Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yVm30o0hgzGxyfkgZAP33xp14uY.roa
File: yVm30o0hgzGxyfkgZAP33xp14uY.roa (raw, json)
Hash identifier: WqUoENF3h2rg/HUqzS612dPe01tPhnenC0MrzrxVxtg=
Subject key identifier: C9:59:B7:D2:8D:21:83:31:B1:C9:F9:20:64:03:F7:DF:1A:75:E2:E6
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0182FEC8187E069AF8FD34F7BAB8C759EE4F
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yVm30o0hgzGxyfkgZAP33xp14uY.roa
Signing time: Fri 02 Sep 2022 15:18:22 +0000
ROA not before: Fri 02 Sep 2022 15:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 5.105.123.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:c8:18:7e:06:9a:f8:fd:34:f7:ba:b8:c7:59:ee:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 2 15:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c959b7d28d218331b1c9f9206403f7df1a75e2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d9:ba:95:18:95:68:e3:ac:6a:74:2e:6a:90:
e5:66:db:f8:40:4c:e4:8f:bc:17:70:83:ad:2a:30:
ac:79:b7:10:21:88:b5:00:fc:00:61:ea:01:03:bc:
fd:91:0b:7b:d3:60:73:c4:4b:bd:cf:85:76:af:ee:
54:10:03:d1:eb:94:dd:6f:95:6d:ce:41:b3:b8:b6:
0e:81:5d:0d:0e:b7:92:04:89:fd:7b:55:f3:d7:a9:
f6:9e:77:ce:cf:01:f7:6c:8d:d6:1d:bf:00:bb:e5:
f4:19:10:1e:f9:6d:27:cf:32:12:ba:9e:f2:5b:29:
52:d0:70:1f:3d:76:41:8b:c7:1a:48:f6:91:cd:69:
5f:0d:7e:2b:ae:c2:4b:e3:b8:30:6d:cb:50:26:4c:
1e:ce:e9:54:14:46:a3:11:4a:38:36:54:23:7f:1f:
39:76:f2:24:ac:c3:8a:ad:4b:3c:17:94:cf:a7:ea:
84:a8:85:fd:27:c1:97:50:c7:fb:0d:d7:ec:07:b7:
df:6d:df:23:a5:3b:dc:7e:11:09:b2:4d:95:64:34:
f0:b2:5f:c7:0a:18:bd:6d:76:76:24:b0:20:44:7e:
63:ba:71:41:37:a6:af:56:29:03:3e:1e:da:c3:6d:
fc:7e:7b:4a:38:e1:9e:9e:9c:eb:18:56:c1:58:fa:
d5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:59:B7:D2:8D:21:83:31:B1:C9:F9:20:64:03:F7:DF:1A:75:E2:E6
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/yVm30o0hgzGxyfkgZAP33xp14uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.57.0/24
5.105.89.0/24
5.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:0a:80:d9:e5:ee:87:24:37:2d:7f:31:17:f6:b0:a9:f2:b2:
8e:60:6b:b5:62:49:f2:d5:d8:cb:8b:db:8a:62:3f:0c:06:dc:
5c:0b:05:59:44:ff:4a:d4:ca:18:b1:1b:5c:b1:ea:4b:b5:ae:
90:59:0b:34:a3:51:a4:96:45:38:4a:95:74:cd:ea:19:1a:ee:
21:3b:fb:b9:00:8d:a3:24:24:82:39:e1:37:5a:a7:85:b7:c5:
bf:0b:b8:2b:00:72:76:dc:8d:52:9a:5a:aa:35:10:05:47:62:
5e:1a:56:99:f2:91:25:c7:0a:d9:96:2a:65:51:fb:32:b1:59:
83:b7:e1:96:7c:7f:8a:e4:28:a2:aa:f8:d7:0f:3a:55:ec:7e:
0a:de:6e:ea:05:dc:1f:48:22:19:62:b7:76:16:0e:48:00:47:
d2:89:12:41:7e:07:7b:66:16:40:41:40:16:b1:9b:c8:df:92:
ef:84:3c:2f:07:f5:1f:bf:00:d8:c0:2e:37:d4:24:af:fa:44:
e5:f1:9b:e9:44:77:88:b8:8e:74:60:21:09:74:16:7d:7a:dc:
bc:c1:7c:3d:8f:64:7c:e7:1f:aa:c8:d7:ff:8f:30:11:f1:25:
37:54:2a:49:bc:37:ad:07:d5:b7:ef:3e:55:ec:aa:05:82:5e:
19:4d:cf:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYL+yBh+Bpr4/TT3urjHWe5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwOTAyMTUxODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTU5YjdkMjhkMjE4MzMxYjFjOWY5MjA2NDAzZjdkZjFhNzVlMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNm6lRiVaOOsanQuapDlZtv4QEzk
j7wXcIOtKjCsebcQIYi1APwAYeoBA7z9kQt702BzxEu9z4V2r+5UEAPR65Tdb5Vt
zkGzuLYOgV0NDreSBIn9e1Xz16n2nnfOzwH3bI3WHb8Au+X0GRAe+W0nzzISup7y
WylS0HAfPXZBi8caSPaRzWlfDX4rrsJL47gwbctQJkwezulUFEajEUo4NlQjfx85
dvIkrMOKrUs8F5TPp+qEqIX9J8GXUMf7DdfsB7ffbd8jpTvcfhEJsk2VZDTwsl/H
Chi9bXZ2JLAgRH5junFBN6avVikDPh7aw238fntKOOGenpzrGFbBWPrV9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMlZt9KNIYMxscn5IGQD998adeLmMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveVZtMzBvMGhnekd4eWZrZ1pBUDMzeHAxNHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWk5AwQA
BWlZAwQABWl7MA0GCSqGSIb3DQEBCwUAA4IBAQAuCoDZ5e6HJDctfzEX9rCp8rKO
YGu1Ykny1djLi9uKYj8MBtxcCwVZRP9K1MoYsRtcsepLta6QWQs0o1GklkU4SpV0
zeoZGu4hO/u5AI2jJCSCOeE3WqeFt8W/C7grAHJ23I1SmlqqNRAFR2JeGlaZ8pEl
xwrZliplUfsysVmDt+GWfH+K5CiiqvjXDzpV7H4K3m7qBdwfSCIZYrd2Fg5IAEfS
iRJBfgd7ZhZAQUAWsZvI35LvhDwvB/UfvwDYwC431CSv+kTl8ZvpRHeIuI50YCEJ
dBZ9ety8wXw9j2R85x+qyNf/jzAR8SU3VCpJvDetB9W37z5V7KoFgl4ZTc+v
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org