Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/wUPn_CJ5zn7-z7AdD4K60ZwWNx0.roa
File: wUPn_CJ5zn7-z7AdD4K60ZwWNx0.roa (raw, json)
Hash identifier: 8ahQweBK4v21YDiDLfJVmPZYnEgy3T1XiZG0pw2dYjY=
Subject key identifier: C1:43:E7:FC:22:79:CE:7E:FE:CF:B0:1D:0F:82:BA:D1:9C:16:37:1D
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018634FC30F5005637C13625C2834ACDDEDF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/wUPn_CJ5zn7-z7AdD4K60ZwWNx0.roa
Signing time: Thu 09 Feb 2023 07:03:08 +0000
ROA not before: Thu 09 Feb 2023 07:03:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46573
IP address blocks: 5.105.125.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.28.0/24 maxlen: 24
5.105.42.0/24 maxlen: 24
5.105.77.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:34:fc:30:f5:00:56:37:c1:36:25:c2:83:4a:cd:de:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 9 07:03:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c143e7fc2279ce7efecfb01d0f82bad19c16371d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:35:65:df:51:9e:c7:53:34:11:35:e5:ce:83:
51:1c:34:83:a4:83:d5:d7:f5:06:ff:14:a2:7b:7a:
64:0b:b5:38:f7:18:24:e1:ec:40:e6:1b:c1:1a:b6:
6f:5c:1f:d9:a1:1d:c0:fe:5f:b5:11:cf:ae:7e:60:
33:e1:33:a8:af:e5:82:6d:5f:d1:24:ae:21:dc:a2:
50:fa:41:e6:1f:86:a6:1d:a9:4f:cc:c7:f2:34:6f:
99:8d:d5:53:10:bd:3f:ea:6b:67:41:54:36:7b:b7:
58:cc:25:98:90:66:87:8b:ce:8f:b7:b3:33:49:14:
35:55:4f:77:6a:dc:3a:51:6b:a4:d7:60:96:71:8c:
13:5a:45:0f:e4:ca:8c:01:d4:16:92:f2:92:ef:e8:
b9:c1:d0:43:77:ec:e7:8c:08:a1:1f:d0:29:92:5d:
43:a5:69:1d:8d:c3:c5:1f:28:09:9f:b2:7f:44:a9:
5f:bd:4b:44:53:21:7d:a1:f0:5e:e5:64:77:52:46:
e8:97:79:5a:23:c1:ed:51:5d:f4:a5:c7:f8:11:b2:
52:dd:66:46:bb:46:d8:9b:1e:27:79:86:ca:f0:e7:
0a:ad:3b:17:42:9c:88:a6:db:a1:80:6c:7e:f5:30:
bb:64:94:50:10:6b:d8:bb:b6:a6:2f:9d:c7:79:1e:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:43:E7:FC:22:79:CE:7E:FE:CF:B0:1D:0F:82:BA:D1:9C:16:37:1D
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/wUPn_CJ5zn7-z7AdD4K60ZwWNx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.28.0/24
5.105.42.0/24
5.105.77.0/24
5.105.125.0/24
5.105.218.0/24
5.105.229.0/24
Signature Algorithm: sha256WithRSAEncryption
be:69:23:71:c7:dc:f1:a6:c8:41:e5:d0:9e:77:04:d6:ef:34:
22:b7:a6:ae:3a:9c:f8:dd:b3:ae:71:15:02:c4:35:5c:d8:a7:
81:b8:9c:32:85:3f:15:73:53:bb:e0:69:b5:43:97:f9:7e:a7:
25:c3:d3:3d:65:0c:93:de:d3:a8:b3:20:46:f7:6e:59:04:73:
24:5b:39:c3:aa:be:89:d4:84:ca:3c:78:3b:9e:90:50:18:c4:
68:f3:22:0b:8c:02:f5:8f:1f:06:c1:68:83:23:3b:27:f1:23:
8d:ef:6c:af:cd:fc:19:fc:5c:05:95:07:3a:5a:1b:a2:ea:43:
eb:1c:d9:bd:73:70:77:9f:91:97:f0:5e:01:74:36:ae:7b:b9:
3b:0b:97:c3:4f:63:38:1f:51:26:8e:14:64:7b:87:9c:bc:67:
a9:6e:83:eb:97:90:18:a1:25:ce:2c:fd:62:9f:b6:de:2f:63:
be:e3:d2:a9:ad:93:82:87:38:9f:91:33:17:05:eb:ee:cc:6f:
4b:fd:9a:81:60:02:ec:ea:61:84:59:28:4e:16:93:dc:25:4d:
76:77:bf:77:d1:96:30:cf:15:d2:47:f3:79:05:a9:f5:c5:3b:
ae:8b:bc:2d:ee:3e:b2:62:66:fd:27:1c:84:1d:b1:95:ea:08:
a4:39:e5:16
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYY0/DD1AFY3wTYlwoNKzd7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjA5MDcwMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQzZTdmYzIyNzljZTdlZmVjZmIwMWQwZjgyYmFkMTljMTYzNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDVl31Gex1M0ETXlzoNRHDSDpIPV
1/UG/xSie3pkC7U49xgk4exA5hvBGrZvXB/ZoR3A/l+1Ec+ufmAz4TOor+WCbV/R
JK4h3KJQ+kHmH4amHalPzMfyNG+ZjdVTEL0/6mtnQVQ2e7dYzCWYkGaHi86Pt7Mz
SRQ1VU93atw6UWuk12CWcYwTWkUP5MqMAdQWkvKS7+i5wdBDd+znjAihH9Apkl1D
pWkdjcPFHygJn7J/RKlfvUtEUyF9ofBe5WR3Ukbol3laI8HtUV30pcf4EbJS3WZG
u0bYmx4neYbK8OcKrTsXQpyIptuhgGx+9TC7ZJRQEGvYu7amL53HeR6unwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMFD5/wiec5+/s+wHQ+CutGcFjcdMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvd1VQbl9DSjV6bjctejdBZEQ0SzYwWndXTngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkcAwQA
BWkqAwQABWlNAwQABWl9AwQABWnaAwQABWnlMA0GCSqGSIb3DQEBCwUAA4IBAQC+
aSNxx9zxpshB5dCedwTW7zQit6auOpz43bOucRUCxDVc2KeBuJwyhT8Vc1O74Gm1
Q5f5fqclw9M9ZQyT3tOosyBG925ZBHMkWznDqr6J1ITKPHg7npBQGMRo8yILjAL1
jx8GwWiDIzsn8SON72yvzfwZ/FwFlQc6Whui6kPrHNm9c3B3n5GX8F4BdDaue7k7
C5fDT2M4H1EmjhRke4ecvGepboPrl5AYoSXOLP1in7beL2O+49KprZOChzifkTMX
BevuzG9L/ZqBYALs6mGEWShOFpPcJU12d7930ZYwzxXSR/N5Ban1xTuui7wt7j6y
Ymb9JxyEHbGV6gikOeUW
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:20:56 2025 by rpki-client