Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/fjwEAoyoamsM1riyXft00Zuz1uw.roa
File: fjwEAoyoamsM1riyXft00Zuz1uw.roa (raw, json)
Hash identifier: p66ZhxpSGdo/Mbi6A9zjCGugfEppBqvhcKsIeKwUiDw=
Subject key identifier: 7E:3C:04:02:8C:A8:6A:6B:0C:D6:B8:B2:5D:FB:74:D1:9B:B3:D6:EC
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018804DB6E068A0474B93433F2D512C66E3D
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/fjwEAoyoamsM1riyXft00Zuz1uw.roa
Signing time: Wed 10 May 2023 08:51:09 +0000
ROA not before: Wed 10 May 2023 08:51:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 5.105.23.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.44.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:db:6e:06:8a:04:74:b9:34:33:f2:d5:12:c6:6e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: May 10 08:51:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e3c04028ca86a6b0cd6b8b25dfb74d19bb3d6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2a:1a:22:98:d0:59:94:86:f3:cd:5b:9f:fd:
19:a7:c0:e5:5b:b4:a9:d5:60:51:c4:7c:be:c5:05:
80:31:c4:8d:8a:36:a0:f9:62:1c:83:ee:6e:e3:de:
5c:7d:a0:27:da:4c:d4:58:b5:5a:d2:e7:42:63:75:
0b:5f:57:38:c1:85:0b:45:30:69:9e:21:4a:a2:ea:
e5:86:2a:c0:2d:35:e8:6c:4f:4b:ca:fb:dc:2a:b3:
a4:a1:b6:53:a9:0b:9c:de:af:b4:7d:26:81:d4:77:
12:2a:b9:07:13:b4:16:27:a9:9c:bf:b3:f0:e6:5d:
4e:f1:66:5f:06:f3:19:d5:34:7a:6c:4b:4c:8f:f4:
bd:87:1e:28:f2:a3:cc:71:74:7f:46:59:00:5b:f5:
bd:c0:27:c3:da:8f:71:23:4d:73:0c:d4:dc:80:ee:
0d:8d:62:54:dd:ba:d4:ca:76:6e:34:fa:46:05:8e:
75:d8:7d:d8:b0:7c:43:17:25:44:f1:8e:d4:d8:98:
e9:5b:1e:2c:64:83:cf:1b:62:4c:7d:e5:e6:1f:9d:
df:55:cb:5d:39:16:60:8f:e4:52:4e:df:b6:de:ca:
d6:e4:56:8b:37:4f:df:48:da:02:6e:1a:7a:72:71:
e3:01:fd:d5:df:0d:15:e7:68:bd:4c:63:ab:ee:b6:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3C:04:02:8C:A8:6A:6B:0C:D6:B8:B2:5D:FB:74:D1:9B:B3:D6:EC
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/fjwEAoyoamsM1riyXft00Zuz1uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.23.0/24
5.105.44.0/24
5.105.112.0/24
5.105.114.0/23
5.105.172.0/24
5.105.248.0/24
Signature Algorithm: sha256WithRSAEncryption
59:9a:f9:4a:9a:c8:b2:08:15:0d:15:a9:d8:38:1a:d0:cd:95:
57:10:39:16:fb:02:4d:cd:8f:6f:af:b9:2b:73:2a:f1:26:92:
30:5c:15:38:84:1f:8b:57:c0:f9:0b:b6:45:9d:35:db:57:80:
9c:16:ea:aa:4f:8d:53:95:1c:53:26:71:d1:82:02:19:ce:ca:
e5:e7:05:80:f1:ea:98:64:96:c2:ab:45:f5:6a:f2:87:1c:e3:
6f:a6:be:9e:4a:98:34:c1:9b:01:0a:3b:92:63:92:e2:0a:1a:
51:18:1e:84:7a:5d:16:56:e6:b9:41:86:87:46:36:b1:4b:37:
3f:39:8f:c8:3d:3a:82:87:08:45:bf:f0:6b:af:26:7f:f9:00:
cf:76:e0:21:3a:c7:fc:86:fa:11:be:ae:6b:d6:4c:51:b5:b5:
26:ab:f4:e0:7f:98:5c:83:a6:15:0a:9d:58:e7:29:4a:b6:c3:
64:24:e2:e2:fa:41:77:aa:40:de:57:de:db:a1:33:09:47:cd:
e7:56:9e:d0:d1:b0:a8:2f:c5:c3:38:69:b5:b9:9a:90:90:dc:
2e:ea:96:76:9f:d5:15:29:11:0d:ca:60:3d:39:61:d0:d8:88:
2f:46:8f:1e:f5:a3:92:2b:e0:91:56:7d:59:56:25:db:c2:55:
ed:b6:e3:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgE224GigR0uTQz8tUSxm49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTEwMDg1MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTNjMDQwMjhjYTg2YTZiMGNkNmI4YjI1ZGZiNzRkMTliYjNkNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSoaIpjQWZSG881bn/0Zp8DlW7Sp
1WBRxHy+xQWAMcSNijag+WIcg+5u495cfaAn2kzUWLVa0udCY3ULX1c4wYULRTBp
niFKourlhirALTXobE9LyvvcKrOkobZTqQuc3q+0fSaB1HcSKrkHE7QWJ6mcv7Pw
5l1O8WZfBvMZ1TR6bEtMj/S9hx4o8qPMcXR/RlkAW/W9wCfD2o9xI01zDNTcgO4N
jWJU3brUynZuNPpGBY512H3YsHxDFyVE8Y7U2JjpWx4sZIPPG2JMfeXmH53fVctd
ORZgj+RSTt+23srW5FaLN0/fSNoCbhp6cnHjAf3V3w0V52i9TGOr7rYzZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH48BAKMqGprDNa4sl37dNGbs9bsMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZmp3RUFveW9hbXNNMXJpeVhmdDAwWnV6MXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWkXAwQA
BWksAwQABWlwAwQBBWlyAwQABWmsAwQABWn4MA0GCSqGSIb3DQEBCwUAA4IBAQBZ
mvlKmsiyCBUNFanYOBrQzZVXEDkW+wJNzY9vr7krcyrxJpIwXBU4hB+LV8D5C7ZF
nTXbV4CcFuqqT41TlRxTJnHRggIZzsrl5wWA8eqYZJbCq0X1avKHHONvpr6eSpg0
wZsBCjuSY5LiChpRGB6Eel0WVua5QYaHRjaxSzc/OY/IPTqChwhFv/BrryZ/+QDP
duAhOsf8hvoRvq5r1kxRtbUmq/Tgf5hcg6YVCp1Y5ylKtsNkJOLi+kF3qkDeV97b
oTMJR83nVp7Q0bCoL8XDOGm1uZqQkNwu6pZ2n9UVKRENymA9OWHQ2IgvRo8e9aOS
K+CRVn1ZViXbwlXttuNN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:58 2025 by rpki-client