Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/p6bU3kd_8HcD1joNg3_Jv1lgiqc.roa
File: p6bU3kd_8HcD1joNg3_Jv1lgiqc.roa (raw, json)
Hash identifier: cEkpZ5k2MRwyYYJN4uZs+efDIIeOuH3F5Ty4Mnwtj9o=
Subject key identifier: A7:A6:D4:DE:47:7F:F0:77:03:D6:3A:0D:83:7F:C9:BF:59:60:8A:A7
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018408D81E65831374DA948F7747DA1C0F05
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/p6bU3kd_8HcD1joNg3_Jv1lgiqc.roa
Signing time: Mon 24 Oct 2022 07:14:52 +0000
ROA not before: Mon 24 Oct 2022 07:14:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 5.105.120.0/24 maxlen: 24
5.105.123.0/24 maxlen: 24
5.105.48.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:d8:1e:65:83:13:74:da:94:8f:77:47:da:1c:0f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 24 07:14:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7a6d4de477ff07703d63a0d837fc9bf59608aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:0b:ac:f3:4e:d0:98:75:46:22:f3:c7:76:
3a:fe:9f:b7:47:d0:66:ba:47:58:01:72:ab:87:f6:
16:71:34:1c:5d:ed:4d:c5:49:8f:a3:a3:36:ab:cb:
f9:77:26:35:40:2b:42:a2:3d:10:aa:e0:55:7c:8c:
62:cc:57:67:2c:04:00:31:f7:50:e7:0e:9b:0f:d2:
43:cf:07:18:85:55:68:44:6b:bd:c8:67:e4:3e:7b:
91:e1:1d:a9:26:cd:0f:0c:78:af:17:59:31:4e:7f:
71:9e:65:c3:fb:2e:83:1f:bb:a6:e1:84:18:88:79:
38:88:bc:44:3b:a3:50:94:8d:e4:79:5a:81:65:9e:
93:75:7a:95:91:10:60:1d:4f:22:d3:80:44:e3:01:
4e:bf:56:31:e5:90:0d:c6:b4:4b:1c:49:71:a3:a5:
9d:5b:54:61:73:b4:61:b3:a3:91:75:56:52:27:6d:
45:3d:67:d6:2e:df:a5:3e:11:a8:69:9c:59:71:da:
26:05:01:13:20:5c:22:f0:97:c8:0e:39:39:fa:9f:
5e:fa:6b:f0:10:a2:2e:b3:85:c0:ea:1c:55:84:f9:
bc:6a:36:cb:50:3f:80:5b:d5:74:08:c8:ef:d7:3c:
5b:52:60:f9:b1:a5:d1:e0:08:63:3c:b4:7c:7e:03:
be:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A6:D4:DE:47:7F:F0:77:03:D6:3A:0D:83:7F:C9:BF:59:60:8A:A7
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/p6bU3kd_8HcD1joNg3_Jv1lgiqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.48.0/24
5.105.57.0/24
5.105.65.0/24
5.105.74.0/23
5.105.97.0/24
5.105.120.0/24
5.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
50:80:0e:17:d8:9e:7b:83:97:35:14:90:db:97:9b:2c:7e:ec:
50:21:0c:9b:a9:db:cd:a4:7d:24:02:13:3f:cc:8c:67:7a:fe:
74:6a:01:82:d2:15:35:b4:93:d2:63:ca:68:93:30:01:6d:26:
bf:34:b5:3f:83:a4:84:e1:17:c7:0c:be:3b:43:17:21:0f:6a:
c0:2f:24:8a:31:e7:83:b9:c4:cc:c4:f1:18:c3:6d:63:2b:9d:
7d:33:a9:ba:16:7f:ed:42:3f:58:08:20:f9:b3:83:2f:50:bc:
19:c1:52:fb:b5:c8:42:dc:32:a8:91:04:8a:9b:9d:f7:c4:37:
34:73:88:84:2c:bc:91:d9:f4:eb:06:91:ef:e5:40:0f:7a:49:
f8:f6:ac:61:54:43:51:40:4d:ed:7a:24:15:30:fe:90:7d:b2:
ee:00:34:0b:64:52:05:24:88:52:4d:f5:73:d8:58:31:ff:6f:
2b:96:1c:ca:22:43:e1:b3:78:8f:58:28:87:8a:b4:69:82:a2:
71:78:27:b8:f5:b3:94:29:d9:fc:7a:f0:d2:e8:e7:9d:cd:00:
76:7b:0f:60:35:f3:e9:cf:35:74:1d:3c:62:2e:8e:42:26:c5:
7b:d0:91:71:a1:78:86:7e:0f:2b:24:8b:45:c3:0b:68:91:0d:
4d:43:af:3f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQI2B5lgxN02pSPd0faHA8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDI0MDcxNDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2E2ZDRkZTQ3N2ZmMDc3MDNkNjNhMGQ4MzdmYzliZjU5NjA4YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOsLrPNO0Jh1RiLzx3Y6/p+3R9Bm
ukdYAXKrh/YWcTQcXe1NxUmPo6M2q8v5dyY1QCtCoj0QquBVfIxizFdnLAQAMfdQ
5w6bD9JDzwcYhVVoRGu9yGfkPnuR4R2pJs0PDHivF1kxTn9xnmXD+y6DH7um4YQY
iHk4iLxEO6NQlI3keVqBZZ6TdXqVkRBgHU8i04BE4wFOv1Yx5ZANxrRLHElxo6Wd
W1Rhc7Rhs6ORdVZSJ21FPWfWLt+lPhGoaZxZcdomBQETIFwi8JfIDjk5+p9e+mvw
EKIus4XA6hxVhPm8ajbLUD+AW9V0CMjv1zxbUmD5saXR4AhjPLR8fgO+OwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKem1N5Hf/B3A9Y6DYN/yb9ZYIqnMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcDZiVTNrZF84SGNEMWpvTmczX0p2MWxnaXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkwAwQA
BWk5AwQABWlBAwQBBWlKAwQABWlhAwQABWl4AwQABWl7MA0GCSqGSIb3DQEBCwUA
A4IBAQBQgA4X2J57g5c1FJDbl5ssfuxQIQybqdvNpH0kAhM/zIxnev50agGC0hU1
tJPSY8pokzABbSa/NLU/g6SE4RfHDL47QxchD2rALySKMeeDucTMxPEYw21jK519
M6m6Fn/tQj9YCCD5s4MvULwZwVL7tchC3DKokQSKm533xDc0c4iELLyR2fTrBpHv
5UAPekn49qxhVENRQE3teiQVMP6QfbLuADQLZFIFJIhSTfVz2Fgx/28rlhzKIkPh
s3iPWCiHirRpgqJxeCe49bOUKdn8evDS6OedzQB2ew9gNfPpzzV0HTxiLo5CJsV7
0JFxoXiGfg8rJItFwwtokQ1NQ68/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:40 2025 by rpki-client