Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/kfjtgnXv4Y2OhnZfCejpqxrQW5Q.roa
File: kfjtgnXv4Y2OhnZfCejpqxrQW5Q.roa (raw, json)
Hash identifier: dApp5X1wtEX5m+zgKW/ixXUUUl3LBpMRhvpl02fNnYg=
Subject key identifier: 91:F8:ED:82:75:EF:E1:8D:8E:86:76:5F:09:E8:E9:AB:1A:D0:5B:94
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189F9573274FFEACB3D2E97985061298DB7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/kfjtgnXv4Y2OhnZfCejpqxrQW5Q.roa
Signing time: Tue 15 Aug 2023 13:16:28 +0000
ROA not before: Tue 15 Aug 2023 13:16:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.136.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.169.0/24 maxlen: 24
5.105.75.0/24 maxlen: 24
5.105.101.0/24 maxlen: 24
5.105.111.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.209.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.23.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.26.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.32.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.44.0/24 maxlen: 24
5.105.57.0/24 maxlen: 24
5.105.63.0/24 maxlen: 24
5.105.62.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:57:32:74:ff:ea:cb:3d:2e:97:98:50:61:29:8d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Aug 15 13:16:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f8ed8275efe18d8e86765f09e8e9ab1ad05b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:80:5c:88:5f:38:be:80:40:f9:6f:d8:0f:
cb:b1:97:db:93:32:05:d0:a7:b0:1d:3d:55:58:b0:
c8:f5:04:c1:22:ff:be:05:63:c9:e0:03:5c:f0:e4:
10:18:04:c5:b6:c3:11:3e:04:ae:d3:cd:95:0c:00:
2a:8f:bc:dd:f0:96:13:94:d3:ac:2e:38:17:d6:3c:
b0:a1:38:08:68:fd:66:bd:70:ae:40:38:df:d7:9f:
d3:66:53:b2:41:89:84:a5:55:50:3c:e4:bb:b5:05:
38:65:05:d8:fb:a8:24:e4:ca:ba:b5:24:cf:f9:b2:
15:24:9d:6b:cc:94:46:96:7b:f4:03:e1:10:7d:35:
12:4e:8f:69:af:6f:e2:13:d4:dd:32:83:6a:76:83:
6b:8f:9e:a7:86:17:d0:6d:72:a4:4f:d8:21:14:e7:
92:70:1a:0d:43:dc:05:31:c3:a8:c1:9e:23:6a:56:
bb:47:17:ef:fa:77:19:25:fd:11:67:3d:6c:6f:38:
a9:08:3f:bd:6e:9b:9a:7b:9c:a1:80:14:77:76:59:
50:33:01:82:21:69:64:f4:9e:2c:44:df:34:80:b1:
48:e8:4c:81:b0:01:6b:dc:43:01:6f:c4:86:57:16:
44:78:3a:9e:8d:fa:13:a1:12:fe:0f:d5:a2:a5:cf:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F8:ED:82:75:EF:E1:8D:8E:86:76:5F:09:E8:E9:AB:1A:D0:5B:94
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/kfjtgnXv4Y2OhnZfCejpqxrQW5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.2.0/24
5.105.14.0/24
5.105.18.0/24
5.105.21.0/24
5.105.23.0/24
5.105.26.0/24
5.105.30.0/24
5.105.32.0/24
5.105.40.0/24
5.105.44.0/24
5.105.57.0/24
5.105.62.0/23
5.105.75.0/24
5.105.101.0/24
5.105.111.0/24
5.105.114.0/23
5.105.122.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.136.0/24
5.105.138.0/24
5.105.157.0/24
5.105.162.0/24
5.105.169.0/24
5.105.209.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ac:40:c6:8d:92:fd:f7:d3:e1:6b:4c:8d:86:5d:c6:8c:d2:
6a:4b:43:c9:92:1f:91:10:ce:4b:a2:d6:c3:ba:0b:32:69:50:
2d:e4:1c:32:f6:f5:3f:7f:78:7d:02:ee:a2:e8:03:c7:99:57:
ca:4a:a9:c0:33:70:46:79:11:3f:24:42:3c:01:f0:27:45:1c:
b2:7f:e9:fd:f0:0f:eb:1d:a8:51:a4:34:7a:54:2a:f8:23:4a:
fd:c2:96:d4:fd:7e:67:25:5d:3c:e2:8b:b9:98:8d:bd:26:4b:
fe:98:91:10:3b:41:86:3c:cf:0d:61:64:2f:29:d3:7e:59:f6:
20:39:bd:89:d3:21:a7:74:c9:99:97:1d:b0:10:d9:36:cb:11:
17:a3:15:c7:c2:f5:c5:3b:11:b9:91:a7:1d:cf:86:f1:dd:af:
b9:d4:45:c6:11:22:ba:3a:ac:82:e6:ec:b6:4a:ae:7d:2f:e7:
5a:34:c7:b7:b6:bc:c8:3f:77:63:55:99:ff:eb:03:28:03:e6:
7c:77:83:fe:70:9a:b4:0e:89:9c:24:b3:16:99:0c:09:2d:56:
20:e0:56:86:35:02:c4:65:cd:98:68:1d:22:eb:e3:ea:1f:b6:
b2:c1:89:eb:1c:68:3e:0a:d2:cb:b8:1d:9e:a3:5c:1a:99:7c:
8e:87:13:0e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYn5VzJ0/+rLPS6XmFBhKY23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODE1MTMxNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY4ZWQ4Mjc1ZWZlMThkOGU4Njc2NWYwOWU4ZTlhYjFhZDA1Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfWAXIhfOL6AQPlv2A/LsZfbkzIF
0KewHT1VWLDI9QTBIv++BWPJ4ANc8OQQGATFtsMRPgSu082VDAAqj7zd8JYTlNOs
LjgX1jywoTgIaP1mvXCuQDjf15/TZlOyQYmEpVVQPOS7tQU4ZQXY+6gk5Mq6tSTP
+bIVJJ1rzJRGlnv0A+EQfTUSTo9pr2/iE9TdMoNqdoNrj56nhhfQbXKkT9ghFOeS
cBoNQ9wFMcOowZ4jala7Rxfv+ncZJf0RZz1sbzipCD+9bpuae5yhgBR3dllQMwGC
IWlk9J4sRN80gLFI6EyBsAFr3EMBb8SGVxZEeDqejfoToRL+D9Wipc+AjwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFJH47YJ17+GNjoZ2Xwno6asa0FuUMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEva2ZqdGduWHY0WTJPaG5aZkNlanBxeHJRVzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAF
aQIDBAAFaQ4DBAAFaRIDBAAFaRUDBAAFaRcDBAAFaRoDBAAFaR4DBAAFaSADBAAF
aSgDBAAFaSwDBAAFaTkDBAEFaT4DBAAFaUsDBAAFaWUDBAAFaW8DBAEFaXIDBAAF
aXoDBAAFaX8DBAAFaYMDBAAFaYYDBAAFaYgDBAAFaYoDBAAFaZ0DBAAFaaIDBAAF
aakDBAAFadEwDAMEAAVp7wMEAAVp8AMEAQVp9AMEAQVp+AMEAAW0sAMEAMEu0jAN
BgkqhkiG9w0BAQsFAAOCAQEAHqxAxo2S/ffT4WtMjYZdxozSaktDyZIfkRDOS6LW
w7oLMmlQLeQcMvb1P394fQLuougDx5lXykqpwDNwRnkRPyRCPAHwJ0Ucsn/p/fAP
6x2oUaQ0elQq+CNK/cKW1P1+ZyVdPOKLuZiNvSZL/piREDtBhjzPDWFkLynTfln2
IDm9idMhp3TJmZcdsBDZNssRF6MVx8L1xTsRuZGnHc+G8d2vudRFxhEiujqsgubs
tkqufS/nWjTHt7a8yD93Y1WZ/+sDKAPmfHeD/nCatA6JnCSzFpkMCS1WIOBWhjUC
xGXNmGgdIuvj6h+2ssGJ6xxoPgrSy7gdnqNcGpl8jocTDg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:48 2025 by rpki-client