Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/F74o5bpM_fyp_pVOg2OZnLIuBD4.roa
File: F74o5bpM_fyp_pVOg2OZnLIuBD4.roa (raw, json)
Hash identifier: NrsENy7N/5H6keOt4xHhjllstTQkzXrCdvZ3nzw9Hc4=
Subject key identifier: 17:BE:28:E5:BA:4C:FD:FC:A9:FE:95:4E:83:63:99:9C:B2:2E:04:3E
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0183FB03C71D4B519C52C1C19919B00E15A8
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/F74o5bpM_fyp_pVOg2OZnLIuBD4.roa
Signing time: Fri 21 Oct 2022 14:47:52 +0000
ROA not before: Fri 21 Oct 2022 14:47:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54600
IP address blocks: 5.105.145.0/24 maxlen: 24
5.105.144.0/24 maxlen: 24
5.105.146.0/24 maxlen: 24
5.105.147.0/24 maxlen: 24
5.105.179.0/24 maxlen: 24
5.105.189.0/24 maxlen: 24
5.105.193.0/24 maxlen: 24
5.105.201.0/24 maxlen: 24
5.105.209.0/24 maxlen: 24
5.105.208.0/24 maxlen: 24
5.105.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:03:c7:1d:4b:51:9c:52:c1:c1:99:19:b0:0e:15:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 21 14:47:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17be28e5ba4cfdfca9fe954e8363999cb22e043e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:09:23:7d:3d:a5:44:a6:0a:13:42:05:4d:93:
1d:29:5e:d6:87:18:fb:e7:c5:0c:32:59:36:25:e4:
2c:8c:14:32:be:25:22:f7:c4:d8:7d:4e:3b:3c:2e:
30:e8:56:a1:47:92:a2:8d:e0:2c:74:be:77:6c:0c:
c8:2d:94:e4:90:a5:2e:64:03:4b:cd:30:9f:d3:1c:
39:1e:10:b1:79:2e:ea:cd:9a:c7:5e:4c:2a:37:3f:
bf:cd:93:e4:de:e6:d4:38:82:29:ce:c7:5e:fa:a3:
37:44:f6:4e:69:f9:34:a9:92:01:3c:86:a6:ce:42:
bc:65:66:0c:64:29:f6:f0:e5:c3:ea:b1:e9:09:2f:
56:1f:30:3c:76:1a:a7:f4:59:e5:40:ac:10:c7:9a:
ff:d1:57:ec:ff:72:93:39:22:c5:cc:9f:42:ee:83:
97:e0:b8:9d:44:81:36:8d:5a:10:31:77:76:99:c7:
cd:cd:8e:15:92:4c:8d:32:64:12:06:df:3f:ee:0e:
74:67:4d:51:93:b8:e0:5c:02:a1:60:b2:ee:bd:5d:
f2:a7:1b:ab:28:4d:41:9d:ec:55:2c:95:97:ce:70:
f4:1a:b0:b5:3d:00:2f:ec:8b:e3:13:06:c1:1b:47:
bb:a1:ba:4f:1c:53:c8:20:0f:d5:4f:ef:14:f0:6c:
df:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BE:28:E5:BA:4C:FD:FC:A9:FE:95:4E:83:63:99:9C:B2:2E:04:3E
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/F74o5bpM_fyp_pVOg2OZnLIuBD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.144.0/22
5.105.179.0/24
5.105.189.0/24
5.105.193.0/24
5.105.201.0/24
5.105.208.0-5.105.210.255
Signature Algorithm: sha256WithRSAEncryption
3f:d9:6a:d8:c1:13:7e:4b:6e:89:f4:99:8d:f7:58:bc:f7:12:
64:e8:d1:65:50:59:9c:a3:d8:56:96:0a:18:6f:8c:66:63:9c:
64:45:9c:08:3e:98:0d:98:05:01:cd:b2:99:39:ff:4e:19:77:
cb:65:e5:fb:f9:8b:1a:5e:91:87:ed:ec:4f:27:79:84:7f:63:
fe:cd:ad:e5:9d:9c:c4:74:43:ff:67:67:82:45:41:e0:11:c9:
32:db:cd:14:56:db:76:88:86:bd:f4:fa:a1:c6:d7:ee:98:21:
a4:46:57:72:09:8c:35:3b:ec:eb:cc:7d:c3:69:93:7e:ed:62:
0b:e6:2c:99:52:5d:44:dc:40:11:96:a0:1d:12:c0:56:09:33:
91:d4:1c:a4:5e:85:d6:69:41:03:f0:b1:c8:55:3b:9d:6d:8b:
f7:ac:23:cc:5c:7d:08:47:07:21:f0:79:ac:8b:10:41:bf:ce:
7f:b7:97:b3:43:0a:fd:70:29:8a:d6:28:68:ba:c5:36:db:88:
e7:15:90:bb:47:1b:c2:07:d0:36:6d:ee:60:af:86:c7:ce:9b:
76:e2:85:23:c1:f2:78:61:97:96:50:61:ef:e1:b6:a4:92:b1:
5d:72:b1:74:ef:1e:69:f2:73:c5:09:31:f2:f7:6f:57:c4:11:
9c:45:d1:75
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYP7A8cdS1GcUsHBmRmwDhWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDIxMTQ0NzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JlMjhlNWJhNGNmZGZjYTlmZTk1NGU4MzYzOTk5Y2IyMmUwNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigkjfT2lRKYKE0IFTZMdKV7Whxj7
58UMMlk2JeQsjBQyviUi98TYfU47PC4w6FahR5KijeAsdL53bAzILZTkkKUuZANL
zTCf0xw5HhCxeS7qzZrHXkwqNz+/zZPk3ubUOIIpzsde+qM3RPZOafk0qZIBPIam
zkK8ZWYMZCn28OXD6rHpCS9WHzA8dhqn9FnlQKwQx5r/0Vfs/3KTOSLFzJ9C7oOX
4LidRIE2jVoQMXd2mcfNzY4VkkyNMmQSBt8/7g50Z01Rk7jgXAKhYLLuvV3ypxur
KE1BnexVLJWXznD0GrC1PQAv7IvjEwbBG0e7obpPHFPIIA/VT+8U8GzfxwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBe+KOW6TP38qf6VToNjmZyyLgQ+MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRjc0bzVicE1fZnlwX3BWT2cyT1puTEl1QkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBWmQAwQA
BWmzAwQABWm9AwQABWnBAwQABWnJMAwDBAQFadADBAAFadIwDQYJKoZIhvcNAQEL
BQADggEBAD/ZatjBE35Lbon0mY33WLz3EmTo0WVQWZyj2FaWChhvjGZjnGRFnAg+
mA2YBQHNspk5/04Zd8tl5fv5ixpekYft7E8neYR/Y/7NreWdnMR0Q/9nZ4JFQeAR
yTLbzRRW23aIhr30+qHG1+6YIaRGV3IJjDU77OvMfcNpk37tYgvmLJlSXUTcQBGW
oB0SwFYJM5HUHKRehdZpQQPwschVO51ti/esI8xcfQhHByHweayLEEG/zn+3l7ND
Cv1wKYrWKGi6xTbbiOcVkLtHG8IH0DZt7mCvhsfOm3bihSPB8nhhl5ZQYe/htqSS
sV1ysXTvHmnyc8UJMfL3b1fEEZxF0XU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:47 2025 by rpki-client