Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/eg0z3gx_uUh5aO166Lg1gBLW8_Q.roa
File: eg0z3gx_uUh5aO166Lg1gBLW8_Q.roa (raw, json)
Hash identifier: qmA5Xq2SwctMymktCe1Axa56owNpvmIQ4L5DanM5cOM=
Subject key identifier: 7A:0D:33:DE:0C:7F:B9:48:79:68:ED:7A:E8:B8:35:80:12:D6:F3:F4
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184F12EA56EC10A7A26BD6F5D9EF2C04728
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/eg0z3gx_uUh5aO166Lg1gBLW8_Q.roa
Signing time: Thu 08 Dec 2022 10:01:16 +0000
ROA not before: Thu 08 Dec 2022 10:01:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 5.105.120.0/24 maxlen: 24
5.105.48.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:2e:a5:6e:c1:0a:7a:26:bd:6f:5d:9e:f2:c0:47:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 8 10:01:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a0d33de0c7fb9487968ed7ae8b8358012d6f3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d2:be:c1:1b:53:6b:29:d0:dc:c7:5d:42:0b:
d6:ae:92:38:c9:7c:1d:a8:53:90:e4:31:cb:7c:54:
a4:db:b1:d7:c2:7b:2d:d2:2f:2c:d9:1a:c1:74:22:
69:53:ca:bc:35:35:0f:cf:84:1b:04:0d:b2:46:ec:
fa:85:85:f0:9f:05:4c:04:38:1e:56:f3:fe:d5:24:
42:9a:bc:db:ec:e3:07:6b:d9:9c:7d:be:e5:70:48:
91:41:fc:41:e4:e5:e6:7a:a3:00:b3:51:0c:e2:98:
ac:a0:56:4d:8c:87:62:2a:5b:f6:31:82:89:eb:1d:
6a:25:c2:66:0d:50:1e:e9:9a:43:7b:ed:a2:4f:3c:
fe:1e:88:61:28:98:c8:44:17:12:90:ec:7c:48:27:
29:7c:26:22:db:ba:e0:56:6f:e3:7d:5b:34:02:93:
41:5e:5e:4b:d6:12:62:9e:3a:3e:ab:af:6d:9e:9a:
cd:28:40:bf:29:3d:53:06:bb:41:ff:13:b5:2d:97:
16:1c:db:d3:70:85:ed:34:28:4c:4f:55:05:4e:c1:
63:27:59:e7:9f:1f:a1:81:84:c6:74:55:f5:50:65:
d8:27:16:67:de:06:62:ca:a0:7d:57:22:ea:be:6e:
a1:78:80:ec:b9:b3:89:97:ee:98:6e:15:a9:0e:1f:
32:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0D:33:DE:0C:7F:B9:48:79:68:ED:7A:E8:B8:35:80:12:D6:F3:F4
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/eg0z3gx_uUh5aO166Lg1gBLW8_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.48.0/24
5.105.65.0/24
5.105.74.0/23
5.105.97.0/24
5.105.120.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:2b:dc:5c:e4:5b:58:91:51:3d:2b:91:8b:91:a1:9e:53:9c:
06:07:3a:2d:a3:52:03:fc:5b:b8:ec:e1:4f:f6:95:60:73:2a:
27:77:a9:ba:0d:48:6f:50:b4:04:03:01:19:0e:1d:34:b4:97:
89:fc:17:47:33:56:10:ab:83:b3:a7:5f:b6:1d:43:ba:7b:73:
e4:e8:73:11:49:8e:b6:1b:6b:35:e7:69:6a:00:98:0b:aa:22:
e9:4a:57:1d:3c:33:e1:f9:03:32:b2:5b:df:6e:9b:ad:cb:bd:
ea:83:04:46:be:ad:f7:c6:f8:84:d1:a6:4f:49:bf:e1:29:fb:
b8:41:5e:0f:23:2e:1a:ac:aa:31:fc:e4:1a:28:36:25:b6:a8:
9c:bc:a6:c6:9d:7d:91:22:b2:53:2d:ee:58:c2:16:8e:9c:a7:
d7:0e:e0:6c:09:9d:7d:f5:e1:08:30:38:09:54:cf:4a:ca:b5:
e7:0f:8e:32:df:a6:93:f5:e1:48:3b:8e:79:54:85:99:6e:56:
9a:da:7d:b0:85:7e:f5:9b:14:30:4a:a4:51:b0:83:8b:3b:c0:
eb:a6:a2:c1:fd:b0:99:7e:d0:5e:65:e0:b6:f0:9d:05:67:ce:
9a:cf:93:2e:e1:eb:9d:c2:62:1a:7c:a5:23:72:ce:40:06:7b:
52:50:13:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTxLqVuwQp6Jr1vXZ7ywEcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjA4MTAwMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBkMzNkZTBjN2ZiOTQ4Nzk2OGVkN2FlOGI4MzU4MDEyZDZmM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tK+wRtTaynQ3MddQgvWrpI4yXwd
qFOQ5DHLfFSk27HXwnst0i8s2RrBdCJpU8q8NTUPz4QbBA2yRuz6hYXwnwVMBDge
VvP+1SRCmrzb7OMHa9mcfb7lcEiRQfxB5OXmeqMAs1EM4pisoFZNjIdiKlv2MYKJ
6x1qJcJmDVAe6ZpDe+2iTzz+HohhKJjIRBcSkOx8SCcpfCYi27rgVm/jfVs0ApNB
Xl5L1hJinjo+q69tnprNKEC/KT1TBrtB/xO1LZcWHNvTcIXtNChMT1UFTsFjJ1nn
nx+hgYTGdFX1UGXYJxZn3gZiyqB9VyLqvm6heIDsubOJl+6YbhWpDh8y4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHoNM94Mf7lIeWjteui4NYAS1vP0MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZWcwejNneF91VWg1YU8xNjZMZzFnQkxXOF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABWkwAwQA
BWlBAwQBBWlKAwQABWlhAwQABWl4MA0GCSqGSIb3DQEBCwUAA4IBAQBaK9xc5FtY
kVE9K5GLkaGeU5wGBzoto1ID/Fu47OFP9pVgcyond6m6DUhvULQEAwEZDh00tJeJ
/BdHM1YQq4Ozp1+2HUO6e3Pk6HMRSY62G2s152lqAJgLqiLpSlcdPDPh+QMyslvf
bputy73qgwRGvq33xviE0aZPSb/hKfu4QV4PIy4arKox/OQaKDYltqicvKbGnX2R
IrJTLe5YwhaOnKfXDuBsCZ199eEIMDgJVM9KyrXnD44y36aT9eFIO455VIWZblaa
2n2whX71mxQwSqRRsIOLO8DrpqLB/bCZftBeZeC28J0FZ86az5Mu4eudwmIafKUj
cs5ABntSUBPs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org