Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xrHhBH2vZR73KBtKn13gNdRDxhY.roa
File: xrHhBH2vZR73KBtKn13gNdRDxhY.roa (raw, json)
Hash identifier: q1z9M7SfXy669aBuNVOtCpQ6G5e116ErPScFVjj0E9k=
Subject key identifier: C6:B1:E1:04:7D:AF:65:1E:F7:28:1B:4A:9F:5D:E0:35:D4:43:C6:16
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018554CFC96E3402DA2F3BD900DE7ADF6A4E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xrHhBH2vZR73KBtKn13gNdRDxhY.roa
Signing time: Tue 27 Dec 2022 18:19:41 +0000
ROA not before: Tue 27 Dec 2022 18:19:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.105.29.0/24 maxlen: 24
5.105.248.0/23 maxlen: 24
5.105.164.0/23 maxlen: 24
91.200.212.0/22 maxlen: 24
5.105.186.0/23 maxlen: 24
5.105.198.0/23 maxlen: 24
5.105.206.0/23 maxlen: 24
5.105.202.0/23 maxlen: 24
85.255.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:54:cf:c9:6e:34:02:da:2f:3b:d9:00:de:7a:df:6a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 27 18:19:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6b1e1047daf651ef7281b4a9f5de035d443c616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1a:3a:65:ce:13:3d:1e:06:07:8d:26:a3:47:
91:48:9c:ea:c7:a1:39:4a:b5:37:2c:d3:8e:ed:cb:
de:fc:41:d7:a2:f4:21:ea:74:ce:f7:ca:d1:12:2b:
57:df:a7:b4:fe:f3:37:e7:58:44:3f:48:0a:04:d6:
37:cb:13:c8:ce:82:e3:73:f0:1c:17:a6:d2:e0:a9:
7b:74:50:35:b4:3d:fa:b7:a5:a8:ce:8c:f1:09:ee:
25:54:56:e6:a1:31:cd:8a:3e:b3:f4:f2:65:c5:8b:
21:9c:42:de:d9:28:bd:ec:b0:88:2f:44:b9:32:08:
c2:61:48:73:f9:8f:13:4b:4e:b8:44:da:16:2a:14:
35:1b:ca:ed:07:2e:b1:df:93:21:4f:ca:d5:24:6e:
0b:bd:54:1f:75:4c:c3:cc:a8:b3:19:56:68:02:57:
84:95:5b:86:46:d1:92:a4:24:b9:05:76:97:9a:21:
fc:f4:1c:4a:ed:a8:e0:3e:f5:70:09:44:7a:36:ac:
80:cb:7f:12:b3:f1:d6:92:4a:9a:3d:8f:7f:ee:81:
61:f1:27:b9:ae:25:3a:69:93:7c:5c:11:ab:1b:08:
7e:d6:dc:14:a4:c6:5c:9b:45:39:e3:71:59:ed:b4:
ee:66:fc:42:e3:41:b1:10:f9:3a:a1:fb:fe:b8:28:
cc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B1:E1:04:7D:AF:65:1E:F7:28:1B:4A:9F:5D:E0:35:D4:43:C6:16
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/xrHhBH2vZR73KBtKn13gNdRDxhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
5.105.164.0/23
5.105.186.0/23
5.105.198.0/23
5.105.202.0/23
5.105.206.0/23
5.105.248.0/23
85.255.176.0/21
91.200.212.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c7:04:a0:04:87:82:85:06:c3:0e:4f:7b:4b:78:9d:2d:84:
46:95:9e:4d:24:82:60:d2:1d:85:ff:17:a9:81:4f:b7:f7:95:
96:18:1f:3c:70:7b:01:aa:53:b9:63:91:98:0b:8b:e5:b6:b3:
a0:bf:ea:6b:0e:42:b0:52:08:03:8c:f3:af:9c:99:d2:f8:8a:
8d:7c:6f:7e:03:7f:1e:2d:9f:80:dd:e9:14:af:26:05:6b:23:
fe:c8:64:8c:ad:6e:77:75:66:69:0b:0c:50:72:b7:36:88:29:
a6:65:27:68:66:42:16:f2:a5:ad:59:8c:a6:0a:1f:cf:6e:ef:
ac:85:cc:9f:ee:08:d2:66:3f:bf:1e:9f:80:8a:75:3a:d4:df:
67:17:9c:84:de:45:d0:d6:0c:0f:7a:29:cc:a9:20:13:a3:dc:
7a:80:09:30:93:35:83:66:22:df:dc:fb:40:60:bb:2a:cc:f1:
1b:a8:3d:16:4f:b2:25:15:8b:d9:5b:00:8b:13:19:69:76:34:
ae:44:59:41:4d:87:6e:03:e4:ec:85:dd:86:2d:52:49:44:e9:
50:cc:21:d3:a1:7f:89:2e:6c:9c:9c:35:a1:2b:7b:60:28:bd:
9f:9c:f2:85:c1:d6:03:00:98:99:99:61:05:91:54:6f:cc:96:
5e:a1:86:1e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVUz8luNALaLzvZAN5632pOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjI3MTgxOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIxZTEwNDdkYWY2NTFlZjcyODFiNGE5ZjVkZTAzNWQ0NDNjNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBo6Zc4TPR4GB40mo0eRSJzqx6E5
SrU3LNOO7cve/EHXovQh6nTO98rREitX36e0/vM351hEP0gKBNY3yxPIzoLjc/Ac
F6bS4Kl7dFA1tD36t6WozozxCe4lVFbmoTHNij6z9PJlxYshnELe2Si97LCIL0S5
MgjCYUhz+Y8TS064RNoWKhQ1G8rtBy6x35MhT8rVJG4LvVQfdUzDzKizGVZoAleE
lVuGRtGSpCS5BXaXmiH89BxK7ajgPvVwCUR6NqyAy38Ss/HWkkqaPY9/7oFh8Se5
riU6aZN8XBGrGwh+1twUpMZcm0U543FZ7bTuZvxC40GxEPk6ofv+uCjMjQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMax4QR9r2Ue9ygbSp9d4DXUQ8YWMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEveHJIaEJIMnZaUjczS0J0S24xM2dOZFJEeGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABWkdAwQB
BWmkAwQBBWm6AwQBBWnGAwQBBWnKAwQBBWnOAwQBBWn4AwQDVf+wAwQCW8jUMA0G
CSqGSIb3DQEBCwUAA4IBAQAexwSgBIeChQbDDk97S3idLYRGlZ5NJIJg0h2F/xep
gU+395WWGB88cHsBqlO5Y5GYC4vltrOgv+prDkKwUggDjPOvnJnS+IqNfG9+A38e
LZ+A3ekUryYFayP+yGSMrW53dWZpCwxQcrc2iCmmZSdoZkIW8qWtWYymCh/Pbu+s
hcyf7gjSZj+/Hp+AinU61N9nF5yE3kXQ1gwPeinMqSATo9x6gAkwkzWDZiLf3PtA
YLsqzPEbqD0WT7IlFYvZWwCLExlpdjSuRFlBTYduA+Tshd2GLVJJROlQzCHToX+J
LmycnDWhK3tgKL2fnPKFwdYDAJiZmWEFkVRvzJZeoYYe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org