Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/cTkkFMrMNEVM_y5UhH7a5jtspmI.roa
File: cTkkFMrMNEVM_y5UhH7a5jtspmI.roa (raw, json)
Hash identifier: ndw1yCa0xFXgbpkUbMWr2N41MvDD7IRqPGKQgEj3fG4=
Subject key identifier: 71:39:24:14:CA:CC:34:45:4C:FF:2E:54:84:7E:DA:E6:3B:6C:A6:62
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5A4CC92C68AAA4EADC020FCB4FAF7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/cTkkFMrMNEVM_y5UhH7a5jtspmI.roa
Signing time: Sun 01 Jan 2023 05:54:50 +0000
ROA not before: Sun 01 Jan 2023 05:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 5.105.138.0/23 maxlen: 24
5.105.142.0/23 maxlen: 24
5.105.164.0/23 maxlen: 24
91.200.212.0/22 maxlen: 24
5.105.68.0/23 maxlen: 24
5.105.94.0/23 maxlen: 24
5.105.112.0/23 maxlen: 24
5.105.114.0/23 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.248.0/23 maxlen: 24
5.105.186.0/23 maxlen: 24
5.105.198.0/23 maxlen: 24
5.105.206.0/23 maxlen: 24
5.105.202.0/23 maxlen: 24
85.255.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:a4:cc:92:c6:8a:aa:4e:ad:c0:20:fc:b4:fa:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71392414cacc34454cff2e54847edae63b6ca662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:3b:00:55:f8:b2:92:ca:07:8b:67:b8:37:
a2:f4:0e:e7:83:d3:0e:9d:76:18:f2:44:56:14:47:
14:7c:98:88:53:f0:44:5d:12:bc:98:12:3f:a3:d5:
86:97:51:53:80:72:37:71:c3:8e:1d:ac:6c:cf:db:
1a:c0:fb:0e:44:4f:b4:76:ea:c6:50:bc:64:37:aa:
67:1c:af:d9:fc:53:ce:37:c6:8b:e4:03:e2:45:02:
6b:d9:3e:36:c1:da:9d:a2:b3:93:43:78:21:d8:a5:
fd:6f:dc:84:aa:e0:64:d0:f0:e6:25:36:a7:e2:84:
40:2f:b7:71:84:81:74:28:0f:32:89:32:7b:bb:27:
af:70:99:d1:4e:60:ba:fb:19:94:84:fd:31:b6:38:
10:30:0b:e4:c9:e8:3c:c0:09:76:25:ee:cf:dd:96:
99:06:72:9d:dc:bf:dc:72:a9:35:48:51:55:01:7d:
8f:77:8d:3e:97:8f:3b:5d:9e:b2:62:aa:67:44:5a:
3c:18:30:c9:65:83:8a:ab:d6:c4:da:12:1d:67:14:
59:ed:de:44:b7:af:31:18:10:f6:64:25:c9:d5:65:
2c:7d:78:d6:db:e9:26:99:89:0e:03:15:b4:8a:b3:
c7:49:1c:8a:0b:13:09:14:b8:b4:0d:c9:25:3c:d9:
6d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:39:24:14:CA:CC:34:45:4C:FF:2E:54:84:7E:DA:E6:3B:6C:A6:62
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/cTkkFMrMNEVM_y5UhH7a5jtspmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.68.0/23
5.105.94.0/23
5.105.112.0/22
5.105.138.0/23
5.105.142.0/23
5.105.164.0/23
5.105.186.0/23
5.105.198.0/23
5.105.202.0/23
5.105.206.0/23
5.105.248.0/23
85.255.176.0/21
91.200.212.0/22
Signature Algorithm: sha256WithRSAEncryption
23:55:ec:f9:0e:67:b3:bb:f0:4a:b4:80:f6:54:d4:b1:f9:f9:
55:85:dc:de:1c:bb:50:a6:38:eb:b6:be:53:d9:52:bb:ad:f2:
90:4c:7c:4c:5a:ce:99:3d:51:d9:db:1c:8a:a4:33:76:9e:ab:
7f:21:e5:5d:69:87:52:c5:15:42:d4:c4:28:a8:d0:a4:e6:c5:
14:55:56:7b:b9:52:04:5f:0d:20:a3:a9:1c:69:67:a6:48:6b:
80:30:b9:ad:12:e0:b8:c4:ab:ef:97:9c:3e:ea:37:3a:12:b7:
f3:99:5b:45:de:f7:d9:d5:b6:80:03:87:dc:54:13:27:76:f2:
f3:f3:81:43:48:fb:b4:79:0d:dd:86:d0:8d:45:fe:45:46:e8:
e9:ea:73:13:09:a1:72:b2:2a:38:61:10:8a:9a:ec:98:9e:84:
0f:5f:58:40:a4:fa:76:8e:dd:00:e5:57:92:98:ab:11:7b:34:
dc:13:a8:90:25:38:01:a0:86:c6:44:11:f9:07:7c:cc:2f:9e:
35:99:57:75:ed:91:8b:27:1b:a9:d1:9a:cf:7e:28:64:41:96:
d7:9c:e5:57:83:1b:9e:96:72:56:d7:ac:7e:81:1a:54:ae:2b:
a9:09:99:6a:bd:d8:2f:dd:73:28:d8:2d:1f:48:de:d1:e9:22:
7d:19:ce:e5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVr5aTMksaKqk6twCD8tPr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM5MjQxNGNhY2MzNDQ1NGNmZjJlNTQ4NDdlZGFlNjNiNmNhNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6A7AFX4spLKB4tnuDei9A7ng9MO
nXYY8kRWFEcUfJiIU/BEXRK8mBI/o9WGl1FTgHI3ccOOHaxsz9sawPsORE+0durG
ULxkN6pnHK/Z/FPON8aL5APiRQJr2T42wdqdorOTQ3gh2KX9b9yEquBk0PDmJTan
4oRAL7dxhIF0KA8yiTJ7uyevcJnRTmC6+xmUhP0xtjgQMAvkyeg8wAl2Je7P3ZaZ
BnKd3L/ccqk1SFFVAX2Pd40+l487XZ6yYqpnRFo8GDDJZYOKq9bE2hIdZxRZ7d5E
t68xGBD2ZCXJ1WUsfXjW2+kmmYkOAxW0irPHSRyKCxMJFLi0DcklPNltfwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHE5JBTKzDRFTP8uVIR+2uY7bKZiMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvY1Rra0ZNck1ORVZNX3k1VWhIN2E1anRzcG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABWkdAwQB
BWlEAwQBBWleAwQCBWlwAwQBBWmKAwQBBWmOAwQBBWmkAwQBBWm6AwQBBWnGAwQB
BWnKAwQBBWnOAwQBBWn4AwQDVf+wAwQCW8jUMA0GCSqGSIb3DQEBCwUAA4IBAQAj
Vez5Dmezu/BKtID2VNSx+flVhdzeHLtQpjjrtr5T2VK7rfKQTHxMWs6ZPVHZ2xyK
pDN2nqt/IeVdaYdSxRVC1MQoqNCk5sUUVVZ7uVIEXw0go6kcaWemSGuAMLmtEuC4
xKvvl5w+6jc6ErfzmVtF3vfZ1baAA4fcVBMndvLz84FDSPu0eQ3dhtCNRf5FRujp
6nMTCaFysio4YRCKmuyYnoQPX1hApPp2jt0A5VeSmKsRezTcE6iQJTgBoIbGRBH5
B3zML541mVd17ZGLJxup0ZrPfihkQZbXnOVXgxuelnJW16x+gRpUriupCZlqvdgv
3XMo2C0fSN7R6SJ9Gc7l
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:52:45 2025 by rpki-client