Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/BinBR6jvCanrqo9m6UeAYt6Kl7I.roa
File: BinBR6jvCanrqo9m6UeAYt6Kl7I.roa (raw, json)
Hash identifier: nyUy1eNp0Pz4LE18NddIG6YgOROSDrBsc99ZNl6TOP8=
Subject key identifier: 06:29:C1:47:A8:EF:09:A9:EB:AA:8F:66:E9:47:80:62:DE:8A:97:B2
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184AA4DBCAD7CF21857032D86D67D3B2C0B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/BinBR6jvCanrqo9m6UeAYt6Kl7I.roa
Signing time: Thu 24 Nov 2022 15:42:12 +0000
ROA not before: Thu 24 Nov 2022 15:42:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 5.105.250.0/24 maxlen: 24
5.105.251.0/24 maxlen: 24
5.105.255.0/24 maxlen: 24
5.105.254.0/24 maxlen: 24
5.105.160.0/24 maxlen: 24
5.105.191.0/24 maxlen: 24
5.105.190.0/24 maxlen: 24
5.105.192.0/24 maxlen: 24
5.105.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:4d:bc:ad:7c:f2:18:57:03:2d:86:d6:7d:3b:2c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 24 15:42:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0629c147a8ef09a9ebaa8f66e9478062de8a97b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7e:f5:25:6d:9b:a3:cf:03:63:63:a9:6f:87:
fb:9b:c3:e9:6d:42:83:0f:18:b6:33:2d:12:76:4a:
e6:a0:43:d7:39:db:f6:7d:0e:89:f1:0b:05:9b:26:
db:b8:4e:07:15:c5:c0:e6:91:6c:d6:e2:cc:34:92:
34:24:50:df:d5:ee:7a:83:83:3a:8b:f1:93:d5:c7:
9f:85:07:d7:ad:1f:b4:c5:17:7a:37:56:5e:5e:bc:
ec:3f:9a:bf:fd:e1:39:75:df:3d:05:88:34:19:fb:
7e:40:aa:1f:b8:15:1f:c6:75:ce:af:2a:4b:1e:c2:
f5:99:2d:34:e6:f0:1d:87:9c:1b:fd:18:24:ad:bf:
62:1f:d4:5d:64:19:12:5c:11:b1:9c:ca:9f:79:ab:
82:45:ac:d4:a9:c0:73:a1:2a:ed:94:fd:db:90:7b:
3d:f4:5e:3a:56:ab:4f:2b:c8:3a:12:23:4b:c6:b1:
7b:07:38:1a:30:d5:21:1d:2c:c9:42:95:d3:ee:d1:
3c:82:db:46:6f:bc:f8:55:90:e5:24:f9:27:6b:df:
4b:b0:2e:fb:ce:6e:63:a5:34:ed:42:3a:8f:80:a2:
7f:8f:2b:d1:36:62:bd:a2:4a:86:13:eb:49:0b:f8:
99:ab:99:a8:54:1a:0a:3c:6c:b7:c9:b7:e9:c6:71:
04:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:29:C1:47:A8:EF:09:A9:EB:AA:8F:66:E9:47:80:62:DE:8A:97:B2
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/BinBR6jvCanrqo9m6UeAYt6Kl7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.160.0/24
5.105.190.0-5.105.192.255
5.105.194.0/24
5.105.250.0/23
5.105.254.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:ae:bf:70:43:d0:2c:c1:d2:b2:92:bd:1f:12:e1:c8:9b:49:
cf:5a:8a:bc:24:4a:c2:9f:d8:a7:34:8b:3b:90:7d:08:9e:04:
ac:4d:b3:8b:ac:0b:22:9d:d3:d9:73:28:dc:2a:33:2f:e0:58:
2c:27:30:4f:1e:b3:2e:a9:8b:85:e2:2b:28:e5:4c:99:80:45:
d9:34:2e:0d:6f:4e:aa:e3:9c:1f:f9:e0:d3:b6:7b:d8:ae:b5:
30:41:3b:66:e0:ce:1c:34:b4:dd:b9:92:5b:15:a3:f5:c4:f3:
d9:2f:0e:de:51:42:9e:3e:fb:0a:c4:9d:eb:96:10:25:34:f1:
b6:c2:3d:62:9d:61:0e:05:60:9a:22:de:b6:56:ea:07:8c:9b:
85:88:df:bd:10:24:94:a9:f0:6a:3a:ec:6e:18:3e:63:d4:ab:
1a:ac:f1:bd:8e:46:7e:63:2e:9f:20:f1:dc:4f:26:59:f8:04:
d1:aa:b0:04:d8:ab:68:90:1a:1a:b5:9a:ee:96:d8:c7:60:ae:
79:71:11:1e:3c:93:d2:44:9c:2e:f5:5d:34:3a:6c:22:63:09:
2b:3b:ce:66:cd:7c:fa:b3:18:ff:b1:f4:ae:a2:a1:2f:3d:b7:
a8:c2:d9:a1:42:f1:7a:0e:15:37:94:75:79:31:8a:da:42:9a:
fc:60:96:53
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYSqTbytfPIYVwMthtZ9OywLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTI0MTU0MjEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjI5YzE0N2E4ZWYwOWE5ZWJhYThmNjZlOTQ3ODA2MmRlOGE5N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH71JW2bo88DY2Opb4f7m8PpbUKD
Dxi2My0SdkrmoEPXOdv2fQ6J8QsFmybbuE4HFcXA5pFs1uLMNJI0JFDf1e56g4M6
i/GT1cefhQfXrR+0xRd6N1ZeXrzsP5q//eE5dd89BYg0Gft+QKofuBUfxnXOrypL
HsL1mS005vAdh5wb/Rgkrb9iH9RdZBkSXBGxnMqfeauCRazUqcBzoSrtlP3bkHs9
9F46VqtPK8g6EiNLxrF7BzgaMNUhHSzJQpXT7tE8gttGb7z4VZDlJPkna99LsC77
zm5jpTTtQjqPgKJ/jyvRNmK9okqGE+tJC/iZq5moVBoKPGy3ybfpxnEEawIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAYpwUeo7wmp66qPZulHgGLeipeyMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQmluQlI2anZDYW5ycW85bTZVZUFZdDZLbDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABWmgMAwD
BAEFab4DBAAFacADBAAFacIDBAEFafoDBAEFaf4wDQYJKoZIhvcNAQELBQADggEB
ALuuv3BD0CzB0rKSvR8S4cibSc9airwkSsKf2Kc0izuQfQieBKxNs4usCyKd09lz
KNwqMy/gWCwnME8esy6pi4XiKyjlTJmARdk0Lg1vTqrjnB/54NO2e9iutTBBO2bg
zhw0tN25klsVo/XE89kvDt5RQp4++wrEneuWECU08bbCPWKdYQ4FYJoi3rZW6geM
m4WI370QJJSp8Go67G4YPmPUqxqs8b2ORn5jLp8g8dxPJln4BNGqsATYq2iQGhq1
mu6W2MdgrnlxER48k9JEnC71XTQ6bCJjCSs7zmbNfPqzGP+x9K6ioS89t6jC2aFC
8XoOFTeUdXkxitpCmvxgllM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org