Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JI-dCpqGreovYIsxbW4MgG8SxMo.roa
File: JI-dCpqGreovYIsxbW4MgG8SxMo.roa (raw, json)
Hash identifier: B50BxQPJwj/Y/3DSgyAbomhpI7p1IVv6i7zr5EA8y94=
Subject key identifier: 24:8F:9D:0A:9A:86:AD:EA:2F:60:8B:31:6D:6E:0C:80:6F:12:C4:CA
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018452D39B88AFDAC544F1C8D4341E6AA077
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JI-dCpqGreovYIsxbW4MgG8SxMo.roa
Signing time: Mon 07 Nov 2022 16:01:50 +0000
ROA not before: Mon 07 Nov 2022 16:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.130.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:d3:9b:88:af:da:c5:44:f1:c8:d4:34:1e:6a:a0:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 7 16:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=248f9d0a9a86adea2f608b316d6e0c806f12c4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:e3:bb:4b:0e:e0:f8:47:18:a9:8e:b0:c0:
4d:20:32:f7:c7:62:42:0b:6b:e5:b7:b8:ae:02:39:
ad:5c:e1:3f:b8:d3:22:37:0b:76:8e:38:70:a7:fd:
d2:86:ce:be:0e:b9:10:88:5e:55:1f:e4:96:7f:25:
94:d6:9d:38:ab:46:7e:27:50:eb:5e:b5:67:28:cc:
f1:7a:cb:eb:cf:26:5c:d8:b1:eb:cb:bb:b1:c6:1b:
6d:8d:78:97:03:a6:e7:95:d4:5e:8e:98:0d:90:6c:
bd:9b:47:8d:0b:92:97:63:21:52:91:c4:ed:1f:2c:
d3:61:c0:74:8c:94:1d:da:c9:7d:f1:a7:c6:16:f7:
bb:28:f9:4f:48:4a:83:08:d2:57:61:25:35:63:30:
cb:6d:ad:15:ca:d8:ca:9d:e6:22:ab:e0:9c:eb:76:
3f:ee:85:a0:ea:eb:06:66:cf:cf:12:05:63:cb:0c:
b8:9a:61:00:39:d2:83:af:a4:47:e0:2c:e7:fa:88:
50:e1:0b:42:f4:1c:3c:c9:40:7f:a2:6f:46:79:b9:
77:1f:1d:00:fb:96:0a:87:f5:ab:dd:d7:04:8f:92:
f1:fd:a3:11:a6:05:80:e9:9e:72:c9:0d:b2:a4:09:
70:d5:e8:63:25:b8:2e:11:ab:7d:72:f6:2c:21:9c:
ff:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:9D:0A:9A:86:AD:EA:2F:60:8B:31:6D:6E:0C:80:6F:12:C4:CA
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JI-dCpqGreovYIsxbW4MgG8SxMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.7.0/24
5.105.96.0/24
5.105.130.0/24
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
5.105.226.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:f5:71:00:1f:ad:a2:59:3f:02:92:e0:5e:62:ca:63:86:d6:
37:6a:db:ff:5d:95:6f:35:e6:d0:61:aa:48:91:32:77:3c:82:
a7:51:89:45:95:74:85:4b:ff:30:d6:e4:4b:10:91:98:34:6e:
8c:e9:c2:fa:1c:fd:b1:6e:c5:57:e2:3f:8d:9d:ba:e1:73:58:
fc:e8:a0:05:9c:6a:33:ce:a8:6d:bd:95:66:28:63:c1:40:2a:
ab:b6:d8:b9:e4:50:85:6f:c2:81:59:6a:d8:a8:25:e8:9d:de:
5c:1f:28:84:06:ed:c5:a2:a1:78:6d:b0:f4:9b:21:0c:b6:9d:
44:e1:42:bd:a1:ac:e5:09:cc:e1:53:68:ac:96:ad:d9:38:75:
2e:82:91:2e:ad:fd:ce:35:c5:c7:0b:db:13:89:67:1f:51:b0:
cf:41:10:60:35:1c:14:72:b9:97:fb:60:d8:29:72:34:8f:b7:
78:d9:de:76:4b:0f:d2:38:dc:5b:a2:81:39:bf:39:bf:e2:0c:
55:8b:64:3e:87:30:69:d5:d5:55:a2:28:94:c8:9c:72:cc:f5:
55:04:22:72:c0:72:2e:0c:3a:a7:03:c6:da:9a:83:5d:28:fa:
e7:7d:85:bf:7c:97:55:32:fa:ee:34:9e:6c:c9:9c:82:68:09:
36:3d:60:69
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYRS05uIr9rFRPHI1DQeaqB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTA3MTYwMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhmOWQwYTlhODZhZGVhMmY2MDhiMzE2ZDZlMGM4MDZmMTJjNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBHju0sO4PhHGKmOsMBNIDL3x2JC
C2vlt7iuAjmtXOE/uNMiNwt2jjhwp/3Shs6+DrkQiF5VH+SWfyWU1p04q0Z+J1Dr
XrVnKMzxesvrzyZc2LHry7uxxhttjXiXA6bnldRejpgNkGy9m0eNC5KXYyFSkcTt
HyzTYcB0jJQd2sl98afGFve7KPlPSEqDCNJXYSU1YzDLba0VytjKneYiq+Cc63Y/
7oWg6usGZs/PEgVjywy4mmEAOdKDr6RH4Czn+ohQ4QtC9Bw8yUB/om9Gebl3Hx0A
+5YKh/Wr3dcEj5Lx/aMRpgWA6Z5yyQ2ypAlw1ehjJbguEat9cvYsIZz/ewIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCSPnQqahq3qL2CLMW1uDIBvEsTKMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSkktZENwcUdyZW92WUlzeGJXNE1nRzhTeE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkHAwQA
BWlgAwQABWmCAwQABWm4AwQABWnIAwQABWnXAwQABWniMA0GCSqGSIb3DQEBCwUA
A4IBAQC79XEAH62iWT8CkuBeYspjhtY3atv/XZVvNebQYapIkTJ3PIKnUYlFlXSF
S/8w1uRLEJGYNG6M6cL6HP2xbsVX4j+Nnbrhc1j86KAFnGozzqhtvZVmKGPBQCqr
tti55FCFb8KBWWrYqCXond5cHyiEBu3FoqF4bbD0myEMtp1E4UK9oazlCczhU2is
lq3ZOHUugpEurf3ONcXHC9sTiWcfUbDPQRBgNRwUcrmX+2DYKXI0j7d42d52Sw/S
ONxbooE5vzm/4gxVi2Q+hzBp1dVVoiiUyJxyzPVVBCJywHIuDDqnA8bamoNdKPrn
fYW/fJdVMvruNJ5syZyCaAk2PWBp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-fra.rpki-client.org