Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/bBNGpqpkwjpdmAolHMl4hzcSpFk.roa
File: bBNGpqpkwjpdmAolHMl4hzcSpFk.roa (raw, json)
Hash identifier: pPkMPekNM8mDXOGwl5e5RcAONHKBflgP1FyL/TIRyyo=
Subject key identifier: 6C:13:46:A6:AA:64:C2:3A:5D:98:0A:25:1C:C9:78:87:37:12:A4:59
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0183F6F3BC428247C260FB7801A3BC03DA82
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/bBNGpqpkwjpdmAolHMl4hzcSpFk.roa
Signing time: Thu 20 Oct 2022 19:51:52 +0000
ROA not before: Thu 20 Oct 2022 19:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 5.105.152.0/24 maxlen: 24
5.105.155.0/24 maxlen: 24
5.105.154.0/24 maxlen: 24
5.105.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:f3:bc:42:82:47:c2:60:fb:78:01:a3:bc:03:da:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 20 19:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c1346a6aa64c23a5d980a251cc978873712a459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:51:56:5a:b9:1a:d1:28:9c:dc:a6:2e:b2:65:
fc:81:e2:b7:89:af:11:a2:5a:50:fe:94:cb:51:03:
d3:76:a8:87:6b:56:43:3d:d0:8a:81:b1:11:f8:d9:
0c:42:a1:bf:9e:16:b1:43:aa:bc:4d:57:9b:72:7c:
48:1c:a5:53:37:3f:12:a1:55:0f:67:3a:6a:81:48:
8a:7a:89:38:88:c1:47:7d:31:a2:9d:bc:97:ce:d5:
42:25:93:29:13:df:e7:eb:54:c1:53:14:93:33:30:
49:7d:7e:28:67:8c:24:a2:82:40:2f:3c:eb:b7:59:
1d:88:79:a4:d5:e6:bd:f1:e3:bd:67:ae:b2:51:d4:
a4:ca:25:65:23:ca:ca:38:07:71:b9:62:62:eb:76:
38:3d:d4:32:cc:46:ba:8d:f7:f8:a6:d3:37:16:04:
5a:7b:e8:85:6f:ca:ae:10:78:d5:14:75:f7:80:44:
b5:36:42:6d:d9:ff:b5:93:7d:1d:34:2b:0b:c6:97:
a5:c1:a8:5a:89:17:c6:9d:a8:b5:2f:a6:16:69:c1:
05:3f:99:0b:cf:10:0a:ab:76:65:25:40:30:90:c6:
05:6a:7a:80:eb:d7:08:1f:42:b2:40:fe:2b:7b:18:
bf:c3:a3:be:fc:cc:ce:7f:7f:79:55:29:30:b3:83:
9f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:13:46:A6:AA:64:C2:3A:5D:98:0A:25:1C:C9:78:87:37:12:A4:59
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/bBNGpqpkwjpdmAolHMl4hzcSpFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:91:2f:d3:94:87:1f:4c:58:55:99:10:28:62:7e:8d:95:6b:
17:25:d8:27:27:3f:eb:fb:ed:81:a8:fa:f6:3d:a4:86:09:fd:
12:06:59:9c:d9:5e:a4:36:c0:11:72:5d:dd:f5:3a:73:65:41:
fe:d3:01:0c:7a:7f:ff:c3:bd:70:09:65:6c:b3:5d:4c:17:37:
a8:04:70:73:74:24:2f:33:3a:b1:27:61:a2:be:28:29:cc:20:
65:35:27:81:ea:c2:70:b1:52:e2:b5:01:bb:78:bb:04:95:c4:
e0:85:74:36:54:24:93:a6:91:17:67:d1:98:7f:ff:f9:6c:7d:
31:d3:82:68:fc:29:b9:f3:19:16:12:2b:1d:58:4f:e1:15:fc:
ba:ee:1d:b2:09:58:0f:b4:5a:90:dc:0e:63:d3:b7:63:f8:79:
4a:c4:2b:2f:9a:8d:17:85:59:9c:dd:31:c2:b6:3d:bf:b8:7f:
af:3e:75:eb:ef:75:50:8c:b7:ac:99:43:5a:f1:c6:27:44:0f:
ea:8b:c3:df:47:2a:18:c6:61:6a:f5:a7:cc:f8:3f:52:5d:ac:
8b:c4:14:b0:b7:8c:04:ee:76:95:7c:0d:19:a3:dc:2b:e4:49:
0d:40:5f:9c:3b:46:16:10:d5:6a:82:3d:5a:10:a1:64:89:41:
07:44:6e:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP287xCgkfCYPt4AaO8A9qCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDIwMTk1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzEzNDZhNmFhNjRjMjNhNWQ5ODBhMjUxY2M5Nzg4NzM3MTJhNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVFWWrka0Sic3KYusmX8geK3ia8R
olpQ/pTLUQPTdqiHa1ZDPdCKgbER+NkMQqG/nhaxQ6q8TVebcnxIHKVTNz8SoVUP
ZzpqgUiKeok4iMFHfTGinbyXztVCJZMpE9/n61TBUxSTMzBJfX4oZ4wkooJALzzr
t1kdiHmk1ea98eO9Z66yUdSkyiVlI8rKOAdxuWJi63Y4PdQyzEa6jff4ptM3FgRa
e+iFb8quEHjVFHX3gES1NkJt2f+1k30dNCsLxpelwahaiRfGnai1L6YWacEFP5kL
zxAKq3ZlJUAwkMYFanqA69cIH0KyQP4rexi/w6O+/MzOf395VSkws4OfOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwTRqaqZMI6XZgKJRzJeIc3EqRZMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYkJOR3BxcGt3anBkbUFvbEhNbDRoemNTcEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWmYMA0G
CSqGSIb3DQEBCwUAA4IBAQBNkS/TlIcfTFhVmRAoYn6NlWsXJdgnJz/r++2BqPr2
PaSGCf0SBlmc2V6kNsARcl3d9TpzZUH+0wEMen//w71wCWVss11MFzeoBHBzdCQv
MzqxJ2GivigpzCBlNSeB6sJwsVLitQG7eLsElcTghXQ2VCSTppEXZ9GYf//5bH0x
04Jo/Cm58xkWEisdWE/hFfy67h2yCVgPtFqQ3A5j07dj+HlKxCsvmo0XhVmc3THC
tj2/uH+vPnXr73VQjLesmUNa8cYnRA/qi8PfRyoYxmFq9afM+D9SXayLxBSwt4wE
7naVfA0Zo9wr5EkNQF+cO0YWENVqgj1aEKFkiUEHRG5H
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:05 2025 by rpki-client