Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/DzNYIUJtsorUHaqu1FVhyGfb6HM.roa
File: DzNYIUJtsorUHaqu1FVhyGfb6HM.roa (raw, json)
Hash identifier: BLN1T6nDSiyYhi1pAYLf6zvHD4QrnNLF9qU8ynsby4U=
Subject key identifier: 0F:33:58:21:42:6D:B2:8A:D4:1D:AA:AE:D4:55:61:C8:67:DB:E8:73
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189D39A191CE9F7577A7C0F9D27C288597B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/DzNYIUJtsorUHaqu1FVhyGfb6HM.roa
Signing time: Tue 08 Aug 2023 05:23:58 +0000
ROA not before: Tue 08 Aug 2023 05:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.209.0/24 maxlen: 24
5.105.15.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.19.0/24 maxlen: 24
5.105.23.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.26.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.44.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:9a:19:1c:e9:f7:57:7a:7c:0f:9d:27:c2:88:59:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 8 05:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f335821426db28ad41daaaed45561c867dbe873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:eb:7a:be:31:b2:23:fe:63:8c:a0:45:4d:cd:
d4:4a:fa:42:85:2c:71:d0:d4:2b:82:e3:cd:7a:a7:
c0:97:e4:cd:2f:bf:d0:46:aa:39:a2:7c:9a:c5:4e:
38:b4:61:c9:40:a2:ab:77:e8:17:17:d1:b7:54:f8:
f5:9b:9b:2c:dc:d0:83:7c:41:ca:d0:8b:41:76:83:
12:b0:85:8e:bc:75:c2:45:0c:74:b2:36:bd:07:ba:
f3:fd:2d:ff:33:b5:4c:78:0a:ca:1a:7e:87:fe:1f:
a2:0f:90:af:51:a2:6d:97:29:c8:2a:41:9c:92:f4:
5d:81:58:97:77:11:16:98:50:17:e7:a0:f5:2c:ff:
ed:2d:bd:de:28:c3:18:4d:fa:42:39:9d:6b:cf:c9:
f9:df:5f:5e:ff:22:d0:ac:60:dd:ec:0d:a7:4b:55:
01:6a:5d:5f:8d:4e:7b:21:00:c4:01:93:a4:cb:5c:
49:98:be:e2:fa:25:81:d5:4d:92:ea:01:c0:42:ad:
99:c8:1e:a7:d1:df:d0:d9:13:57:1f:42:e7:b1:6b:
7a:86:2e:43:4b:c9:c1:1c:56:ff:f7:ad:7c:31:4d:
35:7e:59:b1:f5:e5:a3:7c:35:af:29:94:7c:6c:ee:
00:d0:64:37:5c:59:c1:d5:94:2d:ce:e0:5a:d0:30:
50:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:33:58:21:42:6D:B2:8A:D4:1D:AA:AE:D4:55:61:C8:67:DB:E8:73
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/DzNYIUJtsorUHaqu1FVhyGfb6HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.14.0/23
5.105.18.0/23
5.105.21.0/24
5.105.23.0/24
5.105.26.0/24
5.105.30.0/24
5.105.32.0/23
5.105.40.0/24
5.105.44.0/24
5.105.57.0/24
5.105.63.0/24
5.105.75.0/24
5.105.101.0/24
5.105.111.0/24
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.138.0/24
5.105.157.0/24
5.105.162.0/24
5.105.169.0/24
5.105.209.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.249.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
58:61:9f:a1:45:0d:bf:b3:62:c6:6f:a0:e8:84:6c:b8:92:aa:
99:2b:2e:a4:9e:53:49:ae:9e:b4:13:92:e7:b3:32:22:0d:ac:
3a:70:d1:96:8f:26:9d:01:bf:0b:ca:81:25:6f:5c:78:29:92:
ee:e7:2d:11:dc:8f:cd:77:2c:63:1b:dc:f0:fe:9b:5e:30:8d:
2c:de:80:c5:25:d6:a2:26:b8:7e:d2:0e:12:2e:5f:6b:f8:e5:
7a:36:62:1c:97:ff:51:84:1d:d2:c5:bf:e8:d4:80:1a:21:e8:
98:15:4a:a2:17:f4:6b:b5:ff:bc:e7:80:fb:0f:10:d1:d6:07:
ed:8d:99:a3:04:f9:6e:4b:2d:3c:21:06:df:4a:98:12:d9:52:
4b:1c:92:53:8f:ec:6c:d4:3b:e2:17:86:28:15:b7:45:98:52:
55:13:9f:67:8b:55:21:ec:e1:87:62:04:60:2e:0f:43:c4:ca:
f8:85:39:bc:12:58:e1:b0:be:4f:86:0e:f9:6a:99:08:5a:e9:
9d:0b:df:dc:8f:c4:37:7b:a3:57:42:3c:5f:26:66:14:ac:09:
d8:27:1b:e5:c5:ab:e6:a8:91:50:5f:f1:70:9a:7c:ba:79:86:
f1:be:fd:98:dd:43:63:9c:6c:aa:f5:f7:9e:b6:12:5c:35:d1:
d4:21:85:ec
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYnTmhkc6fdXenwPnSfCiFl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODA4MDUyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjMzNTgyMTQyNmRiMjhhZDQxZGFhYWVkNDU1NjFjODY3ZGJlODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ut6vjGyI/5jjKBFTc3USvpChSxx
0NQrguPNeqfAl+TNL7/QRqo5onyaxU44tGHJQKKrd+gXF9G3VPj1m5ss3NCDfEHK
0ItBdoMSsIWOvHXCRQx0sja9B7rz/S3/M7VMeArKGn6H/h+iD5CvUaJtlynIKkGc
kvRdgViXdxEWmFAX56D1LP/tLb3eKMMYTfpCOZ1rz8n5319e/yLQrGDd7A2nS1UB
al1fjU57IQDEAZOky1xJmL7i+iWB1U2S6gHAQq2ZyB6n0d/Q2RNXH0LnsWt6hi5D
S8nBHFb/9618MU01flmx9eWjfDWvKZR8bO4A0GQ3XFnB1ZQtzuBa0DBQ7wIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFA8zWCFCbbKK1B2qrtRVYchn2+hzMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRHpOWUlVSnRzb3JVSGFxdTFGVmh5R2ZiNkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAF
aQIDBAEFaQ4DBAEFaRIDBAAFaRUDBAAFaRcDBAAFaRoDBAAFaR4DBAEFaSADBAAF
aSgDBAAFaSwDBAAFaTkDBAAFaT8DBAAFaUsDBAAFaWUDBAAFaW8DBAAFaXoDBAAF
aX8DBAAFaYMDBAAFaYYDBAAFaYgDBAAFaYoDBAAFaZ0DBAAFaaIDBAAFaakDBAAF
adEwDAMEAAVp7wMEAAVp8AMEAQVp9AMEAAVp+QMEAAW0sAMEAMEu0jANBgkqhkiG
9w0BAQsFAAOCAQEAWGGfoUUNv7Nixm+g6IRsuJKqmSsupJ5TSa6etBOS57MyIg2s
OnDRlo8mnQG/C8qBJW9ceCmS7uctEdyPzXcsYxvc8P6bXjCNLN6AxSXWoia4ftIO
Ei5fa/jlejZiHJf/UYQd0sW/6NSAGiHomBVKohf0a7X/vOeA+w8Q0dYH7Y2ZowT5
bkstPCEG30qYEtlSSxySU4/sbNQ74heGKBW3RZhSVROfZ4tVIezhh2IEYC4PQ8TK
+IU5vBJY4bC+T4YO+WqZCFrpnQvf3I/EN3ujV0I8XyZmFKwJ2Ccb5cWr5qiRUF/x
cJp8unmG8b79mN1DY5xsqvX3nrYSXDXR1CGF7A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:13 2025 by rpki-client