Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/shAIPJHpAN1BC57Ku7BnErdqZBw.roa
File: shAIPJHpAN1BC57Ku7BnErdqZBw.roa (raw, json)
Hash identifier: yOaPqgVcpCR1veTCXoB02qewL/bUbgV4fCBurYDax68=
Subject key identifier: B2:10:08:3C:91:E9:00:DD:41:0B:9E:CA:BB:B0:67:12:B7:6A:64:1C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188730E884561FF1E44C5A794BB7C864244
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/shAIPJHpAN1BC57Ku7BnErdqZBw.roa
Signing time: Wed 31 May 2023 18:25:12 +0000
ROA not before: Wed 31 May 2023 18:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 5.105.124.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.29.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.34.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:73:0e:88:45:61:ff:1e:44:c5:a7:94:bb:7c:86:42:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: May 31 18:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b210083c91e900dd410b9ecabbb06712b76a641c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:11:ec:ed:d5:d9:43:a0:16:dd:8b:c0:8f:6e:
96:15:d9:dc:67:4f:22:f4:4c:4d:8a:b1:77:75:e7:
87:e9:56:e8:27:6b:88:88:ae:da:9f:72:e2:5c:4d:
71:98:4f:73:5e:e8:f1:44:15:bc:47:0e:51:4a:35:
21:48:ea:f2:d5:d1:f8:c5:95:9e:3d:da:83:c5:2e:
c0:9c:d7:a4:23:32:0e:93:14:90:ad:9d:2e:e4:76:
49:78:fb:07:02:d1:b7:5d:a4:ca:f9:f8:4f:ea:73:
95:ed:20:ba:5a:0b:7c:85:e4:3d:fd:e2:76:61:04:
6d:da:da:20:90:57:20:13:80:1c:18:7c:71:38:6e:
f6:08:69:62:16:d9:ee:62:b0:b4:36:28:06:95:8f:
88:0f:ec:11:82:49:99:e9:90:6f:6f:5d:5c:8f:db:
8b:aa:ad:e2:bd:d2:c2:cd:79:20:be:25:b6:08:2e:
2c:95:8e:fb:a9:a5:47:2e:ed:f3:95:5d:b8:56:c5:
fd:ea:b7:9d:16:d7:ec:77:1f:50:b1:78:56:1b:83:
41:55:d4:da:1f:47:55:25:74:0d:43:23:da:fd:c6:
da:9b:e0:4d:2a:7a:0b:90:9d:e0:06:b5:3f:3f:3d:
a1:5b:b3:cd:ef:96:dc:a0:86:fb:8c:d6:9b:24:1d:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:10:08:3C:91:E9:00:DD:41:0B:9E:CA:BB:B0:67:12:B7:6A:64:1C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/shAIPJHpAN1BC57Ku7BnErdqZBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.34.0/24
5.105.39.0/24
5.105.113.0/24
5.105.124.0/24
5.105.127.0/24
5.105.139.0/24
5.105.142.0/24
5.105.157.0/24
5.105.200.0/24
5.105.207.0/24
5.105.249.0/24
Signature Algorithm: sha256WithRSAEncryption
15:81:49:f4:40:36:7a:bc:43:b6:ed:e0:e5:58:b2:46:c3:68:
11:93:f7:3c:b6:8a:d5:1d:f0:0a:39:15:bc:9f:ee:aa:ef:ac:
6f:a7:12:09:61:00:34:14:3e:ba:37:31:6a:08:41:c0:a2:b4:
0e:98:da:4a:27:6e:3b:00:43:92:6b:5b:2b:17:7d:f8:0d:0c:
04:41:71:ca:6a:dc:f6:2f:b7:90:a5:fb:23:2c:76:0a:33:7f:
f1:76:08:13:fe:b1:48:5a:c7:2d:e3:22:be:9a:1d:80:a6:7c:
95:78:6b:62:e3:39:34:af:e9:ba:0e:22:d6:4d:74:d2:99:bc:
08:4a:48:e1:91:a2:e5:3d:e5:7e:a0:5d:5d:7f:b2:77:2d:26:
59:c0:51:f0:82:84:00:f8:3f:93:56:93:da:a1:a1:6b:58:44:
4b:19:0b:76:61:5b:6b:0e:04:c9:c8:b7:8f:c0:6d:18:3c:02:
09:1c:a8:56:4a:e4:d7:9f:3d:bf:43:bf:2e:80:f1:e9:78:06:
09:d8:a8:0d:cc:ca:da:b5:88:a0:a1:f2:24:1d:71:5f:1c:17:
93:05:a5:cd:81:66:b8:8b:ba:a4:eb:59:e2:45:54:ea:95:16:
c9:4d:f1:0e:c8:6f:5e:95:a4:86:e3:09:8b:80:11:e5:96:df:
5c:3c:a0:f0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYhzDohFYf8eRMWnlLt8hkJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTMxMTgyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjEwMDgzYzkxZTkwMGRkNDEwYjllY2FiYmIwNjcxMmI3NmE2NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxHs7dXZQ6AW3YvAj26WFdncZ08i
9ExNirF3deeH6VboJ2uIiK7an3LiXE1xmE9zXujxRBW8Rw5RSjUhSOry1dH4xZWe
PdqDxS7AnNekIzIOkxSQrZ0u5HZJePsHAtG3XaTK+fhP6nOV7SC6Wgt8heQ9/eJ2
YQRt2togkFcgE4AcGHxxOG72CGliFtnuYrC0NigGlY+ID+wRgkmZ6ZBvb11cj9uL
qq3ivdLCzXkgviW2CC4slY77qaVHLu3zlV24VsX96redFtfsdx9QsXhWG4NBVdTa
H0dVJXQNQyPa/cbam+BNKnoLkJ3gBrU/Pz2hW7PN75bcoIb7jNabJB1EnQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLIQCDyR6QDdQQueyruwZxK3amQcMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvc2hBSVBKSHBBTjFCQzU3S3U3Qm5FcmRxWkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABWkdAwQA
BWkiAwQABWknAwQABWlxAwQABWl8AwQABWl/AwQABWmLAwQABWmOAwQABWmdAwQA
BWnIAwQABWnPAwQABWn5MA0GCSqGSIb3DQEBCwUAA4IBAQAVgUn0QDZ6vEO27eDl
WLJGw2gRk/c8torVHfAKORW8n+6q76xvpxIJYQA0FD66NzFqCEHAorQOmNpKJ247
AEOSa1srF334DQwEQXHKatz2L7eQpfsjLHYKM3/xdggT/rFIWsct4yK+mh2ApnyV
eGti4zk0r+m6DiLWTXTSmbwISkjhkaLlPeV+oF1df7J3LSZZwFHwgoQA+D+TVpPa
oaFrWERLGQt2YVtrDgTJyLePwG0YPAIJHKhWSuTXnz2/Q78ugPHpeAYJ2KgNzMra
tYigofIkHXFfHBeTBaXNgWa4i7qk61niRVTqlRbJTfEOyG9elaSG4wmLgBHllt9c
PKDw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:54 2025 by rpki-client