Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/w-qB9txuTFrEfEpmX4RxXE-46T8.roa
File: w-qB9txuTFrEfEpmX4RxXE-46T8.roa (raw, json)
Hash identifier: S9exgd5/dMjElZ0ZyE3OG3649l429SOF0YE+dx0aRpo=
Subject key identifier: C3:EA:81:F6:DC:6E:4C:5A:C4:7C:4A:66:5F:84:71:5C:4F:B8:E9:3F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0183EB954AF2BE7DED10D5AAF4555D8F901B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/w-qB9txuTFrEfEpmX4RxXE-46T8.roa
Signing time: Tue 18 Oct 2022 14:52:53 +0000
ROA not before: Tue 18 Oct 2022 14:52:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 5.105.25.0/24 maxlen: 24
5.105.71.0/24 maxlen: 24
5.105.99.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:95:4a:f2:be:7d:ed:10:d5:aa:f4:55:5d:8f:90:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 18 14:52:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3ea81f6dc6e4c5ac47c4a665f84715c4fb8e93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:91:db:72:40:43:66:4b:10:2a:17:c4:af:
80:a6:65:88:ec:5a:b2:58:b2:d3:57:b3:b6:70:fb:
f7:4e:37:0a:ed:0a:4b:29:4c:44:df:46:c5:2d:ee:
93:43:dc:ca:57:0c:b3:cc:e6:3c:52:eb:cc:3e:54:
57:59:c4:29:b0:24:bd:77:30:db:97:b2:30:dd:3a:
f5:a5:7f:6c:c9:c4:a9:f1:89:f9:5e:5f:21:36:63:
15:d4:53:ec:74:ff:a2:cc:0e:25:5f:0e:18:38:10:
ef:1c:24:22:9b:db:0a:d5:33:03:e3:0e:40:7a:d7:
88:4d:7d:5b:2e:50:ea:7d:f8:8c:fd:92:69:6c:3d:
f7:c2:da:8c:4d:6c:c1:95:07:51:8f:04:55:7e:9d:
08:a4:a4:6c:e1:b3:22:c7:4b:fa:42:e1:82:ea:58:
64:b3:34:16:49:92:67:7d:8a:cb:2e:e0:f1:b5:4e:
bc:08:f1:09:1f:97:71:38:d8:0c:f6:27:99:c5:07:
a5:e1:04:79:6c:b0:fe:be:13:c0:2c:6f:09:fc:38:
c7:3c:e7:96:87:e9:91:6d:5d:64:3d:cc:33:4a:a6:
33:53:1f:c1:97:f8:68:f8:00:6b:78:af:27:ff:80:
0f:20:9a:27:0c:f4:ff:91:5a:45:10:a8:f1:31:ff:
16:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EA:81:F6:DC:6E:4C:5A:C4:7C:4A:66:5F:84:71:5C:4F:B8:E9:3F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/w-qB9txuTFrEfEpmX4RxXE-46T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.25.0/24
5.105.71.0/24
5.105.99.0/24
5.105.117.0/24
Signature Algorithm: sha256WithRSAEncryption
83:0e:b9:3f:39:6b:5e:9d:f8:6b:19:38:9f:c9:c6:4f:34:37:
83:24:d4:59:8a:f7:fa:10:dd:fa:8d:cc:9d:7c:a3:32:fe:31:
3b:4d:72:c6:96:34:32:42:9c:7b:0b:e4:54:cb:94:0b:55:5f:
62:bc:e8:45:59:44:fe:dd:ed:d2:ab:16:5c:7c:47:f8:75:81:
15:86:94:6b:bd:53:75:52:d9:1c:74:ef:a0:46:a4:92:3a:03:
1f:3f:db:21:68:c0:2e:c1:ea:1f:ae:1d:d7:47:32:ef:18:f2:
af:2a:6e:c7:5b:f3:bb:21:85:4b:76:1f:63:ca:16:03:2e:7e:
dd:aa:c7:a8:e0:ce:49:a5:92:f9:38:ad:5b:5b:e4:15:24:0b:
9b:14:51:f6:7c:28:ff:11:01:d9:a9:69:14:02:f2:2d:22:3d:
cc:ff:9c:39:6a:f6:c8:5d:e0:04:f7:21:1e:93:9b:04:a4:ec:
6d:a0:f3:aa:db:18:5e:23:0d:3a:d6:27:92:11:6a:95:89:70:
e2:ff:9c:83:5f:84:c2:61:29:1d:a0:31:c6:52:b0:aa:fe:30:
aa:80:dc:1c:32:e4:9f:f8:09:d5:8f:0f:39:0d:a0:c8:17:73:
bb:33:a3:3e:e6:c3:da:41:f3:18:d3:62:ba:c3:a0:8b:83:66:
63:f5:fa:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPrlUryvn3tENWq9FVdj5AbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDE4MTQ1MjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2VhODFmNmRjNmU0YzVhYzQ3YzRhNjY1Zjg0NzE1YzRmYjhlOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLuR23JAQ2ZLECoXxK+ApmWI7Fqy
WLLTV7O2cPv3TjcK7QpLKUxE30bFLe6TQ9zKVwyzzOY8UuvMPlRXWcQpsCS9dzDb
l7Iw3Tr1pX9sycSp8Yn5Xl8hNmMV1FPsdP+izA4lXw4YOBDvHCQim9sK1TMD4w5A
eteITX1bLlDqffiM/ZJpbD33wtqMTWzBlQdRjwRVfp0IpKRs4bMix0v6QuGC6lhk
szQWSZJnfYrLLuDxtU68CPEJH5dxONgM9ieZxQel4QR5bLD+vhPALG8J/DjHPOeW
h+mRbV1kPcwzSqYzUx/Bl/ho+ABreK8n/4APIJonDPT/kVpFEKjxMf8WqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMPqgfbcbkxaxHxKZl+EcVxPuOk/MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdy1xQjl0eHVURnJFZkVwbVg0UnhYRS00NlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWkZAwQA
BWlHAwQABWljAwQABWl1MA0GCSqGSIb3DQEBCwUAA4IBAQCDDrk/OWtenfhrGTif
ycZPNDeDJNRZivf6EN36jcydfKMy/jE7TXLGljQyQpx7C+RUy5QLVV9ivOhFWUT+
3e3SqxZcfEf4dYEVhpRrvVN1UtkcdO+gRqSSOgMfP9shaMAuweofrh3XRzLvGPKv
Km7HW/O7IYVLdh9jyhYDLn7dqseo4M5JpZL5OK1bW+QVJAubFFH2fCj/EQHZqWkU
AvItIj3M/5w5avbIXeAE9yEek5sEpOxtoPOq2xheIw061ieSEWqViXDi/5yDX4TC
YSkdoDHGUrCq/jCqgNwcMuSf+AnVjw85DaDIF3O7M6M+5sPaQfMY02K6w6CLg2Zj
9fpr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:59 2024 by rpki-client on console-ams.rpki-client.org