Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/rF4a7jWAD3gZ8JKrDr32XEDxjiY.roa
File: rF4a7jWAD3gZ8JKrDr32XEDxjiY.roa (raw, json)
Hash identifier: qohi6V9qq5Wwq8ZtLaS6+wvYFI43mVVRHtizSS0kLy4=
Subject key identifier: AC:5E:1A:EE:35:80:0F:78:19:F0:92:AB:0E:BD:F6:5C:40:F1:8E:26
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01841AAEC24CFBFCB921834E0C295344ABD2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/rF4a7jWAD3gZ8JKrDr32XEDxjiY.roa
Signing time: Thu 27 Oct 2022 18:22:51 +0000
ROA not before: Thu 27 Oct 2022 18:22:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15083
IP address blocks: 5.105.128.0/24 maxlen: 24
5.105.133.0/24 maxlen: 24
5.105.140.0/24 maxlen: 24
5.105.70.0/24 maxlen: 24
5.105.78.0/24 maxlen: 24
5.105.85.0/24 maxlen: 24
5.105.99.0/24 maxlen: 24
5.105.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1a:ae:c2:4c:fb:fc:b9:21:83:4e:0c:29:53:44:ab:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 27 18:22:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac5e1aee35800f7819f092ab0ebdf65c40f18e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b1:e8:67:06:4c:1d:8c:75:35:65:d6:5e:9b:
2c:52:77:65:b5:df:35:28:0e:2f:ef:57:74:c2:8e:
b3:f7:8a:ff:d2:dc:5b:f3:44:b6:2e:e5:96:ad:52:
f8:00:ac:ac:9b:df:b9:92:88:62:af:36:c9:9b:00:
6e:4d:8e:1c:52:17:61:8d:92:d2:52:a0:c1:07:e0:
a5:82:e8:a7:03:c8:03:e8:79:a5:c7:1e:c6:86:90:
06:44:f0:d8:52:f2:62:2b:2d:86:e6:a2:a7:b0:96:
9b:18:1c:f3:08:3d:e7:4b:e1:26:20:63:51:7b:22:
f9:73:4b:e1:bb:70:99:58:98:e5:2b:ed:7a:c7:48:
ad:75:ed:be:d0:4c:28:4b:b4:8a:8c:ca:17:8e:c7:
e0:ef:9f:d6:24:01:db:e4:18:2e:b1:f2:a6:b9:79:
de:c7:a2:83:da:e4:e4:68:90:38:75:7e:d8:f2:06:
39:3a:15:c6:8c:39:eb:75:2c:e8:c3:9a:91:f1:fc:
15:f9:d5:97:5d:c6:04:9d:03:63:c9:12:31:25:ac:
6a:94:18:fa:26:73:b0:a0:8a:fa:19:97:56:41:4f:
1e:a3:83:7f:59:00:53:9b:08:d4:a6:45:cf:23:b9:
4b:99:d5:14:57:4e:cd:85:d5:2c:d7:45:1e:9d:76:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5E:1A:EE:35:80:0F:78:19:F0:92:AB:0E:BD:F6:5C:40:F1:8E:26
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/rF4a7jWAD3gZ8JKrDr32XEDxjiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.70.0/24
5.105.78.0/24
5.105.85.0/24
5.105.99.0/24
5.105.109.0/24
5.105.128.0/24
5.105.133.0/24
5.105.140.0/24
Signature Algorithm: sha256WithRSAEncryption
80:aa:41:cc:4c:fb:1d:a3:ec:00:7f:4d:09:85:3a:61:18:55:
36:b2:e4:dc:c1:0e:7e:96:f1:16:07:60:cb:77:86:51:ca:ad:
09:2f:b7:18:cc:06:34:ab:78:82:e3:7a:6e:3d:d3:ac:61:ee:
dd:af:97:cb:1c:5e:89:a4:e7:0b:f2:e5:d9:77:18:90:94:24:
bc:d8:ec:15:32:3a:14:1d:1c:e4:11:66:af:4f:95:84:2a:fc:
5a:d3:1a:e5:95:cc:26:84:b2:e8:f6:f6:3c:19:46:29:bf:8f:
b4:7f:6f:c3:8b:32:c6:4a:2e:49:85:02:fb:63:9c:a2:63:25:
4b:4f:4e:c6:2b:32:b8:13:4c:70:c5:c1:e2:94:87:c1:e2:3c:
8c:86:76:43:d3:41:99:77:1c:09:ea:13:50:3d:33:da:27:6d:
85:1c:14:73:5c:64:a2:c4:ad:3f:5e:f0:45:6a:64:3e:05:84:
0e:eb:23:a1:c0:cf:62:4c:a6:8c:1d:5d:3f:c7:f6:7d:a2:9e:
77:1f:1a:ea:9a:3a:c0:73:b8:f7:66:7d:37:a3:94:f2:ab:4c:
81:bc:dd:f1:3c:24:44:84:f0:17:1f:73:c3:9a:f2:b2:ff:00:
a0:a6:da:51:8a:45:12:5c:7f:95:c0:71:36:6f:ee:80:a1:22:
95:6a:62:d2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYQarsJM+/y5IYNODClTRKvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDI3MTgyMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzVlMWFlZTM1ODAwZjc4MTlmMDkyYWIwZWJkZjY1YzQwZjE4ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrHoZwZMHYx1NWXWXpssUndltd81
KA4v71d0wo6z94r/0txb80S2LuWWrVL4AKysm9+5kohirzbJmwBuTY4cUhdhjZLS
UqDBB+ClguinA8gD6Hmlxx7GhpAGRPDYUvJiKy2G5qKnsJabGBzzCD3nS+EmIGNR
eyL5c0vhu3CZWJjlK+16x0itde2+0EwoS7SKjMoXjsfg75/WJAHb5BgusfKmuXne
x6KD2uTkaJA4dX7Y8gY5OhXGjDnrdSzow5qR8fwV+dWXXcYEnQNjyRIxJaxqlBj6
JnOwoIr6GZdWQU8eo4N/WQBTmwjUpkXPI7lLmdUUV07NhdUs10UenXZgewIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKxeGu41gA94GfCSqw699lxA8Y4mMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvckY0YTdqV0FEM2daOEpLckRyMzJYRUR4amlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABWlGAwQA
BWlOAwQABWlVAwQABWljAwQABWltAwQABWmAAwQABWmFAwQABWmMMA0GCSqGSIb3
DQEBCwUAA4IBAQCAqkHMTPsdo+wAf00JhTphGFU2suTcwQ5+lvEWB2DLd4ZRyq0J
L7cYzAY0q3iC43puPdOsYe7dr5fLHF6JpOcL8uXZdxiQlCS82OwVMjoUHRzkEWav
T5WEKvxa0xrllcwmhLLo9vY8GUYpv4+0f2/DizLGSi5JhQL7Y5yiYyVLT07GKzK4
E0xwxcHilIfB4jyMhnZD00GZdxwJ6hNQPTPaJ22FHBRzXGSixK0/XvBFamQ+BYQO
6yOhwM9iTKaMHV0/x/Z9op53HxrqmjrAc7j3Zn03o5Tyq0yBvN3xPCREhPAXH3PD
mvKy/wCgptpRikUSXH+VwHE2b+6AoSKVamLS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org