Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/8CzkSJk1uwSprbfH27diQh9P-1g.roa
File: 8CzkSJk1uwSprbfH27diQh9P-1g.roa (raw, json)
Hash identifier: 4tnKXxeNv5bsY+v21citcbpJpdKsfoNQhuTtfJIkozU=
Subject key identifier: F0:2C:E4:48:99:35:BB:04:A9:AD:B7:C7:DB:B7:62:42:1F:4F:FB:58
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01869C5649AC455AED00885D7292ABF70DA5
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/8CzkSJk1uwSprbfH27diQh9P-1g.roa
Signing time: Wed 01 Mar 2023 08:42:25 +0000
ROA not before: Wed 01 Mar 2023 08:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:56:49:ac:45:5a:ed:00:88:5d:72:92:ab:f7:0d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 1 08:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f02ce4489935bb04a9adb7c7dbb762421f4ffb58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:e7:7a:c9:98:32:b5:55:e5:9d:ce:d3:77:
1d:8a:9c:0f:ca:56:a8:fb:46:ec:b6:5f:95:75:1a:
af:ee:94:c1:62:4b:91:34:d2:38:b9:ac:fc:23:ce:
a1:47:2a:f5:3f:dc:f7:d8:9b:a4:d0:5d:a0:4e:c5:
bf:77:fc:48:9f:63:35:b7:7a:48:97:a1:d1:4e:d8:
f4:f8:a3:68:87:4a:dd:0e:c8:10:71:88:f8:e8:d7:
af:dc:f4:05:6c:e6:17:13:01:22:0a:ab:cb:61:06:
b2:0e:df:05:ef:8c:16:2e:d5:ba:2c:5b:a0:52:18:
98:f9:71:f0:05:d3:9f:a0:1f:f3:e4:9e:e1:c4:33:
6d:63:c4:d1:9b:57:1d:8f:d1:9e:5d:c0:68:f7:8b:
3f:fa:2f:bb:94:32:b1:d3:0b:d1:3a:27:1c:40:9e:
db:78:ab:a2:a5:82:31:f4:9a:8f:b7:46:12:35:73:
e5:fc:36:a2:21:1c:45:46:be:39:78:fc:59:54:e2:
2c:a1:f0:74:51:aa:86:92:62:a2:24:e8:d2:cf:ff:
5a:5d:29:c3:48:fe:43:a3:c2:00:5c:e0:71:f2:41:
9a:b6:48:3e:72:1b:57:e7:2a:64:4f:ce:79:70:5c:
e5:ab:15:ae:ea:7c:81:6c:8d:30:e4:70:83:4a:32:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2C:E4:48:99:35:BB:04:A9:AD:B7:C7:DB:B7:62:42:1F:4F:FB:58
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/8CzkSJk1uwSprbfH27diQh9P-1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.33.0/24
5.105.40.0/24
5.105.43.0/24
5.105.50.0/24
5.105.57.0/24
5.105.65.0/24
5.105.81.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e2:76:1e:d1:f2:34:84:39:ba:2e:d3:a6:ad:3c:92:2d:12:
6b:53:de:8c:76:50:4e:35:f3:92:7d:98:17:0e:d3:e6:f7:73:
cf:06:8c:44:fa:84:66:b3:2c:35:3f:5a:36:a5:82:e2:ff:5e:
f4:e9:4e:c0:5e:ba:f3:91:3b:9a:a1:87:ba:29:c9:a1:16:a1:
41:be:a7:1a:c8:9e:41:c4:8e:34:aa:66:9e:bc:ab:ac:bf:a7:
fc:6d:9d:8b:84:02:99:fc:83:96:f1:ca:55:50:b2:cd:54:72:
15:21:7c:aa:1a:04:75:33:2f:af:db:cd:69:3d:e1:95:03:d4:
3d:8d:c0:08:ab:f9:2a:4b:b0:2c:a2:a2:b6:d4:0e:e6:60:a7:
04:fb:f8:03:59:99:e8:75:a9:3d:7c:2b:be:17:8d:1d:db:c2:
75:b8:c5:01:dc:d3:e6:86:d2:f5:1d:91:4c:f4:7d:50:dc:5f:
c4:ea:90:2c:39:b9:ce:15:9a:44:bc:1d:4b:5c:c5:1c:a3:16:
a2:c4:6b:e0:38:4d:08:4a:f1:cf:aa:90:83:77:b3:32:2f:a2:
cc:d4:82:b3:6f:1e:38:6a:9a:e6:e7:7f:5d:01:9a:95:8b:7c:
2e:49:a1:4f:bc:aa:ac:78:dc:fe:44:25:05:b7:45:fb:f6:c3:
31:f7:55:7d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYacVkmsRVrtAIhdcpKr9w2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzAxMDg0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJjZTQ0ODk5MzViYjA0YTlhZGI3YzdkYmI3NjI0MjFmNGZmYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGbnesmYMrVV5Z3O03cdipwPylao
+0bstl+VdRqv7pTBYkuRNNI4uaz8I86hRyr1P9z32Juk0F2gTsW/d/xIn2M1t3pI
l6HRTtj0+KNoh0rdDsgQcYj46Nev3PQFbOYXEwEiCqvLYQayDt8F74wWLtW6LFug
UhiY+XHwBdOfoB/z5J7hxDNtY8TRm1cdj9GeXcBo94s/+i+7lDKx0wvROiccQJ7b
eKuipYIx9JqPt0YSNXPl/DaiIRxFRr45ePxZVOIsofB0UaqGkmKiJOjSz/9aXSnD
SP5Do8IAXOBx8kGatkg+chtX5ypkT855cFzlqxWu6nyBbI0w5HCDSjJWEQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPAs5EiZNbsEqa23x9u3YkIfT/tYMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvOEN6a1NKazF1d1NwcmJmSDI3ZGlRaDlQLTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBWkYAwQA
BWkhAwQABWkoAwQABWkrAwQABWkyAwQABWk5AwQABWlBAwQABWlRMA0GCSqGSIb3
DQEBCwUAA4IBAQCw4nYe0fI0hDm6LtOmrTySLRJrU96MdlBONfOSfZgXDtPm93PP
BoxE+oRmsyw1P1o2pYLi/1706U7AXrrzkTuaoYe6KcmhFqFBvqcayJ5BxI40qmae
vKusv6f8bZ2LhAKZ/IOW8cpVULLNVHIVIXyqGgR1My+v281pPeGVA9Q9jcAIq/kq
S7AsoqK21A7mYKcE+/gDWZnodak9fCu+F40d28J1uMUB3NPmhtL1HZFM9H1Q3F/E
6pAsObnOFZpEvB1LXMUcoxaixGvgOE0ISvHPqpCDd7MyL6LM1IKzbx44aprm539d
AZqVi3wuSaFPvKqseNz+RCUFt0X79sMx91V9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:54 2025 by rpki-client