Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0wXMtnCYlOz3Bdty8feys0JSQKU.roa
File: 0wXMtnCYlOz3Bdty8feys0JSQKU.roa (raw, json)
Hash identifier: 9C0lM3PLn9mxI7EkpFPpxQo2sY+jsr5I5JVlafGM69Y=
Subject key identifier: D3:05:CC:B6:70:98:94:EC:F7:05:DB:72:F1:F7:B2:B3:42:52:40:A5
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018634FC32B5A374E821675D7B01087C4F25
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0wXMtnCYlOz3Bdty8feys0JSQKU.roa
Signing time: Thu 09 Feb 2023 07:03:08 +0000
ROA not before: Thu 09 Feb 2023 07:03:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 193.46.210.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.130.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.156.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.79.0/24 maxlen: 24
5.105.95.0/24 maxlen: 24
5.105.103.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.108.0/24 maxlen: 24
5.105.106.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.252.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.195.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.197.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.214.0/24 maxlen: 24
5.105.12.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:34:fc:32:b5:a3:74:e8:21:67:5d:7b:01:08:7c:4f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 9 07:03:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d305ccb6709894ecf705db72f1f7b2b3425240a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:13:f6:cf:05:8e:12:03:81:62:b0:8c:64:f3:
a3:c2:4d:26:2b:c2:cf:49:49:b8:4e:da:2e:c1:c6:
65:b3:93:ef:66:d2:70:3f:20:39:e2:9d:a2:ed:cd:
c4:43:fb:fc:c9:b0:18:64:59:ca:a3:10:c4:0e:e4:
e3:cc:43:e9:b8:b0:14:ab:f5:45:7d:83:7f:1c:2e:
af:c5:43:33:f1:6c:c7:d6:e3:88:9f:3b:3c:cf:96:
b1:2e:b8:42:ee:e2:52:b1:41:dc:80:a3:e2:84:d7:
48:d1:ef:c2:2f:e8:72:2b:08:98:48:c4:1d:61:63:
65:8f:5d:87:6b:cd:89:d1:c1:0b:11:d7:37:f3:c8:
f8:b5:9a:d4:9b:11:61:4a:67:98:d3:04:ad:66:e6:
4a:a5:64:66:a3:6b:51:b9:bf:7a:d3:aa:80:00:2f:
a2:3b:72:0b:83:80:ec:8a:3e:39:97:83:44:59:8a:
4a:45:26:ce:0a:a2:e1:58:81:e4:f8:d2:44:f2:cd:
fe:6e:da:fb:1f:7f:76:3c:4b:df:b9:ba:94:21:cd:
4c:34:ab:ae:6d:c5:05:2e:2e:2b:9d:fe:8f:b8:d3:
9f:73:7f:a1:e7:50:6d:96:cf:6f:68:5d:dc:00:49:
5e:07:86:11:0f:c3:d3:af:53:7a:89:e3:eb:45:0b:
f7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:05:CC:B6:70:98:94:EC:F7:05:DB:72:F1:F7:B2:B3:42:52:40:A5
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0wXMtnCYlOz3Bdty8feys0JSQKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.12.0/24
5.105.38.0/23
5.105.68.0/23
5.105.74.0/24
5.105.79.0/24
5.105.81.0-5.105.82.255
5.105.95.0/24
5.105.103.0/24
5.105.106.0/24
5.105.108.0/24
5.105.112.0/22
5.105.127.0/24
5.105.130.0/24
5.105.138.0/23
5.105.142.0/23
5.105.156.0/24
5.105.162.0/24
5.105.165.0/24
5.105.168.0/24
5.105.172.0/24
5.105.186.0/23
5.105.195.0/24
5.105.197.0-5.105.199.255
5.105.202.0-5.105.204.255
5.105.206.0/23
5.105.214.0/24
5.105.216.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.105.252.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:9f:fd:78:ba:2f:9d:28:74:b8:d9:37:8f:5d:67:f5:f4:6e:
73:23:52:3e:14:35:18:ec:c5:a7:5d:3a:a4:59:62:65:52:38:
44:a9:3e:3b:01:30:d5:d7:af:56:0b:65:e7:07:c5:2f:98:c8:
2e:75:26:62:3b:e7:0b:30:37:0c:05:1b:99:f2:6c:6c:f5:27:
ba:39:69:56:7d:4a:16:49:93:ee:a5:cf:c5:3a:15:6a:98:fd:
95:c4:b6:2d:a7:0b:cf:72:f2:a1:c1:6d:72:85:86:7b:24:05:
1a:b5:27:1b:46:3d:b3:ed:01:bc:9d:69:9d:b6:d2:c4:ed:fc:
71:07:6b:4a:77:62:1e:40:ed:40:12:29:05:06:01:d4:82:77:
eb:ba:21:f4:b8:8b:99:36:f9:29:82:a2:6f:97:f3:79:59:3e:
e9:0a:a1:a4:66:07:9e:0d:0d:f1:1f:68:e9:47:c8:23:51:1e:
5a:b9:19:4d:c4:59:ea:d3:c9:5f:9e:62:f1:11:9c:7e:4e:9f:
1b:04:f9:17:ea:af:67:5d:f1:80:a2:55:aa:29:1f:6c:be:cd:
98:03:a6:ec:8b:c3:b1:f8:6b:b4:af:84:0a:83:bb:c3:30:ae:
42:a4:1d:39:3e:1f:ac:5e:a8:d5:6a:a1:43:ce:28:c8:70:86:
6e:55:d5:b9
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYY0/DK1o3ToIWddewEIfE8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjA5MDcwMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzA1Y2NiNjcwOTg5NGVjZjcwNWRiNzJmMWY3YjJiMzQyNTI0MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRP2zwWOEgOBYrCMZPOjwk0mK8LP
SUm4TtouwcZls5PvZtJwPyA54p2i7c3EQ/v8ybAYZFnKoxDEDuTjzEPpuLAUq/VF
fYN/HC6vxUMz8WzH1uOInzs8z5axLrhC7uJSsUHcgKPihNdI0e/CL+hyKwiYSMQd
YWNlj12Ha82J0cELEdc388j4tZrUmxFhSmeY0wStZuZKpWRmo2tRub9606qAAC+i
O3ILg4Dsij45l4NEWYpKRSbOCqLhWIHk+NJE8s3+btr7H392PEvfubqUIc1MNKuu
bcUFLi4rnf6PuNOfc3+h51Btls9vaF3cAEleB4YRD8PTr1N6iePrRQv3vQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFNMFzLZwmJTs9wXbcvH3srNCUkClMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMHdYTXRuQ1lsT3ozQmR0eThmZXlzMEpTUUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQA
BWkMAwQBBWkmAwQBBWlEAwQABWlKAwQABWlPMAwDBAAFaVEDBAAFaVIDBAAFaV8D
BAAFaWcDBAAFaWoDBAAFaWwDBAIFaXADBAAFaX8DBAAFaYIDBAEFaYoDBAEFaY4D
BAAFaZwDBAAFaaIDBAAFaaUDBAAFaagDBAAFaawDBAEFaboDBAAFacMwDAMEAAVp
xQMEAwVpwDAMAwQBBWnKAwQABWnMAwQBBWnOAwQABWnWAwQABWnYMAwDBAAFae8D
BAAFafADBAEFafQDBAEFafgDBAAFafwDBAAFtLADBADBLtIwDQYJKoZIhvcNAQEL
BQADggEBAJ+f/Xi6L50odLjZN49dZ/X0bnMjUj4UNRjsxaddOqRZYmVSOESpPjsB
MNXXr1YLZecHxS+YyC51JmI75wswNwwFG5nybGz1J7o5aVZ9ShZJk+6lz8U6FWqY
/ZXEti2nC89y8qHBbXKFhnskBRq1JxtGPbPtAbydaZ220sTt/HEHa0p3Yh5A7UAS
KQUGAdSCd+u6IfS4i5k2+SmCom+X83lZPukKoaRmB54NDfEfaOlHyCNRHlq5GU3E
WerTyV+eYvERnH5OnxsE+Rfqr2dd8YCiVaopH2y+zZgDpuyLw7H4a7SvhAqDu8Mw
rkKkHTk+H6xeqNVqoUPOKMhwhm5V1bk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:03 2025 by rpki-client