Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/A2dKSaI6ka8K3IjLrxRSTPilXZI.roa
File: A2dKSaI6ka8K3IjLrxRSTPilXZI.roa (raw, json)
Hash identifier: bOBsohfT84AgW/sgUN487kGMFZXiiYF7PmJtl3EiZY0=
Subject key identifier: 03:67:4A:49:A2:3A:91:AF:0A:DC:88:CB:AF:14:52:4C:F8:A5:5D:92
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01852E6F5686CCF5EB9782FA3FBA2941BB5E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/A2dKSaI6ka8K3IjLrxRSTPilXZI.roa
Signing time: Tue 20 Dec 2022 07:28:46 +0000
ROA not before: Tue 20 Dec 2022 07:28:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 5.105.101.0/24 maxlen: 24
5.105.110.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.107.0/24 maxlen: 24
5.105.220.0/24 maxlen: 24
5.105.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:6f:56:86:cc:f5:eb:97:82:fa:3f:ba:29:41:bb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 20 07:28:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03674a49a23a91af0adc88cbaf14524cf8a55d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e7:03:f3:ad:c9:4b:4e:b6:24:9c:6d:71:53:
37:1a:ba:a0:4c:10:8e:a9:a7:d2:7c:54:6e:7d:8b:
88:d0:6c:ec:d8:f6:87:71:a0:52:70:f9:03:78:81:
8a:2c:92:e9:1c:5a:63:94:f2:04:ef:01:37:6d:64:
64:07:f0:a0:ca:32:87:6b:d0:84:93:c1:c1:bb:ca:
38:b1:ad:09:1a:10:3f:38:9e:53:62:53:09:be:87:
ce:20:26:e3:93:38:70:dc:82:e2:8a:1c:11:59:3c:
21:61:fb:1e:04:2c:9d:87:72:a3:a5:fe:b3:ff:7c:
e4:79:bf:97:32:ff:d4:12:22:f2:04:0a:98:36:38:
13:bd:9f:16:0c:d3:2c:cd:a4:90:15:0a:ae:49:12:
fa:f5:27:37:9b:96:36:58:35:b8:ed:00:50:ab:c3:
42:eb:b7:70:82:30:3e:72:60:34:f7:d1:ed:e1:20:
9f:ae:3a:96:f7:83:5d:8c:93:22:52:e6:72:1d:57:
c1:2b:14:88:94:03:f1:9c:0c:b5:00:89:1a:54:fe:
15:db:f4:ce:88:16:54:43:34:e3:2e:0f:14:cd:41:
c7:76:4d:1b:24:14:ab:44:82:5f:18:4d:c8:96:b3:
57:de:ab:61:7c:0b:33:59:4f:da:c9:48:f1:16:82:
b8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:67:4A:49:A2:3A:91:AF:0A:DC:88:CB:AF:14:52:4C:F8:A5:5D:92
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/A2dKSaI6ka8K3IjLrxRSTPilXZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.101.0/24
5.105.107.0/24
5.105.110.0/23
5.105.220.0/23
Signature Algorithm: sha256WithRSAEncryption
13:27:5b:fa:77:0d:59:a5:15:64:9c:25:a9:43:d5:55:ca:0b:
58:be:74:92:31:a5:5c:d0:85:2b:ad:01:dc:de:57:4a:98:f3:
b3:52:ec:8e:b6:7b:4a:80:73:ca:58:4e:20:6c:09:a5:77:ce:
59:1b:d5:43:11:92:d9:02:47:b2:33:82:a2:ad:e7:2f:c4:35:
03:ba:e6:35:c7:61:49:4d:a2:90:6a:e3:4a:65:73:f0:b0:29:
02:d9:1d:a5:eb:9f:9e:cf:63:51:37:0e:cf:66:7e:5d:d4:84:
e2:20:40:51:84:b3:de:fe:69:1f:fe:13:3c:6c:fa:c8:bf:db:
a3:f8:70:03:1c:7f:c8:26:f8:21:8b:47:44:c4:ba:37:d9:3c:
c7:a6:bd:fd:32:9f:f0:08:6c:62:b0:02:ec:63:51:9b:56:6f:
cf:bd:6f:e9:6d:27:61:b3:f2:79:fa:65:32:b8:69:48:93:4a:
a9:3d:70:91:ef:e5:ed:b4:54:e9:2f:a8:b5:a5:06:74:7c:bc:
f8:a8:f8:f6:7b:eb:85:d9:f1:c9:d3:e3:d8:b4:b9:dd:27:e4:
57:33:f5:e8:ab:cb:83:b9:cd:78:f8:6b:2b:16:d7:55:14:ec:
22:af:5e:0e:d9:35:fa:1a:0e:f8:c4:76:76:c4:16:15:ba:6a:
90:75:0e:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUub1aGzPXrl4L6P7opQbteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjIwMDcyODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY3NGE0OWEyM2E5MWFmMGFkYzg4Y2JhZjE0NTI0Y2Y4YTU1ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsucD863JS062JJxtcVM3GrqgTBCO
qafSfFRufYuI0Gzs2PaHcaBScPkDeIGKLJLpHFpjlPIE7wE3bWRkB/CgyjKHa9CE
k8HBu8o4sa0JGhA/OJ5TYlMJvofOICbjkzhw3ILiihwRWTwhYfseBCydh3Kjpf6z
/3zkeb+XMv/UEiLyBAqYNjgTvZ8WDNMszaSQFQquSRL69Sc3m5Y2WDW47QBQq8NC
67dwgjA+cmA099Ht4SCfrjqW94NdjJMiUuZyHVfBKxSIlAPxnAy1AIkaVP4V2/TO
iBZUQzTjLg8UzUHHdk0bJBSrRIJfGE3IlrNX3qthfAszWU/ayUjxFoK4CwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFANnSkmiOpGvCtyIy68UUkz4pV2SMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQTJkS1NhSTZrYThLM0lqTHJ4UlNUUGlsWFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWllAwQA
BWlrAwQBBWluAwQBBWncMA0GCSqGSIb3DQEBCwUAA4IBAQATJ1v6dw1ZpRVknCWp
Q9VVygtYvnSSMaVc0IUrrQHc3ldKmPOzUuyOtntKgHPKWE4gbAmld85ZG9VDEZLZ
AkeyM4KirecvxDUDuuY1x2FJTaKQauNKZXPwsCkC2R2l65+ez2NRNw7PZn5d1ITi
IEBRhLPe/mkf/hM8bPrIv9uj+HADHH/IJvghi0dExLo32TzHpr39Mp/wCGxisALs
Y1GbVm/PvW/pbSdhs/J5+mUyuGlIk0qpPXCR7+XttFTpL6i1pQZ0fLz4qPj2e+uF
2fHJ0+PYtLndJ+RXM/Xoq8uDuc14+GsrFtdVFOwir14O2TX6Gg74xHZ2xBYVumqQ
dQ6h
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:59 2023 by rpki-client on console-ams.rpki-client.org