Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/v9xcCDnwMOpEfHekhzExidgdUt8.roa
File: v9xcCDnwMOpEfHekhzExidgdUt8.roa (raw, json)
Hash identifier: ly+Yavq59+ZifxaT9LCin1nfZI37lSHrHK6MCYD2AcA=
Subject key identifier: BF:DC:5C:08:39:F0:30:EA:44:7C:77:A4:87:31:31:89:D8:1D:52:DF
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01844E8BB7C76D775471B5CC28656621F29B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/v9xcCDnwMOpEfHekhzExidgdUt8.roa
Signing time: Sun 06 Nov 2022 20:04:50 +0000
ROA not before: Sun 06 Nov 2022 20:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 5.105.124.0/24 maxlen: 24
5.105.129.0/24 maxlen: 24
5.105.135.0/24 maxlen: 24
5.105.98.0/24 maxlen: 24
5.105.102.0/24 maxlen: 24
5.105.238.0/24 maxlen: 24
5.105.241.0/24 maxlen: 24
5.105.27.0/24 maxlen: 24
5.105.252.0/24 maxlen: 24
5.105.253.0/24 maxlen: 24
5.105.188.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4e:8b:b7:c7:6d:77:54:71:b5:cc:28:65:66:21:f2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Nov 6 20:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfdc5c0839f030ea447c77a487313189d81d52df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:69:9e:2e:2c:8c:92:23:e8:2f:55:68:fc:57:
af:b1:a1:db:3f:9e:64:3f:de:e0:44:c4:fa:01:fe:
6c:98:40:21:e7:a8:28:e7:b0:a2:44:b4:28:ea:d0:
52:fe:88:d0:3e:58:a1:52:51:cc:87:ef:ff:e9:af:
b3:1f:c8:e7:e1:95:06:cd:2d:1a:b2:f4:3c:18:68:
90:36:eb:75:07:5e:ac:bb:fe:81:10:54:f7:f1:fd:
6d:9e:12:1f:7f:fb:f8:45:a6:c7:7d:46:4c:be:7a:
c6:1e:a9:4e:10:bd:d7:24:0c:9a:52:65:a1:a6:5b:
b8:e3:aa:ba:dc:c1:68:41:01:d4:cb:b2:94:86:88:
02:d1:c5:c1:50:88:69:4e:4e:b8:20:75:3b:37:c5:
4c:96:0a:3e:0a:d8:a3:c3:0c:0b:67:57:88:e8:21:
e1:85:f3:ce:97:c6:f2:5d:a9:61:23:c6:48:d0:62:
1f:4f:90:59:55:23:42:0d:db:e6:ee:b0:9d:1b:7f:
d7:19:a6:48:75:e0:b9:84:31:7e:9f:fa:16:25:b3:
58:9b:56:4b:17:9e:5e:18:68:83:d8:f9:be:81:5f:
91:f5:07:3e:5e:77:f6:6b:af:dc:b7:84:95:3f:e2:
28:22:be:ea:ae:d7:b4:49:99:c1:4c:63:23:bc:88:
37:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DC:5C:08:39:F0:30:EA:44:7C:77:A4:87:31:31:89:D8:1D:52:DF
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/v9xcCDnwMOpEfHekhzExidgdUt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.27.0/24
5.105.98.0/24
5.105.102.0/24
5.105.124.0/24
5.105.129.0/24
5.105.135.0/24
5.105.188.0/24
5.105.204.0/24
5.105.238.0/24
5.105.241.0/24
5.105.252.0/23
Signature Algorithm: sha256WithRSAEncryption
69:56:80:d7:7b:19:e4:31:b3:50:3f:fb:fa:9c:33:e3:d9:30:
75:c3:e6:5a:66:d8:7a:24:66:4b:6b:16:67:77:ca:8a:54:77:
08:f3:b8:73:08:1a:38:a5:e9:1f:b0:cb:db:8e:55:e4:7b:20:
1a:1d:19:7d:8b:0e:c2:ac:2e:d7:a5:a5:0a:e2:63:5a:41:45:
29:02:95:c4:10:e7:d5:55:ac:dc:1c:44:ca:7f:42:15:11:84:
b7:bf:fd:d6:7e:ea:a8:74:49:09:ec:94:00:34:ea:59:37:95:
c7:5d:a9:33:2f:ad:e6:8d:f0:bb:eb:52:b2:a5:ca:80:94:c1:
9a:c6:5b:5e:26:64:1a:f6:49:46:8d:f0:2e:86:d2:81:bb:60:
71:f7:e7:e0:15:ff:88:b2:2e:5a:ea:5a:99:c1:8e:87:7d:42:
2c:c7:20:57:7b:22:19:7d:ca:99:de:dc:fd:d7:57:86:32:81:
0b:76:97:bd:2f:ac:82:36:a9:91:81:0a:f7:38:a3:61:10:f3:
9c:a9:33:54:10:fd:51:54:5a:7c:b0:69:18:f0:57:03:97:8c:
50:b8:98:ff:aa:cb:72:08:f3:5a:7a:b1:20:c4:40:d7:45:ec:
59:bc:3b:7a:ef:dd:1a:cf:c8:5b:e3:67:24:39:c2:b5:c0:70:
b5:dd:74:4f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYROi7fHbXdUcbXMKGVmIfKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTA2MjAwNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmRjNWMwODM5ZjAzMGVhNDQ3Yzc3YTQ4NzMxMzE4OWQ4MWQ1MmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWmeLiyMkiPoL1Vo/FevsaHbP55k
P97gRMT6Af5smEAh56go57CiRLQo6tBS/ojQPlihUlHMh+//6a+zH8jn4ZUGzS0a
svQ8GGiQNut1B16su/6BEFT38f1tnhIff/v4RabHfUZMvnrGHqlOEL3XJAyaUmWh
plu446q63MFoQQHUy7KUhogC0cXBUIhpTk64IHU7N8VMlgo+CtijwwwLZ1eI6CHh
hfPOl8byXalhI8ZI0GIfT5BZVSNCDdvm7rCdG3/XGaZIdeC5hDF+n/oWJbNYm1ZL
F55eGGiD2Pm+gV+R9Qc+Xnf2a6/ct4SVP+IoIr7qrte0SZnBTGMjvIg3ZwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFL/cXAg58DDqRHx3pIcxMYnYHVLfMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdjl4Y0NEbndNT3BFZkhla2h6RXhpZGdkVXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABWkCAwQA
BWkbAwQABWliAwQABWlmAwQABWl8AwQABWmBAwQABWmHAwQABWm8AwQABWnMAwQA
BWnuAwQABWnxAwQBBWn8MA0GCSqGSIb3DQEBCwUAA4IBAQBpVoDXexnkMbNQP/v6
nDPj2TB1w+ZaZth6JGZLaxZnd8qKVHcI87hzCBo4pekfsMvbjlXkeyAaHRl9iw7C
rC7XpaUK4mNaQUUpApXEEOfVVazcHETKf0IVEYS3v/3WfuqodEkJ7JQANOpZN5XH
XakzL63mjfC761KypcqAlMGaxlteJmQa9klGjfAuhtKBu2Bx9+fgFf+Isi5a6lqZ
wY6HfUIsxyBXeyIZfcqZ3tz911eGMoELdpe9L6yCNqmRgQr3OKNhEPOcqTNUEP1R
VFp8sGkY8FcDl4xQuJj/qstyCPNaerEgxEDXRexZvDt6790az8hb42ckOcK1wHC1
3XRP
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:27 2025 by rpki-client