Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/LCY0jNRm1n2cQXaDMj_A64WxFBs.roa
File: LCY0jNRm1n2cQXaDMj_A64WxFBs.roa (raw, json)
Hash identifier: d7sFyLZHXapyZVpaz5She2jx+veG4BGvzA7nRcobACE=
Subject key identifier: 2C:26:34:8C:D4:66:D6:7D:9C:41:76:83:32:3F:C0:EB:85:B1:14:1B
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184C7FFCCE67A7A314A4DB2F0AB010BC449
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/LCY0jNRm1n2cQXaDMj_A64WxFBs.roa
Signing time: Wed 30 Nov 2022 10:05:40 +0000
ROA not before: Wed 30 Nov 2022 10:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 5.105.130.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.31.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.184.0/24 maxlen: 24
5.105.96.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
5.105.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:ff:cc:e6:7a:7a:31:4a:4d:b2:f0:ab:01:0b:c4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 30 10:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c26348cd466d67d9c417683323fc0eb85b1141b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:0d:5e:f6:10:78:1f:a9:65:af:4b:26:50:
bf:f5:3b:74:e9:6c:0d:b4:b5:e3:73:10:6b:52:cb:
fe:93:1c:67:5d:68:fc:b3:29:67:c9:07:d7:52:7f:
4f:2c:e8:35:cd:59:7d:d3:86:52:8b:07:60:e2:96:
d4:98:fd:52:b5:be:c0:bd:dd:25:26:50:7e:9a:ab:
1e:da:19:de:64:9f:ad:04:2d:0f:cc:b8:c1:3c:b4:
25:cd:e8:49:5c:f6:b9:52:15:60:be:0f:d8:fe:2d:
41:a0:88:69:c9:dc:9c:6b:dd:fc:bb:c3:aa:03:f8:
b5:3f:35:b2:b7:d3:a3:ba:f0:48:e4:19:56:9f:1f:
e6:6f:d9:d0:f6:76:5a:50:2b:60:76:b9:4c:4a:56:
8b:ea:c4:59:d1:43:99:95:af:d9:ea:03:57:3c:a3:
33:4a:99:c0:bb:cc:b6:ce:64:dc:d2:cc:fe:90:47:
1e:d6:1a:bf:7a:dd:85:b1:65:25:f5:b2:8e:15:b9:
31:f6:20:95:ca:6f:8c:56:cd:55:5d:28:f7:ed:81:
d5:e6:f9:6b:f6:a0:94:6d:d1:87:df:f3:fc:45:38:
cb:47:1a:9d:c9:d8:ab:16:01:47:4d:c5:ce:c5:7c:
eb:13:3b:26:32:f6:55:f8:d9:88:76:95:64:73:63:
a1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:26:34:8C:D4:66:D6:7D:9C:41:76:83:32:3F:C0:EB:85:B1:14:1B
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/LCY0jNRm1n2cQXaDMj_A64WxFBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.7.0/24
5.105.30.0-5.105.33.255
5.105.96.0/24
5.105.130.0/24
5.105.184.0/24
5.105.200.0/24
5.105.215.0/24
5.105.226.0/24
Signature Algorithm: sha256WithRSAEncryption
30:3e:77:31:4f:de:a7:8d:46:05:4d:ec:5d:c2:5d:09:26:7e:
04:9a:a2:1c:b0:9d:b2:b7:d6:fb:b6:6a:9e:84:cd:ea:68:fb:
22:bd:ac:d7:25:7a:49:89:fa:34:22:9c:78:5c:8f:0f:08:89:
0c:8e:b1:d4:21:2e:2d:3c:7b:8a:3b:1c:77:be:ea:34:df:c0:
2a:db:52:03:02:27:ae:4d:ae:7e:f3:8b:41:64:bb:e7:5c:b3:
6d:cb:d9:51:13:e9:75:7e:bf:22:52:1a:e9:30:fd:b2:eb:ad:
5e:ac:be:cf:d0:e0:8c:47:13:31:7b:30:ab:d0:bd:44:fc:89:
e2:d7:b5:48:ed:87:fe:29:67:69:6e:3a:73:9e:c6:05:2e:90:
89:e0:5d:29:8f:b5:bd:cd:29:20:a8:43:17:94:1c:25:c3:f3:
2c:7c:0c:55:78:c3:2f:4a:be:25:8f:63:43:09:a7:42:7b:4e:
1f:32:e8:dd:10:83:25:19:db:ed:9a:9e:5c:eb:5b:17:c7:b4:
5b:df:24:df:20:b1:f8:8b:6f:9b:96:8a:89:ff:29:20:8a:28:
4e:e2:61:44:75:d1:52:1d:53:ea:ff:12:ad:fc:98:80:0c:b5:
4d:bb:81:35:08:c5:3a:93:42:84:92:11:09:d8:99:a1:3b:8f:
65:e4:87:31
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYTH/8zmenoxSk2y8KsBC8RJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTMwMTAwNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzI2MzQ4Y2Q0NjZkNjdkOWM0MTc2ODMzMjNmYzBlYjg1YjExNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5UNXvYQeB+pZa9LJlC/9Tt06WwN
tLXjcxBrUsv+kxxnXWj8sylnyQfXUn9PLOg1zVl904ZSiwdg4pbUmP1Stb7Avd0l
JlB+mqse2hneZJ+tBC0PzLjBPLQlzehJXPa5UhVgvg/Y/i1BoIhpydyca938u8Oq
A/i1PzWyt9OjuvBI5BlWnx/mb9nQ9nZaUCtgdrlMSlaL6sRZ0UOZla/Z6gNXPKMz
SpnAu8y2zmTc0sz+kEce1hq/et2FsWUl9bKOFbkx9iCVym+MVs1VXSj37YHV5vlr
9qCUbdGH3/P8RTjLRxqdydirFgFHTcXOxXzrEzsmMvZV+NmIdpVkc2OhWQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCwmNIzUZtZ9nEF2gzI/wOuFsRQbMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTENZMGpOUm0xbjJjUVhhRE1qX0E2NFd4RkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABWkHMAwD
BAEFaR4DBAEFaSADBAAFaWADBAAFaYIDBAAFabgDBAAFacgDBAAFadcDBAAFaeIw
DQYJKoZIhvcNAQELBQADggEBADA+dzFP3qeNRgVN7F3CXQkmfgSaohywnbK31vu2
ap6Ezepo+yK9rNclekmJ+jQinHhcjw8IiQyOsdQhLi08e4o7HHe+6jTfwCrbUgMC
J65Nrn7zi0Fku+dcs23L2VET6XV+vyJSGukw/bLrrV6svs/Q4IxHEzF7MKvQvUT8
ieLXtUjth/4pZ2luOnOexgUukIngXSmPtb3NKSCoQxeUHCXD8yx8DFV4wy9KviWP
Y0MJp0J7Th8y6N0QgyUZ2+2anlzrWxfHtFvfJN8gsfiLb5uWion/KSCKKE7iYUR1
0VIdU+r/Eq38mIAMtU27gTUIxTqTQoSSEQnYmaE7j2XkhzE=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:56:08 2025 by rpki-client