Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/b2kmMkSy4nV3egqkYO6AtDSH_L0.roa
File: b2kmMkSy4nV3egqkYO6AtDSH_L0.roa (raw, json)
Hash identifier: TbCC92t5RZTWr9gAo7X5v4jgfphAW/LytvvgRCzCeJM=
Subject key identifier: 6F:69:26:32:44:B2:E2:75:77:7A:0A:A4:60:EE:80:B4:34:87:FC:BD
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184EBD4C452E7203FFB57E71D2D178890FB
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/b2kmMkSy4nV3egqkYO6AtDSH_L0.roa
Signing time: Wed 07 Dec 2022 09:05:00 +0000
ROA not before: Wed 07 Dec 2022 09:05:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 5.105.120.0/24 maxlen: 24
5.105.123.0/24 maxlen: 24
5.105.48.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:d4:c4:52:e7:20:3f:fb:57:e7:1d:2d:17:88:90:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 7 09:05:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f69263244b2e275777a0aa460ee80b43487fcbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:08:85:61:6d:fb:ec:fb:f9:e6:ff:33:c1:
35:01:8c:18:25:e2:87:ed:2b:75:fb:fd:ae:29:2d:
42:e8:bc:7c:34:55:05:ac:13:a4:9c:a5:d1:6d:26:
af:44:01:86:37:f6:5e:9c:ff:e2:86:dd:db:5f:c5:
f2:4d:8a:d2:49:25:f4:da:d8:3c:dc:54:0b:ab:1c:
f3:c3:58:7d:6f:51:a8:59:f2:d0:d1:09:0a:fa:f5:
99:4a:24:fd:46:0d:56:e2:04:87:dd:46:51:21:7a:
9c:9a:85:38:f0:8a:b2:12:9b:8a:dd:65:a4:ce:41:
c0:26:e8:f4:1b:a4:db:4e:87:a7:78:12:d3:92:a1:
5e:d4:27:d4:29:ee:52:37:ce:79:69:70:99:6a:ed:
a2:37:6c:19:ef:29:84:17:8f:f2:48:2d:4d:d4:00:
a2:c8:34:2e:46:f9:d7:1f:f5:c7:de:0e:f6:4e:26:
68:b6:b0:f9:ba:4c:d2:3c:bd:69:ff:b2:67:67:12:
da:ad:a8:59:22:76:f8:07:2a:95:5f:46:bf:76:d8:
5e:22:a5:1a:15:b7:0e:ce:d1:ee:f0:8e:82:ac:e3:
14:a1:da:b5:ce:6d:2c:21:c5:03:2e:52:85:6a:8c:
82:34:ff:ca:21:4f:8d:46:d3:51:16:17:ae:80:d4:
1f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:69:26:32:44:B2:E2:75:77:7A:0A:A4:60:EE:80:B4:34:87:FC:BD
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/b2kmMkSy4nV3egqkYO6AtDSH_L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.48.0/24
5.105.65.0/24
5.105.74.0/23
5.105.97.0/24
5.105.120.0/24
5.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:23:db:44:78:dc:54:98:b7:60:dd:68:46:35:a7:ce:68:46:
09:bb:41:04:8f:ff:e0:d8:c2:ce:32:40:82:34:35:a6:b7:7d:
a9:65:dd:fc:d5:d7:e5:be:d4:73:d6:df:90:b6:ff:30:cc:46:
23:df:e9:35:00:3c:f3:81:55:63:6d:37:b9:db:96:89:f2:b3:
87:35:f5:cd:7a:32:3d:ea:a5:41:4a:95:67:8e:6b:81:9c:a8:
e0:ba:93:25:14:4c:90:78:4e:bb:c8:d4:dc:1a:9e:ee:89:75:
5e:43:2f:a3:98:9a:36:ce:79:44:43:e9:9a:bc:5f:54:12:55:
80:f7:3f:9e:0a:43:c0:45:c7:90:e9:d0:7c:35:03:57:0a:71:
61:84:7a:70:39:34:1f:4d:9e:e9:d9:eb:55:d4:4b:f9:d1:6d:
e2:8d:0f:03:d9:30:52:af:7e:af:6c:5a:be:b2:6a:a7:e7:e1:
eb:ab:26:27:74:0d:81:16:9a:1c:24:3b:be:3c:d2:a3:21:8a:
1f:30:7c:6f:79:85:fe:a8:78:77:00:eb:86:e9:bc:9f:23:17:
ce:53:0d:63:2a:e8:96:46:68:fd:43:69:c7:00:ef:17:70:2c:
5b:24:b0:9b:e7:76:8e:35:33:71:4f:fb:c8:96:6b:9d:08:eb:
d4:c4:33:fa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTr1MRS5yA/+1fnHS0XiJD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjA3MDkwNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjY5MjYzMjQ0YjJlMjc1Nzc3YTBhYTQ2MGVlODBiNDM0ODdmY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLYIhWFt++z7+eb/M8E1AYwYJeKH
7St1+/2uKS1C6Lx8NFUFrBOknKXRbSavRAGGN/ZenP/iht3bX8XyTYrSSSX02tg8
3FQLqxzzw1h9b1GoWfLQ0QkK+vWZSiT9Rg1W4gSH3UZRIXqcmoU48IqyEpuK3WWk
zkHAJuj0G6TbToeneBLTkqFe1CfUKe5SN855aXCZau2iN2wZ7ymEF4/ySC1N1ACi
yDQuRvnXH/XH3g72TiZotrD5ukzSPL1p/7JnZxLarahZInb4ByqVX0a/dtheIqUa
FbcOztHu8I6CrOMUodq1zm0sIcUDLlKFaoyCNP/KIU+NRtNRFheugNQfDwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG9pJjJEsuJ1d3oKpGDugLQ0h/y9MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYjJrbU1rU3k0blYzZWdxa1lPNkF0RFNIX0wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkwAwQA
BWlBAwQBBWlKAwQABWlhAwQABWl4AwQABWl7MA0GCSqGSIb3DQEBCwUAA4IBAQCt
I9tEeNxUmLdg3WhGNafOaEYJu0EEj//g2MLOMkCCNDWmt32pZd381dflvtRz1t+Q
tv8wzEYj3+k1ADzzgVVjbTe525aJ8rOHNfXNejI96qVBSpVnjmuBnKjgupMlFEyQ
eE67yNTcGp7uiXVeQy+jmJo2znlEQ+mavF9UElWA9z+eCkPARceQ6dB8NQNXCnFh
hHpwOTQfTZ7p2etV1Ev50W3ijQ8D2TBSr36vbFq+smqn5+HrqyYndA2BFpocJDu+
PNKjIYofMHxveYX+qHh3AOuG6byfIxfOUw1jKuiWRmj9Q2nHAO8XcCxbJLCb53aO
NTNxT/vIlmudCOvUxDP6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org