Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/7ExcHJ-jnaRBdu-sjuH96bXUteU.roa
File: 7ExcHJ-jnaRBdu-sjuH96bXUteU.roa (raw, json)
Hash identifier: ERrVwFjR3x0EYRQMjVTE9snrpDcPZ0HB/XaCnp7XzdM=
Subject key identifier: EC:4C:5C:1C:9F:A3:9D:A4:41:76:EF:AC:8E:E1:FD:E9:B5:D4:B5:E5
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018318246B85F3886F3C5E0FF6F70D66DA02
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/7ExcHJ-jnaRBdu-sjuH96bXUteU.roa
Signing time: Wed 07 Sep 2022 13:29:43 +0000
ROA not before: Wed 07 Sep 2022 13:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 5.105.120.0/24 maxlen: 24
5.105.123.0/24 maxlen: 24
5.105.48.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:24:6b:85:f3:88:6f:3c:5e:0f:f6:f7:0d:66:da:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 7 13:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec4c5c1c9fa39da44176efac8ee1fde9b5d4b5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3d:2c:4b:1e:22:89:37:d7:97:17:e7:8c:66:
14:fd:0b:65:fe:c0:40:77:74:f5:4e:c2:44:6c:14:
12:8a:df:83:92:70:d7:a5:ff:bb:dd:a3:02:e1:67:
f1:97:df:6e:b5:3b:95:5a:cd:b5:55:e3:31:da:58:
c9:f9:59:98:bc:a0:21:8d:fe:52:21:59:3e:0c:54:
5b:32:70:9b:8f:79:cf:37:9f:e0:04:24:8d:96:38:
f1:4e:14:36:86:3c:da:cd:20:f0:4d:ef:70:18:60:
97:be:09:94:8b:51:2b:cd:a7:9a:b3:89:51:ed:3f:
ed:d2:1e:82:01:d1:a0:1e:00:53:10:28:86:ec:17:
69:3a:f4:99:90:22:df:df:de:d8:5f:bc:2d:6d:0b:
c1:ad:8a:34:8a:34:4f:f2:9c:b8:f2:6e:0e:37:f1:
28:af:56:c2:65:02:b2:16:20:52:49:e7:30:3c:e5:
43:33:4e:76:7e:0b:6e:b7:0c:02:d5:1d:e2:d0:fd:
a7:c6:25:2d:e9:86:cf:bb:60:d1:01:7c:2b:6e:c3:
ea:81:6d:d7:1e:f9:01:54:32:42:49:47:49:b8:e4:
43:1b:d2:68:e9:a0:12:e1:d2:d5:f5:21:dc:05:58:
0f:49:ea:59:83:58:f8:dc:50:ce:b6:f4:95:a7:98:
22:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4C:5C:1C:9F:A3:9D:A4:41:76:EF:AC:8E:E1:FD:E9:B5:D4:B5:E5
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/7ExcHJ-jnaRBdu-sjuH96bXUteU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.48.0/24
5.105.57.0/24
5.105.75.0/24
5.105.89.0/24
5.105.120.0/24
5.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
13:0d:96:cd:d7:b9:ad:06:ac:1c:c8:67:8c:10:e5:91:6b:c9:
03:09:7e:aa:60:55:72:9e:48:78:22:e6:e2:2a:60:55:9a:27:
db:fd:82:fb:87:fd:48:42:7c:05:58:70:bb:91:65:83:87:49:
31:fd:1e:e7:9f:85:43:2f:b2:9a:8c:20:ea:ad:c6:e2:f2:e3:
f7:71:d2:de:5d:48:b4:69:1c:b2:28:52:b6:97:6a:ef:35:44:
44:f4:ab:e0:c7:7a:f4:b5:90:48:78:a9:c1:7c:b8:ca:9e:da:
82:9f:37:c4:d7:71:3c:71:d0:54:09:be:eb:f0:df:e1:06:42:
9c:58:8b:63:a7:1e:0f:53:b5:54:df:31:cc:ba:88:0a:c5:f8:
9b:6d:d9:c7:08:5c:66:b5:69:b8:ac:c5:3d:c9:b3:da:ca:af:
72:d1:3a:fd:9c:07:a4:c5:6e:ec:8f:58:a8:79:d2:18:0b:e1:
80:1c:b8:ab:42:0d:62:4d:ab:a6:0d:9a:0a:36:9b:53:a4:9a:
c7:d6:72:14:f2:c8:e6:89:db:10:8f:3b:8b:38:2e:cc:e2:a4:
27:fe:40:bb:22:29:9e:2e:11:ca:81:7d:94:64:8d:ea:b8:96:
71:f8:bc:52:59:fe:f0:a7:b9:27:f3:36:dc:90:17:92:30:da:
b3:60:79:b9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYMYJGuF84hvPF4P9vcNZtoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwOTA3MTMyOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRjNWMxYzlmYTM5ZGE0NDE3NmVmYWM4ZWUxZmRlOWI1ZDRiNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT0sSx4iiTfXlxfnjGYU/Qtl/sBA
d3T1TsJEbBQSit+DknDXpf+73aMC4Wfxl99utTuVWs21VeMx2ljJ+VmYvKAhjf5S
IVk+DFRbMnCbj3nPN5/gBCSNljjxThQ2hjzazSDwTe9wGGCXvgmUi1Erzaeas4lR
7T/t0h6CAdGgHgBTECiG7BdpOvSZkCLf397YX7wtbQvBrYo0ijRP8py48m4ON/Eo
r1bCZQKyFiBSSecwPOVDM052fgtutwwC1R3i0P2nxiUt6YbPu2DRAXwrbsPqgW3X
HvkBVDJCSUdJuORDG9Jo6aAS4dLV9SHcBVgPSepZg1j43FDOtvSVp5gi6wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOxMXByfo52kQXbvrI7h/em11LXlMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvN0V4Y0hKLWpuYVJCZHUtc2p1SDk2YlhVdGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkwAwQA
BWk5AwQABWlLAwQABWlZAwQABWl4AwQABWl7MA0GCSqGSIb3DQEBCwUAA4IBAQAT
DZbN17mtBqwcyGeMEOWRa8kDCX6qYFVynkh4IubiKmBVmifb/YL7h/1IQnwFWHC7
kWWDh0kx/R7nn4VDL7KajCDqrcbi8uP3cdLeXUi0aRyyKFK2l2rvNURE9Kvgx3r0
tZBIeKnBfLjKntqCnzfE13E8cdBUCb7r8N/hBkKcWItjpx4PU7VU3zHMuogKxfib
bdnHCFxmtWm4rMU9ybPayq9y0Tr9nAekxW7sj1ioedIYC+GAHLirQg1iTaumDZoK
NptTpJrH1nIU8sjmidsQjzuLOC7M4qQn/kC7IimeLhHKgX2UZI3quJZx+LxSWf7w
p7kn8zbckBeSMNqzYHm5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:59 2023 by rpki-client on console-ams.rpki-client.org