Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/qgnoJ_JauGeCYgHWK2LdTOsA8H8.roa
File: qgnoJ_JauGeCYgHWK2LdTOsA8H8.roa (raw, json)
Hash identifier: 7t1aCQsJV2fDBRW8yKqJlSrlrbH1NpOuyBu7QFt6mHo=
Subject key identifier: AA:09:E8:27:F2:5A:B8:67:82:62:01:D6:2B:62:DD:4C:EB:00:F0:7F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018630702A44D9289224795512F8953BFE84
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/qgnoJ_JauGeCYgHWK2LdTOsA8H8.roa
Signing time: Wed 08 Feb 2023 09:51:42 +0000
ROA not before: Wed 08 Feb 2023 09:51:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 193.46.210.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.130.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.156.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.79.0/24 maxlen: 24
5.105.95.0/24 maxlen: 24
5.105.103.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.108.0/24 maxlen: 24
5.105.106.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.252.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.195.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.197.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.214.0/24 maxlen: 24
5.105.12.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:70:2a:44:d9:28:92:24:79:55:12:f8:95:3b:fe:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Feb 8 09:51:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa09e827f25ab867826201d62b62dd4ceb00f07f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:21:1a:f8:b3:cb:db:32:7f:a4:bd:69:14:c7:
0e:53:12:ce:b3:04:90:8b:18:12:88:f0:78:10:f8:
40:af:9d:25:0f:da:57:12:25:02:a7:54:43:f3:2c:
b7:34:c1:a3:ce:f1:83:32:0c:76:2e:5d:21:da:ad:
d0:fb:71:18:71:9a:86:e9:d8:9c:2b:6b:ce:71:ba:
28:6f:35:d0:d6:4c:4d:26:f0:1c:18:ae:b5:13:48:
4f:67:01:24:04:f4:1a:cc:38:7e:d1:07:cf:b9:cf:
6c:47:0a:0c:43:76:49:73:bb:ac:94:83:37:aa:b8:
af:f8:b4:45:d9:62:3d:83:d4:51:58:0a:a4:dc:99:
ac:59:96:c4:92:d9:94:80:cc:5d:16:80:93:5a:b3:
b5:89:a4:12:67:05:d1:59:bf:2b:ac:e9:ed:f1:ef:
ca:23:bb:6e:cc:45:4a:3f:01:e6:aa:86:93:d2:28:
d8:fa:ad:c4:fe:ab:a6:8a:4f:54:d5:57:2f:a4:cf:
90:63:3e:0f:90:8e:e5:c3:73:8c:77:3d:81:1c:97:
95:ca:74:aa:23:98:a3:8f:65:d0:b8:ce:cd:c9:56:
ff:9c:be:c5:76:32:ad:39:16:db:fd:de:f6:84:74:
84:51:59:af:d2:f1:84:87:7d:c6:af:b0:cb:d2:79:
74:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:09:E8:27:F2:5A:B8:67:82:62:01:D6:2B:62:DD:4C:EB:00:F0:7F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/qgnoJ_JauGeCYgHWK2LdTOsA8H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.12.0/24
5.105.33.0/24
5.105.38.0/23
5.105.68.0/23
5.105.74.0/24
5.105.79.0/24
5.105.81.0-5.105.82.255
5.105.95.0/24
5.105.103.0/24
5.105.106.0/24
5.105.108.0/24
5.105.112.0/22
5.105.127.0/24
5.105.130.0/24
5.105.138.0/23
5.105.142.0/23
5.105.156.0/24
5.105.162.0/24
5.105.165.0/24
5.105.168.0/24
5.105.172.0/24
5.105.186.0/23
5.105.195.0/24
5.105.197.0-5.105.199.255
5.105.202.0-5.105.204.255
5.105.206.0/23
5.105.214.0/24
5.105.216.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.248.0/23
5.105.252.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:77:6d:c5:b7:ed:6c:b0:5f:1f:3b:a4:da:d8:16:f4:3c:76:
61:7a:61:3a:69:84:08:9c:b6:cc:db:86:64:1a:16:98:39:0b:
9d:01:f3:e2:0a:23:98:6f:fc:50:54:84:af:d8:56:0f:87:68:
2a:e2:33:dc:64:64:3d:79:57:aa:6f:31:b7:c4:3d:2a:9d:49:
fa:fc:15:3a:bd:43:d0:4f:08:63:a3:34:3a:a1:9c:39:4b:70:
d6:7c:2a:89:fb:cb:68:46:88:fb:60:7e:29:d0:71:94:b8:1b:
39:0e:9e:72:cb:69:5d:0d:1c:a6:3d:f5:c3:53:ac:23:0b:6a:
4a:db:5c:08:2e:96:de:0b:33:91:df:7b:4b:46:c8:ec:b3:6a:
36:13:e0:5d:22:23:25:8a:10:60:fd:38:15:80:fd:84:83:c4:
fb:07:5f:40:86:fc:e7:4e:86:fe:12:4b:14:ca:c0:ac:e7:28:
2b:50:72:25:90:93:6c:52:a2:2e:a6:d4:7a:1c:14:16:61:45:
44:6c:75:08:13:88:02:5f:51:de:4b:f0:44:e4:2e:eb:2d:b9:
14:31:56:d2:8b:14:a9:61:f5:8a:72:53:c0:d0:2b:90:24:d7:
1f:83:99:74:34:2d:a4:a0:98:42:41:0f:51:e5:57:5f:46:0d:
6d:7c:c1:63
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYYwcCpE2SiSJHlVEviVO/6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjA4MDk1MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA5ZTgyN2YyNWFiODY3ODI2MjAxZDYyYjYyZGQ0Y2ViMDBmMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCEa+LPL2zJ/pL1pFMcOUxLOswSQ
ixgSiPB4EPhAr50lD9pXEiUCp1RD8yy3NMGjzvGDMgx2Ll0h2q3Q+3EYcZqG6dic
K2vOcboobzXQ1kxNJvAcGK61E0hPZwEkBPQazDh+0QfPuc9sRwoMQ3ZJc7uslIM3
qriv+LRF2WI9g9RRWAqk3JmsWZbEktmUgMxdFoCTWrO1iaQSZwXRWb8rrOnt8e/K
I7tuzEVKPwHmqoaT0ijY+q3E/qumik9U1VcvpM+QYz4PkI7lw3OMdz2BHJeVynSq
I5ijj2XQuM7NyVb/nL7FdjKtORbb/d72hHSEUVmv0vGEh33Gr7DL0nl0ZwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFKoJ6CfyWrhngmIB1iti3UzrAPB/MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvcWdub0pfSmF1R2VDWWdIV0syTGRUT3NBOEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
BWkMAwQABWkhAwQBBWkmAwQBBWlEAwQABWlKAwQABWlPMAwDBAAFaVEDBAAFaVID
BAAFaV8DBAAFaWcDBAAFaWoDBAAFaWwDBAIFaXADBAAFaX8DBAAFaYIDBAEFaYoD
BAEFaY4DBAAFaZwDBAAFaaIDBAAFaaUDBAAFaagDBAAFaawDBAEFaboDBAAFacMw
DAMEAAVpxQMEAwVpwDAMAwQBBWnKAwQABWnMAwQBBWnOAwQABWnWAwQABWnYMAwD
BAAFae8DBAAFafADBAEFafQDBAEFafgDBAAFafwDBAAFtLADBADBLtIwDQYJKoZI
hvcNAQELBQADggEBALN3bcW37WywXx87pNrYFvQ8dmF6YTpphAictszbhmQaFpg5
C50B8+IKI5hv/FBUhK/YVg+HaCriM9xkZD15V6pvMbfEPSqdSfr8FTq9Q9BPCGOj
NDqhnDlLcNZ8Kon7y2hGiPtgfinQcZS4GzkOnnLLaV0NHKY99cNTrCMLakrbXAgu
lt4LM5Hfe0tGyOyzajYT4F0iIyWKEGD9OBWA/YSDxPsHX0CG/OdOhv4SSxTKwKzn
KCtQciWQk2xSoi6m1HocFBZhRURsdQgTiAJfUd5L8ETkLustuRQxVtKLFKlh9Ypy
U8DQK5Ak1x+DmXQ0LaSgmEJBD1HlV19GDW18wWM=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:36:29 2025 by rpki-client