Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zQnACmJrPZGmLt4d4xIa8XpHK6Q.roa
File: zQnACmJrPZGmLt4d4xIa8XpHK6Q.roa (raw, json)
Hash identifier: gYUN/r30IrhItntQlvTHmWPQ33uH/PjgWL/56colMx8=
Subject key identifier: CD:09:C0:0A:62:6B:3D:91:A6:2E:DE:1D:E3:12:1A:F1:7A:47:2B:A4
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0187473A47C25AD9832B1F3ED5EBDD8AA632
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zQnACmJrPZGmLt4d4xIa8XpHK6Q.roa
Signing time: Mon 03 Apr 2023 13:06:54 +0000
ROA not before: Mon 03 Apr 2023 13:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 5.105.131.0/24 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:3a:47:c2:5a:d9:83:2b:1f:3e:d5:eb:dd:8a:a6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Apr 3 13:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd09c00a626b3d91a62ede1de3121af17a472ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:18:3f:07:17:d5:40:2a:71:00:c1:7d:8c:
2f:50:9d:6b:43:12:b1:a9:92:0e:79:e0:ac:fb:e4:
90:05:83:e2:ca:96:e1:bd:4c:cb:a6:2e:ac:7d:58:
57:fc:8d:5e:95:5f:fe:f4:b8:8f:8b:d9:c5:02:8b:
6f:74:54:fd:69:c1:39:fa:47:e0:01:47:fa:44:77:
f1:d8:3e:eb:7f:11:10:11:74:dd:5d:ed:79:4c:60:
10:3f:d5:3c:13:ea:f0:13:84:eb:f5:0b:88:1e:1a:
71:9b:dc:97:51:78:33:42:5d:49:29:22:b7:45:71:
87:0a:68:31:3b:53:d7:87:af:db:04:d8:d6:ea:3a:
63:9e:1b:c1:b0:bb:02:bb:7a:68:1d:42:08:94:55:
04:cb:23:0b:bc:b0:89:b4:13:b7:10:b3:2b:25:91:
23:1f:3a:7c:b0:67:9c:1d:01:f5:d2:b3:c3:21:0e:
05:e5:51:0c:10:2b:5c:20:06:f9:09:5a:28:01:02:
9e:b1:dc:bb:0b:3d:c8:be:bc:e6:b2:99:50:79:65:
3a:6d:7b:c8:41:d0:65:e4:a6:ee:98:95:b7:85:f9:
a7:cd:1a:24:a9:de:e3:be:9f:3c:57:69:bb:50:5c:
01:67:09:ac:3e:44:02:26:97:0e:06:0f:da:35:5d:
12:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:09:C0:0A:62:6B:3D:91:A6:2E:DE:1D:E3:12:1A:F1:7A:47:2B:A4
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zQnACmJrPZGmLt4d4xIa8XpHK6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.131.0/24
5.105.156.0/24
Signature Algorithm: sha256WithRSAEncryption
23:45:dc:0d:e0:94:87:9a:4c:16:0f:7b:27:25:8f:e8:5d:e6:
30:51:32:4a:f3:e3:85:f2:0f:62:30:40:eb:82:dc:57:2e:8e:
06:94:3d:5c:32:be:9d:71:21:d9:67:6f:12:31:2a:cd:47:5b:
8c:a7:81:b7:c6:0b:8f:70:a0:f1:4a:b0:58:d9:77:e8:be:3b:
97:03:29:55:c7:48:80:4e:05:3c:3e:be:3f:c7:24:8d:85:d4:
5c:25:30:5f:e5:ef:c5:6c:09:e1:c9:9e:3a:88:0d:7f:3c:27:
52:57:c3:18:e8:44:45:d8:27:3f:47:32:d8:57:55:f9:49:c8:
68:d8:1b:9a:c8:91:c4:4a:a5:ec:db:bd:0a:b7:41:04:77:5d:
7b:72:e2:7c:11:92:df:d1:46:5f:3d:27:e0:2e:26:96:e0:5e:
56:fa:cc:83:ac:68:a6:fe:98:5e:72:76:3e:1e:49:e8:46:f4:
81:5c:f1:3c:c9:13:01:98:d1:91:03:cd:6d:d9:89:7c:9d:45:
b7:4a:76:36:d3:f0:d5:6f:86:4b:9d:e9:38:6f:46:92:51:af:
a4:5b:83:43:2d:94:d2:c4:26:f9:2e:2d:cd:8e:56:ca:aa:67:
26:80:5b:8b:72:9d:2d:98:fd:1e:f2:66:51:22:aa:ed:62:cf:
03:42:be:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdHOkfCWtmDKx8+1evdiqYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDAzMTMwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA5YzAwYTYyNmIzZDkxYTYyZWRlMWRlMzEyMWFmMTdhNDcyYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqIYPwcX1UAqcQDBfYwvUJ1rQxKx
qZIOeeCs++SQBYPiypbhvUzLpi6sfVhX/I1elV/+9LiPi9nFAotvdFT9acE5+kfg
AUf6RHfx2D7rfxEQEXTdXe15TGAQP9U8E+rwE4Tr9QuIHhpxm9yXUXgzQl1JKSK3
RXGHCmgxO1PXh6/bBNjW6jpjnhvBsLsCu3poHUIIlFUEyyMLvLCJtBO3ELMrJZEj
Hzp8sGecHQH10rPDIQ4F5VEMECtcIAb5CVooAQKesdy7Cz3IvrzmsplQeWU6bXvI
QdBl5KbumJW3hfmnzRokqd7jvp88V2m7UFwBZwmsPkQCJpcOBg/aNV0SSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM0JwApiaz2Rpi7eHeMSGvF6RyukMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvelFuQUNtSnJQWkdtTHQ0ZDR4SWE4WHBISzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkdAwQA
BWmDAwQABWmcMA0GCSqGSIb3DQEBCwUAA4IBAQAjRdwN4JSHmkwWD3snJY/oXeYw
UTJK8+OF8g9iMEDrgtxXLo4GlD1cMr6dcSHZZ28SMSrNR1uMp4G3xguPcKDxSrBY
2XfovjuXAylVx0iATgU8Pr4/xySNhdRcJTBf5e/FbAnhyZ46iA1/PCdSV8MY6ERF
2Cc/RzLYV1X5Scho2BuayJHESqXs270Kt0EEd117cuJ8EZLf0UZfPSfgLiaW4F5W
+syDrGim/phecnY+HknoRvSBXPE8yRMBmNGRA81t2Yl8nUW3SnY20/DVb4ZLnek4
b0aSUa+kW4NDLZTSxCb5Li3NjlbKqmcmgFuLcp0tmP0e8mZRIqrtYs8DQr7M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:25 2025 by rpki-client