Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KbCJ7n6sUaNuMSk8Yn_qn_EgnkU.roa
File: KbCJ7n6sUaNuMSk8Yn_qn_EgnkU.roa (raw, json)
Hash identifier: a1kLCrlHV/fbP2+bdkMuuptmSXZB4FplmwZlmNzwh/s=
Subject key identifier: 29:B0:89:EE:7E:AC:51:A3:6E:31:29:3C:62:7F:EA:9F:F1:20:9E:45
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01893F962507B4A11D60EED29B2DB13A6919
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KbCJ7n6sUaNuMSk8Yn_qn_EgnkU.roa
Signing time: Mon 10 Jul 2023 11:35:51 +0000
ROA not before: Mon 10 Jul 2023 11:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 5.105.14.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:96:25:07:b4:a1:1d:60:ee:d2:9b:2d:b1:3a:69:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 10 11:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b089ee7eac51a36e31293c627fea9ff1209e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2a:32:7c:a4:81:07:bd:d8:a0:f6:a3:17:30:
ea:cb:27:7e:ac:a9:13:b5:cb:95:cc:5a:c2:4e:78:
59:56:fa:83:a3:8c:e4:3d:2f:24:98:86:53:89:91:
73:2b:d3:3c:fd:fd:1f:47:c8:45:05:f3:ff:87:cc:
23:41:a6:04:14:1e:06:50:af:f6:ea:1b:4d:b8:d3:
7f:a0:29:61:65:a6:c5:06:e8:01:76:8f:3f:40:c2:
05:a2:cb:21:e5:a1:c0:89:eb:39:ae:6d:ae:c9:ab:
8a:b7:8f:dd:4d:f9:0a:af:5e:62:1e:6e:d3:dc:a9:
b4:14:1a:6d:78:32:e1:77:f3:c7:26:ca:37:5b:c8:
66:3c:1d:7d:d7:4a:4f:65:92:c1:79:17:44:dc:52:
df:11:34:2f:1b:e8:1a:98:29:fc:4a:7f:2e:c1:34:
df:13:38:7a:69:d6:d7:0e:82:00:6b:1b:de:a9:26:
d4:e9:82:61:39:80:cb:dd:34:98:12:45:d6:e6:93:
b2:0c:08:95:7c:69:38:76:cb:c8:4f:ec:94:82:0d:
30:5f:5a:05:a2:34:1f:a6:a4:d9:a0:3a:19:82:83:
c7:ce:35:b9:63:c7:58:cb:48:68:90:a2:3e:42:b0:
81:f9:48:9f:0d:1c:7a:f4:8c:2e:f3:4b:10:9b:dc:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B0:89:EE:7E:AC:51:A3:6E:31:29:3C:62:7F:EA:9F:F1:20:9E:45
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/KbCJ7n6sUaNuMSk8Yn_qn_EgnkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.14.0/24
5.105.142.0/24
5.105.207.0/24
5.105.221.0/24
5.105.249.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d8:53:52:dc:a9:08:48:ce:04:dd:c4:a3:c4:ae:ed:04:06:
9a:e5:08:e2:62:7c:4a:8b:fe:3b:e4:ef:87:a1:7a:75:5d:4e:
5c:44:81:e4:58:c2:e1:2b:0c:5e:d2:48:39:24:f2:48:1d:54:
06:f8:bc:51:06:5f:9c:d6:50:1e:83:04:c8:1f:68:25:83:fd:
8c:d0:47:36:5b:cd:17:05:07:ab:bc:03:cd:84:bd:7e:43:71:
5e:fe:cd:fd:28:51:e2:aa:f9:a0:c4:0f:17:47:1a:90:4a:2c:
94:cb:43:a1:dc:bf:e5:29:c1:d3:30:bf:6b:6b:3b:6a:5d:89:
f7:7a:34:18:64:e1:b4:18:45:a1:56:7e:eb:cb:ee:52:d8:ba:
1e:94:a8:ec:f7:57:dc:1d:58:f9:39:16:c2:1e:61:f9:74:87:
6b:9f:a1:26:49:e1:fa:de:d7:32:74:1f:bb:d4:70:b5:e8:51:
69:89:9d:71:e9:bd:cf:be:5f:b2:0a:3d:6e:ad:a9:e2:b2:7d:
91:3c:1b:7a:52:f1:93:d8:a5:77:d1:d1:0f:57:2f:1b:2b:51:
92:51:52:2b:0a:92:5e:5d:4f:0c:3c:03:a7:7a:b0:3b:01:d1:
84:06:f4:89:b8:ce:cf:2a:1d:34:01:4c:c3:1d:89:25:7c:df:
2e:b0:f8:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYk/liUHtKEdYO7Smy2xOmkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzEwMTEzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWIwODllZTdlYWM1MWEzNmUzMTI5M2M2MjdmZWE5ZmYxMjA5ZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyoyfKSBB73YoPajFzDqyyd+rKkT
tcuVzFrCTnhZVvqDo4zkPS8kmIZTiZFzK9M8/f0fR8hFBfP/h8wjQaYEFB4GUK/2
6htNuNN/oClhZabFBugBdo8/QMIFossh5aHAies5rm2uyauKt4/dTfkKr15iHm7T
3Km0FBpteDLhd/PHJso3W8hmPB1910pPZZLBeRdE3FLfETQvG+gamCn8Sn8uwTTf
Ezh6adbXDoIAaxveqSbU6YJhOYDL3TSYEkXW5pOyDAiVfGk4dsvIT+yUgg0wX1oF
ojQfpqTZoDoZgoPHzjW5Y8dYy0hokKI+QrCB+UifDRx69Iwu80sQm9zBPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCmwie5+rFGjbjEpPGJ/6p/xIJ5FMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvS2JDSjduNnNVYU51TVNrOFluX3FuX0VnbmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkOAwQA
BWmOAwQABWnPAwQABWndAwQABWn5MA0GCSqGSIb3DQEBCwUAA4IBAQCV2FNS3KkI
SM4E3cSjxK7tBAaa5QjiYnxKi/475O+HoXp1XU5cRIHkWMLhKwxe0kg5JPJIHVQG
+LxRBl+c1lAegwTIH2glg/2M0Ec2W80XBQervAPNhL1+Q3Fe/s39KFHiqvmgxA8X
RxqQSiyUy0Oh3L/lKcHTML9raztqXYn3ejQYZOG0GEWhVn7ry+5S2LoelKjs91fc
HVj5ORbCHmH5dIdrn6EmSeH63tcydB+71HC16FFpiZ1x6b3Pvl+yCj1uranisn2R
PBt6UvGT2KV30dEPVy8bK1GSUVIrCpJeXU8MPAOnerA7AdGEBvSJuM7PKh00AUzD
HYklfN8usPjW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:26 2025 by rpki-client