Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xFKnIG3q8t8Vv1_GotLBdnWum8o.roa
File: xFKnIG3q8t8Vv1_GotLBdnWum8o.roa (raw, json)
Hash identifier: Cpa0TMpG7k3VCqdgFldBXhCgziIPef9tHVBh1dW0WgM=
Subject key identifier: C4:52:A7:20:6D:EA:F2:DF:15:BF:5F:C6:A2:D2:C1:76:75:AE:9B:CA
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184F2415E164B1513D2B593E030EFE97261
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xFKnIG3q8t8Vv1_GotLBdnWum8o.roa
Signing time: Thu 08 Dec 2022 15:01:20 +0000
ROA not before: Thu 08 Dec 2022 15:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:41:5e:16:4b:15:13:d2:b5:93:e0:30:ef:e9:72:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 8 15:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c452a7206deaf2df15bf5fc6a2d2c17675ae9bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f4:72:8d:67:aa:de:84:aa:ee:b2:b6:5b:a6:
53:b5:29:5f:cf:88:f1:b3:9e:d6:51:3e:bd:3f:fe:
b2:1d:76:e8:77:30:dd:d1:2f:02:05:c6:f9:cd:77:
0d:3f:9c:c6:bb:b7:ed:c4:c6:2a:17:83:7f:29:d6:
43:e4:fc:aa:eb:9f:2a:4b:b5:92:e1:8a:a8:66:4c:
03:e7:24:17:ad:28:71:42:cc:5d:4b:ac:2e:58:ab:
c8:45:87:89:5d:d3:32:c5:49:96:9a:09:3f:67:e2:
24:44:06:8c:d9:43:5f:e8:2b:99:cc:80:4e:ba:89:
d4:32:48:2c:d4:25:5a:3c:ea:6a:af:17:04:f4:c3:
fe:d6:03:a1:47:b2:4a:3e:62:9e:39:d8:de:a8:46:
de:a5:12:e9:7f:a0:41:b3:1f:5e:7b:af:10:7e:2c:
c8:fe:9d:b3:14:69:d4:c4:6f:88:b7:86:72:b7:f6:
69:7c:36:06:c7:b7:9b:c4:81:d5:42:26:a4:da:0e:
ac:05:85:b8:ac:8a:00:35:da:26:29:26:58:fa:d7:
79:6d:6a:f7:09:9b:c3:77:99:cf:b8:5d:7f:e8:32:
20:0e:0d:92:61:c0:d8:0e:41:5e:13:4f:20:e9:02:
6d:8e:67:36:90:4a:b1:e8:23:cf:f6:0f:12:b6:23:
38:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:52:A7:20:6D:EA:F2:DF:15:BF:5F:C6:A2:D2:C1:76:75:AE:9B:CA
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xFKnIG3q8t8Vv1_GotLBdnWum8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/24
5.105.57.0/24
Signature Algorithm: sha256WithRSAEncryption
83:80:c4:66:fc:a4:14:c9:73:6b:e0:76:d1:c2:4e:f9:ea:c7:
7b:eb:6a:a8:c2:30:e6:2e:dc:b6:f4:60:44:a2:f0:95:e3:87:
ae:29:c4:a9:c9:ff:97:ea:16:79:08:90:2b:3b:35:cf:6c:b6:
b8:37:fc:6a:b3:b2:23:05:28:a8:7b:25:14:21:67:59:96:77:
a4:e4:ee:e5:ea:61:66:78:a1:27:a4:75:c5:cf:5e:6c:7a:8f:
e5:09:94:62:e6:f5:70:ef:19:51:c8:2a:87:b7:85:8e:95:42:
44:5d:17:a1:7f:9b:2c:08:c1:0c:52:8d:93:c1:7f:63:bd:7b:
dd:22:96:59:e9:e7:80:48:a3:6d:9e:33:50:a2:1c:c2:87:f6:
e7:c8:01:7e:2b:78:d0:47:ac:f8:d6:ee:88:a5:a9:6f:53:9c:
54:7d:04:c3:42:32:93:16:dc:b4:87:56:dd:6e:4f:83:e9:8a:
8e:6c:3f:8a:e8:13:0f:ee:1f:58:9c:63:30:b4:f2:dc:60:53:
92:88:f8:a2:46:78:82:cd:c6:d6:00:ed:18:45:d5:73:32:ad:
e2:ed:9b:ff:f6:c6:76:dd:18:be:df:4d:4c:33:ef:c9:5a:ef:
c7:fd:b6:99:f8:5b:ba:9f:19:ab:0c:4a:6f:87:9a:41:fd:80:
d8:aa:63:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTyQV4WSxUT0rWT4DDv6XJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjA4MTUwMTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDUyYTcyMDZkZWFmMmRmMTViZjVmYzZhMmQyYzE3Njc1YWU5YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufRyjWeq3oSq7rK2W6ZTtSlfz4jx
s57WUT69P/6yHXbodzDd0S8CBcb5zXcNP5zGu7ftxMYqF4N/KdZD5Pyq658qS7WS
4YqoZkwD5yQXrShxQsxdS6wuWKvIRYeJXdMyxUmWmgk/Z+IkRAaM2UNf6CuZzIBO
uonUMkgs1CVaPOpqrxcE9MP+1gOhR7JKPmKeOdjeqEbepRLpf6BBsx9ee68QfizI
/p2zFGnUxG+It4Zyt/ZpfDYGx7ebxIHVQiak2g6sBYW4rIoANdomKSZY+td5bWr3
CZvDd5nPuF1/6DIgDg2SYcDYDkFeE08g6QJtjmc2kEqx6CPP9g8StiM4DwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMRSpyBt6vLfFb9fxqLSwXZ1rpvKMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveEZLbklHM3E4dDhWdjFfR290TEJkbld1bThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWkYAwQA
BWk5MA0GCSqGSIb3DQEBCwUAA4IBAQCDgMRm/KQUyXNr4HbRwk756sd762qowjDm
Lty29GBEovCV44euKcSpyf+X6hZ5CJArOzXPbLa4N/xqs7IjBSioeyUUIWdZlnek
5O7l6mFmeKEnpHXFz15seo/lCZRi5vVw7xlRyCqHt4WOlUJEXRehf5ssCMEMUo2T
wX9jvXvdIpZZ6eeASKNtnjNQohzCh/bnyAF+K3jQR6z41u6IpalvU5xUfQTDQjKT
Fty0h1bdbk+D6YqObD+K6BMP7h9YnGMwtPLcYFOSiPiiRniCzcbWAO0YRdVzMq3i
7Zv/9sZ23Ri+301MM+/JWu/H/baZ+Fu6nxmrDEpvh5pB/YDYqmPX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:29 2024 by rpki-client on console-fra.rpki-client.org