Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/5oFLUSx5q3FLMhAt3uqiCob6nek.roa
File: 5oFLUSx5q3FLMhAt3uqiCob6nek.roa (raw, json)
Hash identifier: sbXVSSbKH2kclfrHvSq3/D/7A9Yk2kMGUHyrtV3A2iM=
Subject key identifier: E6:81:4B:51:2C:79:AB:71:4B:32:10:2D:DE:EA:A2:0A:86:FA:9D:E9
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01842D2022FCD8CF8996C3C1E87FCF835234
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/5oFLUSx5q3FLMhAt3uqiCob6nek.roa
Signing time: Mon 31 Oct 2022 08:19:51 +0000
ROA not before: Mon 31 Oct 2022 08:19:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.130.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:20:22:fc:d8:cf:89:96:c3:c1:e8:7f:cf:83:52:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 31 08:19:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6814b512c79ab714b32102ddeeaa20a86fa9de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:b4:78:bf:e0:76:d0:f2:63:24:94:53:02:
cc:5e:05:b2:cc:49:b6:12:04:b9:52:44:31:6d:59:
17:e7:06:1d:27:39:6e:f5:d7:92:74:68:bb:22:eb:
b6:d1:04:76:29:f6:6b:61:84:01:21:16:ac:c4:02:
66:24:5d:35:c4:3f:be:55:b4:c4:04:a4:38:f4:23:
64:27:23:e7:77:81:b6:18:3c:ed:18:03:69:03:57:
8d:06:e9:c5:4b:81:d2:db:99:60:f7:33:cc:4a:51:
28:02:0d:c6:9e:2c:32:73:e0:73:6a:91:7b:af:c5:
16:58:b4:65:9d:ab:a7:ac:01:dd:5b:f5:81:94:b5:
e7:f9:18:75:6c:70:b7:03:82:c6:5c:66:d1:20:ff:
61:1e:95:cf:1b:e9:e6:30:d7:4f:8e:1a:ad:52:47:
8c:bb:a4:1c:93:7b:0d:43:d7:f9:04:da:84:79:1d:
69:ac:78:18:82:e6:b5:59:d1:0e:00:38:1a:a4:0f:
bb:7c:45:e8:f1:2d:79:dd:40:e6:61:4a:d4:40:12:
50:01:a4:81:50:7e:f3:a9:31:51:5c:da:fa:aa:3b:
31:4f:82:ab:9f:95:9e:90:3e:83:5b:4e:a1:fc:49:
b2:c6:99:b4:95:eb:d0:d9:47:0d:69:ac:a9:75:de:
db:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:81:4B:51:2C:79:AB:71:4B:32:10:2D:DE:EA:A2:0A:86:FA:9D:E9
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/5oFLUSx5q3FLMhAt3uqiCob6nek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.7.0/24
5.105.96.0/24
5.105.130.0/24
5.105.184.0/24
5.105.215.0/24
5.105.226.0/24
Signature Algorithm: sha256WithRSAEncryption
85:16:e3:6e:5c:89:f3:49:ab:17:34:69:0c:8f:e9:69:2d:94:
53:6b:2c:3c:8b:e5:6a:f5:bb:44:a3:78:44:5a:f8:30:12:4e:
c3:98:87:0c:56:f1:fe:af:12:e2:92:2c:68:92:99:04:b9:0d:
0c:41:1b:a4:b7:2a:bb:f0:bf:28:80:62:b4:75:46:02:7d:d8:
e5:60:30:17:03:3c:71:1e:48:22:53:84:c6:f0:cf:fc:09:6e:
d8:d0:6f:f8:02:c7:53:86:9a:42:66:c8:8c:15:16:85:d0:54:
44:cd:1c:08:15:54:1e:f8:fa:cf:f6:dc:e4:de:b2:23:4e:8b:
45:3e:ee:34:aa:16:f7:3b:ea:23:4d:26:2e:28:20:d4:5f:6f:
18:07:c3:15:97:a9:be:0d:b0:79:4b:d3:23:26:97:f8:08:eb:
5a:d7:c1:5e:6b:f2:e5:4c:3d:32:86:49:3c:b0:45:c0:83:6c:
d8:a8:f8:07:47:9e:ce:f4:6e:d8:9c:42:3f:51:19:bd:80:9c:
3e:75:8b:9d:4d:f1:21:d6:c0:1b:da:74:aa:f3:1e:d3:bc:98:
91:e2:70:1e:6b:47:89:02:dd:03:d1:20:85:4f:2f:e1:af:fd:
0f:47:df:ce:0a:f4:e6:b9:20:36:78:3c:b6:dd:2d:71:af:24:
db:3f:48:cf
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQtICL82M+JlsPB6H/Pg1I0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDMxMDgxOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjgxNGI1MTJjNzlhYjcxNGIzMjEwMmRkZWVhYTIwYTg2ZmE5ZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD60eL/gdtDyYySUUwLMXgWyzEm2
EgS5UkQxbVkX5wYdJzlu9deSdGi7Iuu20QR2KfZrYYQBIRasxAJmJF01xD++VbTE
BKQ49CNkJyPnd4G2GDztGANpA1eNBunFS4HS25lg9zPMSlEoAg3Gniwyc+BzapF7
r8UWWLRlnaunrAHdW/WBlLXn+Rh1bHC3A4LGXGbRIP9hHpXPG+nmMNdPjhqtUkeM
u6Qck3sNQ9f5BNqEeR1prHgYgua1WdEOADgapA+7fEXo8S153UDmYUrUQBJQAaSB
UH7zqTFRXNr6qjsxT4Krn5WekD6DW06h/Emyxpm0levQ2UcNaaypdd7b4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOaBS1EseatxSzIQLd7qogqG+p3pMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvNW9GTFVTeDVxM0ZMTWhBdDN1cWlDb2I2bmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkHAwQA
BWlgAwQABWmCAwQABWm4AwQABWnXAwQABWniMA0GCSqGSIb3DQEBCwUAA4IBAQCF
FuNuXInzSasXNGkMj+lpLZRTayw8i+Vq9btEo3hEWvgwEk7DmIcMVvH+rxLikixo
kpkEuQ0MQRuktyq78L8ogGK0dUYCfdjlYDAXAzxxHkgiU4TG8M/8CW7Y0G/4AsdT
hppCZsiMFRaF0FREzRwIFVQe+PrP9tzk3rIjTotFPu40qhb3O+ojTSYuKCDUX28Y
B8MVl6m+DbB5S9MjJpf4COta18Fea/LlTD0yhkk8sEXAg2zYqPgHR57O9G7YnEI/
URm9gJw+dYudTfEh1sAb2nSq8x7TvJiR4nAea0eJAt0D0SCFTy/hr/0PR9/OCvTm
uSA2eDy23S1xryTbP0jP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:16 2023 by rpki-client on console-fra.rpki-client.org