Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CJGkEKz50Db8O8xAiwHPswGJiww.roa
File: CJGkEKz50Db8O8xAiwHPswGJiww.roa (raw, json)
Hash identifier: PnK69qeP/aMqkjUI+esiaDHE3O8EjmP1Fc/KiWgYg0c=
Subject key identifier: 08:91:A4:10:AC:F9:D0:36:FC:3B:CC:40:8B:01:CF:B3:01:89:8B:0C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184A35DAEEAFC41F0369AE93D71C70C62CA
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CJGkEKz50Db8O8xAiwHPswGJiww.roa
Signing time: Wed 23 Nov 2022 07:22:16 +0000
ROA not before: Wed 23 Nov 2022 07:22:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198356
IP address blocks: 5.105.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:5d:ae:ea:fc:41:f0:36:9a:e9:3d:71:c7:0c:62:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 23 07:22:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0891a410acf9d036fc3bcc408b01cfb301898b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c8:1a:19:e3:34:35:c4:3b:d6:c8:87:94:f1:
1d:4c:6d:d3:37:fa:73:95:f9:48:0f:99:5d:7b:5b:
58:d2:74:54:87:83:df:e4:46:4d:7b:db:10:79:c2:
b7:f9:af:f4:ab:56:70:12:5b:e3:4b:0d:20:f9:19:
4a:e3:07:90:d6:b3:2c:a2:02:6d:52:b3:0d:1e:cc:
51:6d:d9:28:00:23:40:57:5c:63:8f:9a:9d:22:b1:
21:ed:96:52:72:2f:af:b3:5e:81:55:e9:3a:a8:19:
29:96:55:65:86:8b:87:e8:b2:77:f0:25:8e:16:5f:
b6:43:54:e7:1d:07:1a:3a:39:ef:ad:c4:81:f5:df:
b5:17:00:31:f4:3f:c5:0a:0d:a9:17:f6:79:98:f7:
73:55:17:e8:0d:89:a5:6c:9e:53:99:33:e5:41:d1:
56:e3:78:f4:7e:67:91:2f:0a:3b:a6:aa:0c:8e:7c:
e6:b1:7d:cc:12:8c:97:0d:af:24:db:b7:20:21:ce:
bf:bf:14:73:0e:0b:9b:df:41:ab:92:f2:5b:5f:44:
72:23:00:ce:f8:09:24:09:8d:5b:1c:dc:2a:4e:a4:
ab:e7:b0:d5:d8:06:b1:a3:fb:4a:f5:4f:40:58:39:
60:19:6f:67:51:a5:11:aa:60:06:4b:07:c0:75:b1:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:91:A4:10:AC:F9:D0:36:FC:3B:CC:40:8B:01:CF:B3:01:89:8B:0C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/CJGkEKz50Db8O8xAiwHPswGJiww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.0.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:4c:4a:5d:70:86:f2:52:07:8b:bc:3a:4b:75:53:ab:8a:dc:
3e:75:f5:59:0f:41:99:b5:43:9e:10:39:d1:5f:06:de:6a:54:
8d:6c:b3:76:45:0e:c7:4e:21:fe:9d:3b:60:18:a3:3c:51:ff:
ea:ea:7e:39:f5:cb:a0:80:47:5b:ff:41:d4:ec:90:63:38:7b:
d5:e5:48:d0:0e:01:5d:af:78:b0:76:92:c9:b0:4c:76:39:6e:
8b:cd:be:2a:64:7e:ff:fb:b7:a1:60:18:d5:10:22:db:89:88:
d5:a5:ad:fb:90:92:f5:0d:dc:15:f8:b8:4f:c8:fd:d1:a8:81:
fd:88:6d:51:32:fc:20:48:7f:e4:35:2e:22:ec:1d:3b:c4:0b:
61:6a:61:36:11:db:a0:73:d0:eb:0f:6c:21:4a:f1:d3:7a:fa:
42:fd:61:6e:94:61:ca:4a:be:9f:93:4d:fb:ef:ec:a1:fc:0f:
fe:53:04:5e:52:12:55:17:ff:9a:40:f9:e3:10:26:63:90:7f:
e6:29:51:de:9f:9f:b4:30:83:19:40:9e:f0:ab:da:e6:e0:bf:
3a:68:32:19:1d:33:9e:a3:e2:c9:84:78:10:99:87:4d:a1:8a:
b9:b0:72:41:f0:35:46:51:9e:e9:58:4c:31:e1:2c:b0:d6:be:
15:4d:96:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSjXa7q/EHwNprpPXHHDGLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTIzMDcyMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODkxYTQxMGFjZjlkMDM2ZmMzYmNjNDA4YjAxY2ZiMzAxODk4YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcgaGeM0NcQ71siHlPEdTG3TN/pz
lflID5lde1tY0nRUh4Pf5EZNe9sQecK3+a/0q1ZwElvjSw0g+RlK4weQ1rMsogJt
UrMNHsxRbdkoACNAV1xjj5qdIrEh7ZZSci+vs16BVek6qBkpllVlhouH6LJ38CWO
Fl+2Q1TnHQcaOjnvrcSB9d+1FwAx9D/FCg2pF/Z5mPdzVRfoDYmlbJ5TmTPlQdFW
43j0fmeRLwo7pqoMjnzmsX3MEoyXDa8k27cgIc6/vxRzDgub30GrkvJbX0RyIwDO
+AkkCY1bHNwqTqSr57DV2Aaxo/tK9U9AWDlgGW9nUaURqmAGSwfAdbFS+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiRpBCs+dA2/DvMQIsBz7MBiYsMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQ0pHa0VLejUwRGI4Tzh4QWl3SFBzd0dKaXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkAMA0G
CSqGSIb3DQEBCwUAA4IBAQDOTEpdcIbyUgeLvDpLdVOritw+dfVZD0GZtUOeEDnR
XwbealSNbLN2RQ7HTiH+nTtgGKM8Uf/q6n459cuggEdb/0HU7JBjOHvV5UjQDgFd
r3iwdpLJsEx2OW6Lzb4qZH7/+7ehYBjVECLbiYjVpa37kJL1DdwV+LhPyP3RqIH9
iG1RMvwgSH/kNS4i7B07xAthamE2Edugc9DrD2whSvHTevpC/WFulGHKSr6fk037
7+yh/A/+UwReUhJVF/+aQPnjECZjkH/mKVHen5+0MIMZQJ7wq9rm4L86aDIZHTOe
o+LJhHgQmYdNoYq5sHJB8DVGUZ7pWEwx4Syw1r4VTZZJ
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:38:57 2025 by rpki-client