Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/gC05Zgb7gawwPMgjpae78t9U0u4.roa
File: gC05Zgb7gawwPMgjpae78t9U0u4.roa (raw, json)
Hash identifier: /9epYUl749g1HeCooNOzYE9DsG8jBgSsOjlUskaMlys=
Subject key identifier: 80:2D:39:66:06:FB:81:AC:30:3C:C8:23:A5:A7:BB:F2:DF:54:D2:EE
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189D485602A2F1A04A5132BA501EB120D74
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/gC05Zgb7gawwPMgjpae78t9U0u4.roa
Signing time: Tue 08 Aug 2023 09:40:57 +0000
ROA not before: Tue 08 Aug 2023 09:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.209.0/24 maxlen: 24
5.105.15.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.19.0/24 maxlen: 24
5.105.23.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.26.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.44.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.105.62.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:85:60:2a:2f:1a:04:a5:13:2b:a5:01:eb:12:0d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 8 09:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=802d396606fb81ac303cc823a5a7bbf2df54d2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:46:dc:5a:04:a1:9e:e6:68:6e:3c:a4:a4:db:
40:60:a0:af:c3:bf:e8:d9:ab:5e:ae:9c:58:ce:19:
ff:83:84:25:44:49:70:8b:eb:dc:3b:f5:b0:de:fa:
f6:96:aa:3f:ea:17:c4:ab:93:93:b7:e7:23:8d:25:
8b:42:b8:76:94:3f:79:19:5f:22:70:6e:4b:f0:fe:
83:0d:6f:b2:f2:02:e3:33:23:74:4e:24:dc:be:e6:
8b:de:e1:29:57:64:28:e5:ab:6b:d5:28:74:ac:b3:
cc:bf:0d:ac:b6:52:98:42:58:80:8e:3d:79:94:9d:
f7:a0:7e:04:b7:1e:c2:9d:42:82:b7:45:fb:10:c3:
52:50:ef:f9:d2:29:29:55:e5:83:78:5e:85:1d:6c:
66:aa:90:32:ec:33:07:9d:82:e7:2d:12:89:1c:1a:
53:07:d3:e8:6d:e4:12:1d:bc:af:65:5c:cc:b8:fc:
01:9a:51:ea:d3:9c:4b:38:24:9a:66:f4:65:f1:47:
96:00:15:92:b1:97:2e:77:02:96:76:8b:89:65:6c:
f5:30:ea:b2:7f:4c:08:1f:1d:db:04:3a:b8:19:6c:
6f:97:2f:e3:21:e7:29:05:60:39:31:4d:85:15:0b:
f5:8a:b5:9d:6b:67:88:16:8b:d2:19:ab:7e:1e:cb:
32:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2D:39:66:06:FB:81:AC:30:3C:C8:23:A5:A7:BB:F2:DF:54:D2:EE
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/gC05Zgb7gawwPMgjpae78t9U0u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.14.0/23
5.105.18.0/23
5.105.21.0/24
5.105.23.0/24
5.105.26.0/24
5.105.30.0/24
5.105.32.0/23
5.105.40.0/24
5.105.44.0/24
5.105.57.0/24
5.105.62.0/23
5.105.75.0/24
5.105.101.0/24
5.105.111.0/24
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.138.0/24
5.105.157.0/24
5.105.162.0/24
5.105.169.0/24
5.105.209.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.249.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:ef:4e:f7:a6:ee:b0:15:d4:6e:2a:84:09:4d:16:53:65:4f:
f3:10:e9:f9:1f:bc:75:6d:ae:4b:b8:b2:2c:5e:14:9d:1f:d1:
22:b0:5d:b7:26:85:d3:c9:33:4d:26:e9:b5:e9:ea:99:e4:0d:
8a:1f:32:99:2e:0c:77:8d:bf:25:01:74:05:31:81:da:86:ed:
57:3c:2b:0d:47:12:8a:8e:e0:97:3f:00:29:88:e0:b0:9e:fa:
b9:a3:6b:63:e9:4f:c3:27:57:07:2a:97:b4:c9:e3:1d:6f:36:
a4:24:ff:5c:66:c6:f5:cf:3d:75:e6:3c:3a:73:fd:a9:5f:46:
0b:0d:ed:88:de:00:96:4e:19:83:62:7b:b4:a9:ee:aa:3a:3d:
10:f8:41:3e:95:8f:8e:df:2d:24:40:4f:56:47:93:86:fb:b2:
fd:d5:38:54:77:56:fc:37:09:90:41:f9:4f:66:5c:b5:f4:42:
bf:b9:bf:38:4d:29:35:a5:20:6a:65:45:40:9c:1f:95:ca:e0:
4a:94:29:d7:3d:6a:d9:51:57:e2:19:e1:13:d6:c5:51:78:43:
d4:c5:e3:bf:02:85:7f:60:d8:54:cb:25:6b:12:34:21:c2:1e:
bf:24:58:81:9f:18:6f:28:b3:65:ac:14:6c:ab:fb:ca:3a:81:
61:63:7e:5f
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYnUhWAqLxoEpRMrpQHrEg10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODA4MDk0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJkMzk2NjA2ZmI4MWFjMzAzY2M4MjNhNWE3YmJmMmRmNTRkMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kbcWgShnuZobjykpNtAYKCvw7/o
2aterpxYzhn/g4QlRElwi+vcO/Ww3vr2lqo/6hfEq5OTt+cjjSWLQrh2lD95GV8i
cG5L8P6DDW+y8gLjMyN0TiTcvuaL3uEpV2Qo5atr1Sh0rLPMvw2stlKYQliAjj15
lJ33oH4Etx7CnUKCt0X7EMNSUO/50ikpVeWDeF6FHWxmqpAy7DMHnYLnLRKJHBpT
B9PobeQSHbyvZVzMuPwBmlHq05xLOCSaZvRl8UeWABWSsZcudwKWdouJZWz1MOqy
f0wIHx3bBDq4GWxvly/jIecpBWA5MU2FFQv1irWda2eIFovSGat+Hssy6wIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFIAtOWYG+4GsMDzII6Wnu/LfVNLuMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZ0MwNVpnYjdnYXd3UE1nanBhZTc4dDlVMHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAEF
aQ4DBAEFaRIDBAAFaRUDBAAFaRcDBAAFaRoDBAAFaR4DBAEFaSADBAAFaSgDBAAF
aSwDBAAFaTkDBAEFaT4DBAAFaUsDBAAFaWUDBAAFaW8DBAAFaXoDBAAFaX8DBAAF
aYMDBAAFaYYDBAAFaYgDBAAFaYoDBAAFaZ0DBAAFaaIDBAAFaakDBAAFadEwDAME
AAVp7wMEAAVp8AMEAQVp9AMEAAVp+QMEAAW0sAMEAMEu0jANBgkqhkiG9w0BAQsF
AAOCAQEAxO9O96busBXUbiqECU0WU2VP8xDp+R+8dW2uS7iyLF4UnR/RIrBdtyaF
08kzTSbptenqmeQNih8ymS4Md42/JQF0BTGB2obtVzwrDUcSio7glz8AKYjgsJ76
uaNrY+lPwydXByqXtMnjHW82pCT/XGbG9c89deY8OnP9qV9GCw3tiN4Alk4Zg2J7
tKnuqjo9EPhBPpWPjt8tJEBPVkeThvuy/dU4VHdW/DcJkEH5T2ZctfRCv7m/OE0p
NaUgamVFQJwflcrgSpQp1z1q2VFX4hnhE9bFUXhD1MXjvwKFf2DYVMslaxI0IcIe
vyRYgZ8YbyizZawUbKv7yjqBYWN+Xw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:42 2025 by rpki-client