Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/IAbj6n8D3Au1HyNyoW4kI8M_aUE.roa
File: IAbj6n8D3Au1HyNyoW4kI8M_aUE.roa (raw, json)
Hash identifier: 3kOTpSHmt4DFtdp0Af3lYpjAJzE14LivCMGgRcKVoDU=
Subject key identifier: 20:06:E3:EA:7F:03:DC:0B:B5:1F:23:72:A1:6E:24:23:C3:3F:69:41
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018378DEC31F71E62A6140C57FE6E80AB2B6
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/IAbj6n8D3Au1HyNyoW4kI8M_aUE.roa
Signing time: Mon 26 Sep 2022 08:16:48 +0000
ROA not before: Mon 26 Sep 2022 08:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 5.105.238.0/24 maxlen: 24
5.105.241.0/24 maxlen: 24
5.105.27.0/24 maxlen: 24
5.105.252.0/24 maxlen: 24
5.105.253.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.188.0/24 maxlen: 24
5.105.98.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:78:de:c3:1f:71:e6:2a:61:40:c5:7f:e6:e8:0a:b2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 26 08:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2006e3ea7f03dc0bb51f2372a16e2423c33f6941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a8:83:bc:7c:e1:39:a6:bd:be:1e:b0:0f:fc:
73:bd:9b:42:ac:b2:16:ee:33:ac:3c:7a:ea:e8:3d:
8a:2c:50:be:f5:2f:7d:0e:52:34:66:e4:0b:46:d8:
6b:22:f1:b5:c8:d6:79:09:d5:a6:bf:81:11:90:8a:
92:e2:a6:46:17:9f:b6:0a:aa:c0:83:3c:c3:99:ea:
56:4a:8b:ed:51:63:4c:c6:cf:4b:20:19:0e:de:70:
2d:80:32:25:67:34:92:f9:e4:cc:53:00:18:30:60:
b8:05:78:d8:14:54:8d:8c:f5:8b:7b:d8:c7:59:03:
29:22:a6:30:b0:42:47:d4:76:25:08:bb:7e:22:3c:
09:d7:6c:f1:8c:4f:13:69:65:13:69:1b:31:d4:aa:
30:7c:2d:82:86:40:23:f3:5b:e6:aa:8d:be:7c:71:
d4:55:02:f8:43:ab:41:d1:b2:5c:3e:df:e6:0a:e6:
61:4d:45:a2:af:38:6e:1b:0a:2d:9a:64:42:38:b5:
94:41:34:7e:1b:ed:10:ce:56:46:c7:99:b5:e4:c2:
d5:ac:05:21:35:2d:fd:a7:01:f7:63:da:67:fe:27:
c9:2c:c2:f5:46:35:cf:80:45:c2:9b:64:24:03:62:
f7:4c:ca:a4:2f:12:81:02:62:8d:37:c1:63:32:f8:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:06:E3:EA:7F:03:DC:0B:B5:1F:23:72:A1:6E:24:23:C3:3F:69:41
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/IAbj6n8D3Au1HyNyoW4kI8M_aUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.27.0/24
5.105.40.0/24
5.105.43.0/24
5.105.98.0/24
5.105.188.0/24
5.105.204.0/24
5.105.238.0/24
5.105.241.0/24
5.105.252.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:42:be:b7:52:4f:e0:f1:95:dc:09:53:12:cf:65:05:e2:17:
f5:b9:2f:bb:a5:5c:30:a4:85:1e:46:55:a4:26:51:ac:90:0b:
20:7d:b8:8a:5d:12:f4:d9:80:ed:0e:39:7d:ca:9c:97:26:da:
db:3b:2c:e4:54:8d:1c:d4:c6:aa:ae:e3:b0:e5:34:3e:67:f1:
ee:bc:07:47:d8:7b:44:5f:e1:10:bd:c0:84:80:0d:cb:f1:15:
23:15:1d:41:01:78:d3:33:b5:21:1c:37:cf:ca:00:9e:96:97:
32:cd:e0:9d:c0:e9:5f:a9:0b:71:25:9b:2b:a1:ab:21:99:b4:
d3:2e:22:82:eb:9c:21:60:d3:02:ff:95:94:5c:75:0f:92:48:
b2:67:10:43:4f:50:a7:07:c8:06:ea:e9:33:63:89:97:ca:3d:
60:9b:1d:75:b2:2b:30:84:72:d0:19:28:3a:30:08:61:4c:8a:
55:d4:59:c3:fb:89:ba:0f:92:ba:e5:23:a2:16:56:90:7f:aa:
4f:c6:c2:34:6f:0a:35:25:7e:23:20:bc:a9:88:ec:45:27:75:
3b:5e:ba:ea:09:e1:65:58:01:35:97:a8:ff:68:4c:10:7a:16:
91:8d:08:cf:e4:11:35:1d:05:78:05:4f:c1:90:d7:84:e4:97:
e8:b6:d3:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYN43sMfceYqYUDFf+boCrK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwOTI2MDgxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA2ZTNlYTdmMDNkYzBiYjUxZjIzNzJhMTZlMjQyM2MzM2Y2OTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaiDvHzhOaa9vh6wD/xzvZtCrLIW
7jOsPHrq6D2KLFC+9S99DlI0ZuQLRthrIvG1yNZ5CdWmv4ERkIqS4qZGF5+2CqrA
gzzDmepWSovtUWNMxs9LIBkO3nAtgDIlZzSS+eTMUwAYMGC4BXjYFFSNjPWLe9jH
WQMpIqYwsEJH1HYlCLt+IjwJ12zxjE8TaWUTaRsx1KowfC2ChkAj81vmqo2+fHHU
VQL4Q6tB0bJcPt/mCuZhTUWirzhuGwotmmRCOLWUQTR+G+0QzlZGx5m15MLVrAUh
NS39pwH3Y9pn/ifJLML1RjXPgEXCm2QkA2L3TMqkLxKBAmKNN8FjMviaRwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCAG4+p/A9wLtR8jcqFuJCPDP2lBMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSUFiajZuOEQzQXUxSHlOeW9XNGtJOE1fYVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABWkCAwQA
BWkbAwQABWkoAwQABWkrAwQABWliAwQABWm8AwQABWnMAwQABWnuAwQABWnxAwQB
BWn8MA0GCSqGSIb3DQEBCwUAA4IBAQBfQr63Uk/g8ZXcCVMSz2UF4hf1uS+7pVww
pIUeRlWkJlGskAsgfbiKXRL02YDtDjl9ypyXJtrbOyzkVI0c1MaqruOw5TQ+Z/Hu
vAdH2HtEX+EQvcCEgA3L8RUjFR1BAXjTM7UhHDfPygCelpcyzeCdwOlfqQtxJZsr
oashmbTTLiKC65whYNMC/5WUXHUPkkiyZxBDT1CnB8gG6ukzY4mXyj1gmx11sisw
hHLQGSg6MAhhTIpV1FnD+4m6D5K65SOiFlaQf6pPxsI0bwo1JX4jILypiOxFJ3U7
XrrqCeFlWAE1l6j/aEwQehaRjQjP5BE1HQV4BU/BkNeE5JfottNO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:34 2025 by rpki-client