Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/tazQojL3NFSHKwqbl0V0rhq-EKM.roa
File: tazQojL3NFSHKwqbl0V0rhq-EKM.roa (raw, json)
Hash identifier: k0hfUHlSYQSjyae7fkO1pEiuiHd90usQ1Jm4gwZV1Zk=
Subject key identifier: B5:AC:D0:A2:32:F7:34:54:87:2B:0A:9B:97:45:74:AE:1A:BE:10:A3
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0189965B376C95C35B097B7E1352D0CCAAA4
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/tazQojL3NFSHKwqbl0V0rhq-EKM.roa
Signing time: Thu 27 Jul 2023 07:58:27 +0000
ROA not before: Thu 27 Jul 2023 07:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 193.46.210.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.124.0/24 maxlen: 24
5.105.126.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.157.0/24 maxlen: 24
5.105.166.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.170.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.66.0/24 maxlen: 24
5.105.94.0/24 maxlen: 24
5.105.102.0/24 maxlen: 24
5.105.118.0/24 maxlen: 24
5.105.117.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.228.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.185.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.200.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
5.105.221.0/24 maxlen: 24
5.105.14.0/24 maxlen: 24
5.105.21.0/24 maxlen: 24
5.105.18.0/24 maxlen: 24
5.105.30.0/24 maxlen: 24
5.105.33.0/24 maxlen: 24
5.105.37.0/24 maxlen: 24
5.105.36.0/24 maxlen: 24
5.105.49.0/24 maxlen: 24
5.105.47.0/24 maxlen: 24
5.105.51.0/24 maxlen: 24
5.105.50.0/24 maxlen: 24
5.105.45.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:5b:37:6c:95:c3:5b:09:7b:7e:13:52:d0:cc:aa:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 27 07:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5acd0a232f73454872b0a9b974574ae1abe10a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5e:c4:8c:00:9f:6a:32:1f:51:68:c4:48:4b:
e6:45:7c:2f:8d:76:32:e2:f4:a4:7c:6f:43:84:1b:
2d:0d:f3:13:05:e5:4c:f5:1e:dc:92:ae:b0:5a:2c:
8f:cb:e3:6f:8d:99:ed:b2:47:a4:da:cf:d1:23:88:
53:26:04:28:57:95:fd:54:73:b8:68:9e:ce:e3:42:
db:a7:97:f0:fa:24:59:cb:7b:05:19:e8:7a:16:f2:
cb:f2:92:23:f6:f2:e1:ff:d4:e1:46:27:db:1b:48:
70:11:d0:00:b5:82:7c:fe:49:f4:94:59:ab:15:48:
dd:49:fb:6b:3f:cd:6a:d6:40:d1:63:e4:c8:09:6d:
f6:da:5d:a5:48:21:00:37:8f:92:b7:9f:c1:aa:0d:
de:9e:f2:bb:1a:2b:03:90:d7:df:f7:4f:24:a8:9f:
19:3a:f2:b5:7e:b9:39:2f:d8:89:a7:d0:28:a9:96:
9d:6a:5e:33:b1:0f:89:f3:7f:91:b8:44:3c:43:57:
86:dc:5d:5c:18:c7:35:61:11:1b:db:e2:8f:be:7f:
c4:fc:28:0c:f0:b8:76:af:c5:3c:cd:16:4b:2f:fc:
7b:a7:b6:5b:c2:83:aa:51:a6:b3:52:e2:d8:b5:a3:
b5:b1:a0:8c:8e:27:c4:f9:aa:71:36:c4:bb:40:22:
34:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AC:D0:A2:32:F7:34:54:87:2B:0A:9B:97:45:74:AE:1A:BE:10:A3
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/tazQojL3NFSHKwqbl0V0rhq-EKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.7.0/24
5.105.14.0/24
5.105.18.0/24
5.105.21.0/24
5.105.30.0/24
5.105.33.0/24
5.105.36.0/23
5.105.45.0/24
5.105.47.0/24
5.105.49.0-5.105.51.255
5.105.66.0/24
5.105.69.0/24
5.105.94.0/24
5.105.102.0/24
5.105.113.0/24
5.105.117.0-5.105.118.255
5.105.124.0/24
5.105.126.0/23
5.105.143.0/24
5.105.157.0/24
5.105.162.0/24
5.105.166.0/24
5.105.168.0/24
5.105.170.0/24
5.105.185.0-5.105.187.255
5.105.198.0-5.105.200.255
5.105.202.0/23
5.105.216.0/24
5.105.218.0/24
5.105.221.0/24
5.105.228.0/23
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.247.0/24
5.105.249.0/24
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:0b:a6:86:47:48:1b:67:b1:6e:69:18:bb:97:7b:0d:8c:e3:
3e:7f:7a:79:78:32:b8:62:ba:3a:2b:92:69:79:03:3f:ed:67:
c3:cd:3d:f1:1b:25:3d:50:2b:99:70:99:cc:53:b8:c4:45:90:
7c:c6:9c:b6:5f:e8:c7:be:2c:97:05:c6:53:ec:77:6c:eb:2b:
5c:50:76:6c:50:e3:40:30:1f:79:cf:98:1e:44:b2:eb:29:dc:
e8:75:b9:06:1b:da:6a:89:50:d6:71:b3:85:53:97:88:d8:a8:
0c:aa:98:5b:83:55:10:7c:54:e9:34:94:87:c0:5d:e7:38:68:
09:82:f0:12:4c:aa:c8:be:89:75:5b:fe:b6:4c:08:7a:85:54:
2a:4d:4c:ac:58:f1:0d:3c:0f:60:1e:53:06:67:25:eb:2f:bb:
2d:c8:63:ab:e6:f3:c2:08:9a:2a:69:49:6b:22:7f:3d:ef:76:
af:80:d4:97:b1:ae:db:95:aa:d2:49:33:aa:30:d4:25:3f:95:
30:4c:ad:b5:60:85:db:de:65:71:3c:f5:c5:fc:c4:5a:38:d1:
e3:df:6b:79:41:3d:b2:2b:90:fb:97:a9:c9:6a:ca:31:5c:32:
91:eb:bd:1d:66:cd:58:b5:ec:dd:c2:3a:67:d3:8f:73:26:fc:
f9:fe:f7:c3
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYmWWzdslcNbCXt+E1LQzKqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzI3MDc1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFjZDBhMjMyZjczNDU0ODcyYjBhOWI5NzQ1NzRhZTFhYmUxMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl7EjACfajIfUWjESEvmRXwvjXYy
4vSkfG9DhBstDfMTBeVM9R7ckq6wWiyPy+NvjZntskek2s/RI4hTJgQoV5X9VHO4
aJ7O40Lbp5fw+iRZy3sFGeh6FvLL8pIj9vLh/9ThRifbG0hwEdAAtYJ8/kn0lFmr
FUjdSftrP81q1kDRY+TICW322l2lSCEAN4+St5/Bqg3envK7GisDkNff908kqJ8Z
OvK1frk5L9iJp9AoqZadal4zsQ+J83+RuEQ8Q1eG3F1cGMc1YREb2+KPvn/E/CgM
8Lh2r8U8zRZLL/x7p7ZbwoOqUaazUuLYtaO1saCMjifE+apxNsS7QCI0tQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFLWs0KIy9zRUhysKm5dFdK4avhCjMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdGF6UW9qTDNORlNIS3dxYmwwVjByaHEtRUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAAVpBwMEAAVpDgMEAAVpEgMEAAVpFQMEAAVpHgMEAAVpIQMEAQVpJAMEAAVp
LQMEAAVpLzAMAwQABWkxAwQCBWkwAwQABWlCAwQABWlFAwQABWleAwQABWlmAwQA
BWlxMAwDBAAFaXUDBAAFaXYDBAAFaXwDBAEFaX4DBAAFaY8DBAAFaZ0DBAAFaaID
BAAFaaYDBAAFaagDBAAFaaowDAMEAAVpuQMEAgVpuDAMAwQBBWnGAwQABWnIAwQB
BWnKAwQABWnYAwQABWnaAwQABWndAwQBBWnkMAwDBAAFae8DBAAFafADBAEFafQD
BAAFafcDBAAFafkDBAAFtLADBADBLtIwDQYJKoZIhvcNAQELBQADggEBAJoLpoZH
SBtnsW5pGLuXew2M4z5/enl4Mrhiujorkml5Az/tZ8PNPfEbJT1QK5lwmcxTuMRF
kHzGnLZf6Me+LJcFxlPsd2zrK1xQdmxQ40AwH3nPmB5Esusp3Oh1uQYb2mqJUNZx
s4VTl4jYqAyqmFuDVRB8VOk0lIfAXec4aAmC8BJMqsi+iXVb/rZMCHqFVCpNTKxY
8Q08D2AeUwZnJesvuy3IY6vm88IImippSWsifz3vdq+A1JexrtuVqtJJM6ow1CU/
lTBMrbVghdveZXE89cX8xFo40ePfa3lBPbIrkPuXqclqyjFcMpHrvR1mzVi17N3C
OmfTj3Mm/Pn+98M=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:28:29 2025 by rpki-client