Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/J4I4AqLReDbPvF62HUUg_mjuDIM.roa
File: J4I4AqLReDbPvF62HUUg_mjuDIM.roa (raw, json)
Hash identifier: mkgMbc0sH6phyis1d5cc+l9d8sEuMqMexXpHt9CvJnY=
Subject key identifier: 27:82:38:02:A2:D1:78:36:CF:BC:5E:B6:1D:45:20:FE:68:EE:0C:83
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01890889D73FDB525FAFE94E0B5A510E831E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/J4I4AqLReDbPvF62HUUg_mjuDIM.roa
Signing time: Thu 29 Jun 2023 19:03:18 +0000
ROA not before: Thu 29 Jun 2023 19:03:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198883
IP address blocks: 5.105.24.0/24 maxlen: 24
5.105.25.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:08:89:d7:3f:db:52:5f:af:e9:4e:0b:5a:51:0e:83:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 29 19:03:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27823802a2d17836cfbc5eb61d4520fe68ee0c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:47:44:71:25:ec:f4:bd:3e:35:5c:e2:6b:72:
ee:06:a7:ca:71:d6:d8:af:cc:1b:90:38:f0:99:82:
d0:51:02:ad:ac:74:8c:ad:a5:8f:1b:fd:35:34:5c:
6b:f3:9b:ea:92:29:47:89:57:ee:e3:0f:a9:75:75:
fd:54:c4:23:fb:86:b3:71:43:ab:fd:5d:e8:04:25:
b0:ff:7a:4d:69:23:83:75:54:0a:9c:0a:69:a4:29:
59:c3:22:52:43:11:9e:68:9b:25:24:2d:d7:f3:1a:
c8:4e:6f:8a:5d:70:e7:e0:61:0a:c6:91:c4:67:94:
79:01:95:23:7b:36:17:e0:44:7a:39:d1:42:30:cc:
c3:93:f9:ef:22:a9:3c:d9:9f:79:f5:b3:d9:63:e4:
77:e7:ad:4e:d6:a8:b9:1f:31:c2:ce:ad:b8:0f:0d:
02:28:c7:0b:be:dd:bd:67:57:4c:0e:26:49:e3:2a:
f2:21:b2:73:8b:f6:e8:2f:5b:a7:92:cc:eb:66:1d:
98:f2:43:22:9a:16:10:be:15:e9:b4:8f:cc:e8:c6:
32:d6:55:6b:09:fd:aa:4c:31:85:18:fb:30:16:3c:
43:e3:ee:0e:b7:df:71:2a:b1:65:a9:11:f5:7f:b5:
fc:77:8f:d9:11:00:89:6c:c1:26:b7:e4:67:31:b7:
e3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:82:38:02:A2:D1:78:36:CF:BC:5E:B6:1D:45:20:FE:68:EE:0C:83
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/J4I4AqLReDbPvF62HUUg_mjuDIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/23
5.105.33.0/24
5.105.43.0/24
5.105.57.0/24
5.105.81.0/24
5.105.96.0/24
5.105.168.0/24
Signature Algorithm: sha256WithRSAEncryption
19:7f:70:42:81:72:80:f2:96:15:c0:13:3b:ed:95:66:c1:49:
94:a9:fa:6f:8f:75:a4:3b:52:e9:22:92:8f:1d:04:ef:a5:d9:
2e:97:08:df:74:95:08:8d:13:ae:9b:16:8d:5e:c6:2b:d1:4f:
38:85:7b:69:59:3b:38:db:fd:71:3e:3b:13:02:5a:c4:71:39:
ba:54:22:04:44:31:cc:02:57:50:70:ff:56:d8:29:87:ad:aa:
cf:05:8d:e4:1d:01:05:0b:c6:7c:15:ee:cf:dd:d3:73:96:b2:
fc:02:f6:32:8e:79:c7:4d:65:53:9a:f0:a5:2c:eb:e3:0b:8d:
cc:8d:19:52:92:05:92:a4:29:a0:3a:3a:67:e7:30:8b:63:34:
91:2d:59:24:0b:fb:bb:69:65:09:8a:96:99:57:da:7f:62:87:
94:32:70:f0:42:ba:c9:84:c1:7e:0b:09:86:69:80:99:ff:f8:
af:ca:f5:84:e8:d0:a4:7f:10:7f:fc:2c:8a:8b:d6:1e:4e:58:
a4:1d:94:17:ea:70:77:be:f4:ff:f6:75:a3:35:b5:93:32:d1:
64:e9:1e:61:7a:2c:d2:d2:fc:16:d2:fc:03:41:39:59:9b:b2:
c9:91:47:45:34:cc:61:fb:de:09:52:7c:d6:23:60:11:fe:cc:
c1:29:43:b6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkIidc/21Jfr+lOC1pRDoMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjI5MTkwMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgyMzgwMmEyZDE3ODM2Y2ZiYzVlYjYxZDQ1MjBmZTY4ZWUwYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0dEcSXs9L0+NVzia3LuBqfKcdbY
r8wbkDjwmYLQUQKtrHSMraWPG/01NFxr85vqkilHiVfu4w+pdXX9VMQj+4azcUOr
/V3oBCWw/3pNaSODdVQKnApppClZwyJSQxGeaJslJC3X8xrITm+KXXDn4GEKxpHE
Z5R5AZUjezYX4ER6OdFCMMzDk/nvIqk82Z959bPZY+R3561O1qi5HzHCzq24Dw0C
KMcLvt29Z1dMDiZJ4yryIbJzi/boL1unkszrZh2Y8kMimhYQvhXptI/M6MYy1lVr
Cf2qTDGFGPswFjxD4+4Ot99xKrFlqRH1f7X8d4/ZEQCJbMEmt+RnMbfjpQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCeCOAKi0Xg2z7xeth1FIP5o7gyDMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSjRJNEFxTFJlRGJQdkY2MkhVVWdfbWp1RElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBWkYAwQA
BWkhAwQABWkrAwQABWk5AwQABWlRAwQABWlgAwQABWmoMA0GCSqGSIb3DQEBCwUA
A4IBAQAZf3BCgXKA8pYVwBM77ZVmwUmUqfpvj3WkO1LpIpKPHQTvpdkulwjfdJUI
jROumxaNXsYr0U84hXtpWTs42/1xPjsTAlrEcTm6VCIERDHMAldQcP9W2CmHrarP
BY3kHQEFC8Z8Fe7P3dNzlrL8AvYyjnnHTWVTmvClLOvjC43MjRlSkgWSpCmgOjpn
5zCLYzSRLVkkC/u7aWUJipaZV9p/YoeUMnDwQrrJhMF+CwmGaYCZ//ivyvWE6NCk
fxB//CyKi9YeTlikHZQX6nB3vvT/9nWjNbWTMtFk6R5heizS0vwW0vwDQTlZm7LJ
kUdFNMxh+94JUnzWI2AR/szBKUO2
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:12:50 2025 by rpki-client