Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/jkgTkZFbnl7lpUhL2NcYA71wZSE.roa
File: jkgTkZFbnl7lpUhL2NcYA71wZSE.roa (raw, json)
Hash identifier: htRq0j6ogI7i77E5RFUjJyG/Sov/1GyQRhOeuqw2JLE=
Subject key identifier: 8E:48:13:91:91:5B:9E:5E:E5:A5:48:4B:D8:D7:18:03:BD:70:65:21
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018AAD00DFAA8F5307446A6D719480F03230
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/jkgTkZFbnl7lpUhL2NcYA71wZSE.roa
Signing time: Tue 19 Sep 2023 10:33:50 +0000
ROA not before: Tue 19 Sep 2023 10:33:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 5.105.22.0/24 maxlen: 24
5.105.128.0/24 maxlen: 24
5.105.248.0/23 maxlen: 24
217.67.78.0/23 maxlen: 24
5.105.110.0/24 maxlen: 24
5.105.3.0/24 maxlen: 24
5.105.114.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:00:df:aa:8f:53:07:44:6a:6d:71:94:80:f0:32:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Sep 19 10:33:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e481391915b9e5ee5a5484bd8d71803bd706521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7a:2c:fa:7b:89:91:d1:08:43:78:fd:db:30:
04:49:f6:fd:15:ae:ff:62:3f:6f:38:21:7e:14:91:
1b:31:cf:c3:b1:f9:7d:81:55:53:b8:2d:bd:3f:7a:
ee:0d:61:60:cb:c0:e7:ba:22:cc:e2:6b:1b:a5:7d:
01:9c:f6:d4:a3:ef:89:a4:8a:44:b7:b8:18:f2:46:
f1:9b:8b:52:12:51:17:fc:db:0e:49:7e:5b:2e:6c:
74:7d:3a:e3:26:f4:1c:72:82:f3:1d:77:02:28:33:
95:80:2b:c1:00:97:8d:2e:14:bb:63:d8:38:ad:2c:
80:f5:bd:6f:b8:9e:0a:45:28:8c:04:16:f5:aa:cf:
91:81:89:95:94:cf:7f:3f:ea:3c:88:fc:0c:c9:9d:
f0:26:6d:36:80:f9:6c:c6:14:c1:26:5d:d3:ad:0d:
9c:c8:14:04:82:10:95:1b:43:f4:08:44:67:fa:a4:
a0:78:76:33:8b:11:cc:bb:a6:1d:e9:6a:8e:8f:6b:
54:60:ea:5d:45:61:d8:9c:7f:ae:06:aa:3f:e9:d9:
c3:a1:1e:52:fa:b8:58:d8:14:36:1f:82:22:31:81:
23:89:45:5f:44:65:4d:b1:92:46:a9:88:0f:cd:03:
11:17:da:7a:e2:86:0f:3f:ad:a7:58:5b:47:e2:60:
a0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:48:13:91:91:5B:9E:5E:E5:A5:48:4B:D8:D7:18:03:BD:70:65:21
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/jkgTkZFbnl7lpUhL2NcYA71wZSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.3.0/24
5.105.22.0/24
5.105.110.0/24
5.105.114.0/23
5.105.128.0/24
5.105.248.0/23
217.67.78.0/23
Signature Algorithm: sha256WithRSAEncryption
99:be:30:13:93:06:22:30:ec:3b:27:71:f2:92:68:b4:13:3e:
91:96:b6:e9:97:2c:49:ff:f6:24:78:29:66:2d:c5:81:dc:fe:
b5:5c:91:f1:61:16:3c:8b:64:56:f2:95:1d:21:a1:47:e6:48:
d0:d1:49:10:e4:27:d9:88:34:0a:7c:ac:31:77:32:8b:67:29:
5c:79:0f:54:a1:f5:a8:36:14:d7:fd:4a:2b:97:22:c0:aa:96:
89:57:7b:de:05:b9:21:69:df:8e:08:db:bd:18:07:37:9a:9c:
bc:12:db:3a:1a:95:31:ab:3f:4a:51:b2:8c:64:8a:1d:36:c6:
4c:b4:42:f0:92:d8:c0:49:e8:67:e4:a9:e4:c8:cd:44:c7:92:
21:89:75:8b:60:d6:10:86:05:ec:5e:f7:c3:46:aa:25:54:7f:
de:16:7d:a0:e1:91:cf:26:e9:47:f5:3a:ce:d0:e3:46:65:5f:
00:0c:5e:cf:fb:51:d5:db:9a:2c:35:69:7a:c6:08:58:2a:7d:
d5:9f:a8:4f:71:ab:1f:17:18:5c:36:f2:7e:78:96:ab:72:1e:
1c:25:f2:cc:f7:04:1f:66:ae:2b:6c:da:75:a5:f3:20:1a:9f:
53:cf:2a:d9:45:66:98:76:4a:4f:3b:17:fd:26:72:de:f6:cc:
e7:be:82:72
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqtAN+qj1MHRGptcZSA8DIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTE5MTAzMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ4MTM5MTkxNWI5ZTVlZTVhNTQ4NGJkOGQ3MTgwM2JkNzA2NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHos+nuJkdEIQ3j92zAESfb9Fa7/
Yj9vOCF+FJEbMc/Dsfl9gVVTuC29P3ruDWFgy8DnuiLM4msbpX0BnPbUo++JpIpE
t7gY8kbxm4tSElEX/NsOSX5bLmx0fTrjJvQccoLzHXcCKDOVgCvBAJeNLhS7Y9g4
rSyA9b1vuJ4KRSiMBBb1qs+RgYmVlM9/P+o8iPwMyZ3wJm02gPlsxhTBJl3TrQ2c
yBQEghCVG0P0CERn+qSgeHYzixHMu6Yd6WqOj2tUYOpdRWHYnH+uBqo/6dnDoR5S
+rhY2BQ2H4IiMYEjiUVfRGVNsZJGqYgPzQMRF9p64oYPP62nWFtH4mCg2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI5IE5GRW55e5aVIS9jXGAO9cGUhMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvamtnVGtaRmJubDdscFVoTDJOY1lBNzF3WlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkDAwQA
BWkWAwQABWluAwQBBWlyAwQABWmAAwQBBWn4AwQB2UNOMA0GCSqGSIb3DQEBCwUA
A4IBAQCZvjATkwYiMOw7J3Hykmi0Ez6RlrbplyxJ//YkeClmLcWB3P61XJHxYRY8
i2RW8pUdIaFH5kjQ0UkQ5CfZiDQKfKwxdzKLZylceQ9UofWoNhTX/UorlyLAqpaJ
V3veBbkhad+OCNu9GAc3mpy8Ets6GpUxqz9KUbKMZIodNsZMtELwktjASehn5Knk
yM1Ex5IhiXWLYNYQhgXsXvfDRqolVH/eFn2g4ZHPJulH9TrO0ONGZV8ADF7P+1HV
25osNWl6xghYKn3Vn6hPcasfFxhcNvJ+eJarch4cJfLM9wQfZq4rbNp1pfMgGp9T
zyrZRWaYdkpPOxf9JnLe9sznvoJy
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:12:48 2025 by rpki-client