9a:
af:4f:6f:28:e8:2f:b2:9e:17:da:57:07:8d:03:62:f8:c0:36:
59:66:a8:2c:56:78:5f:6c:fa:ce:1a:a2:16:b3:45:05:96:d8:
da:3e:ee:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSuSLSBJgSSD6UZRxq0hJ27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTI1MTAxNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZjZDJiNTJiMjAyNjgzZTQ0ZmUzZDNkNTE3MTczOWFhM2FjMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZotUEImgxC6P9gbeCuL5zffMWaw
VgPGJOS6G+gnDsEM6AW+ZAYw7difQnoxoNT3hkPW6Vv1qpl5A+uqiU0mf/WVRrpK
Unb+zdrBNX3M8N1hxktf59eSH1+l/AEZBl30szpEZLxztqyveL+Q/GJPb/Ep/vUV
1tbnV9zD1kF3KdphIcWuVjM4lpDzL5AtJoYyK7p5PSLuH9TAOZz77pK5FdZ4UbQd
3RC16WEnDMv/1K8EIG8cUaHw+c4CSwR2+t2/3xyERhvnt0RaOFwwUSd7BAKKGMrM
0GlE4+IhJIgA1Tc0CDmd0xSVB3nz2h/nNPq/D8aIQUIUjFEFUfdGzs8NvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLFs0rUrICaD5E/j09UXFzmqOsLlMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvc1d6U3RTc2dKb1BrVC1QVDFSY1hPYW82d3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkPAwQA
BWkcAwQABWkqMA0GCSqGSIb3DQEBCwUAA4IBAQCBs1kXXigzvWkBgbK0MwbtH6+4
8v0Bfwl0CIaNgwvAQRfv62M8jezT69uGg1DdqvojxH2bcy37wE64m/+KIAW3xIM+
xsh1YGZw6z7XVIhchXO5IlKGY1mwKiJjOLm8g83++mH3p1fznDAWncRvgn7wKYqO
3yVao0i//6270mqK0nVpYgwBo3pwp+VeTbH+Jl+KGGNHem62DqJ2969UftYWi4S7
WxoXq08XSnck1PAIDTuKAbHdoo8OUmhv+tHAHlfRAkF9t0ph0eQhEijWHe3h1VKw
nAoPZZqvT28o6C+ynhfaVweNA2L4wDZZZqgsVnhfbPrOGqIWs0UFltjaPu5F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:59 2024 by rpki-client on console-ams.rpki-client.org