Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EbRZSWR5bHJkmH19GnvSIS33m_k.roa
File: EbRZSWR5bHJkmH19GnvSIS33m_k.roa (raw, json)
Hash identifier: VaAYWqcdPl1wdl/8te9pfeyLHbFHB7gras32IUkwAx0=
Subject key identifier: 11:B4:59:49:64:79:6C:72:64:98:7D:7D:1A:7B:D2:21:2D:F7:9B:F9
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01889AE0048F711792839E5393B09B9D8A3C
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EbRZSWR5bHJkmH19GnvSIS33m_k.roa
Signing time: Thu 08 Jun 2023 11:59:12 +0000
ROA not before: Thu 08 Jun 2023 11:59:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 5.105.166.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.170.0/24 maxlen: 24
5.105.118.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.228.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
193.46.210.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.215.0/24 maxlen: 24
5.105.218.0/24 maxlen: 24
5.105.221.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.7.0/24 maxlen: 24
5.105.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:e0:04:8f:71:17:92:83:9e:53:93:b0:9b:9d:8a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 8 11:59:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11b4594964796c7264987d7d1a7bd2212df79bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:75:5f:24:f1:e1:3e:19:de:eb:3c:1b:4e:2d:
a7:3a:f8:f2:1d:d7:da:1c:09:f1:3f:01:35:8b:fe:
fc:a4:c8:75:15:19:10:e3:ca:33:d4:52:75:62:4b:
cd:76:28:8a:28:a7:ac:b7:ab:86:7b:02:e6:dc:24:
ba:96:e2:56:52:bc:27:d6:77:34:85:70:c7:5b:9c:
61:37:b5:c1:13:b8:d8:dd:f4:a6:06:70:4e:ff:30:
99:83:01:58:34:a4:57:cb:14:8e:d4:f1:0d:8f:48:
0e:67:8a:09:10:f0:9b:c5:f6:42:5a:cb:39:c7:45:
cd:23:99:24:67:15:ab:e9:ff:3f:b2:f6:0f:22:e4:
f7:2a:bb:64:e5:d1:7f:36:4d:7b:05:e5:e7:3c:b5:
32:0a:e5:83:de:46:98:64:78:7c:21:ad:a4:80:3f:
3a:21:d4:a2:c5:26:0a:4c:3b:50:96:9b:c4:1c:2c:
6d:13:ff:f5:ad:df:0f:30:b5:cb:93:d2:f8:2b:4d:
0f:e2:53:88:18:fe:58:64:d1:d5:07:b2:b0:c7:25:
b1:c7:e3:30:0a:f4:8a:ab:83:81:51:69:d6:1c:55:
f7:cb:81:2a:1a:09:01:10:49:77:4f:3e:52:58:ca:
d7:63:e0:2b:c3:93:17:67:85:b2:88:85:67:2b:a6:
76:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B4:59:49:64:79:6C:72:64:98:7D:7D:1A:7B:D2:21:2D:F7:9B:F9
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/EbRZSWR5bHJkmH19GnvSIS33m_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.5.0/24
5.105.7.0/24
5.105.118.0/24
5.105.162.0/24
5.105.166.0/24
5.105.170.0/24
5.105.186.0/23
5.105.198.0/23
5.105.202.0/23
5.105.206.0/24
5.105.215.0-5.105.216.255
5.105.218.0/24
5.105.221.0/24
5.105.228.0/23
5.105.239.0-5.105.240.255
5.105.244.0/23
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
52:a8:2f:02:45:9a:5a:c7:05:3f:7d:7c:4d:6f:30:d1:cc:d0:
79:6f:22:1b:d1:29:12:94:d1:ef:61:e9:ce:3e:fe:f1:91:8c:
e9:eb:78:3b:25:7c:92:b5:fc:d9:29:70:7f:e1:0f:f1:da:4b:
be:37:fa:03:24:c8:41:a2:a5:e9:c3:e0:07:a3:74:4b:ba:27:
cd:b5:cf:99:24:54:b9:5b:8a:66:45:78:76:6b:77:39:b5:4a:
74:05:3a:f9:98:bf:06:a9:4b:07:b3:e1:b8:e7:b3:10:ac:79:
50:3f:5c:24:52:4a:4c:75:af:eb:ea:6c:ea:49:29:73:6a:c9:
90:20:8f:e7:7a:c3:d7:ac:e1:3f:19:e3:c4:e0:4b:88:90:26:
89:16:15:c3:e2:0a:ad:de:3c:4d:95:dd:a7:57:98:2e:f9:b8:
ac:9d:80:af:04:3b:02:26:52:a4:1a:30:20:9b:88:3b:4f:3c:
28:f8:6d:d1:75:06:cc:48:aa:6d:5d:18:27:f2:7e:37:9a:e0:
ee:83:f7:34:9f:6a:89:33:f4:e9:f7:95:46:26:13:55:9c:89:
9f:bd:30:98:4f:84:09:0e:56:fa:73:62:d7:9f:c4:ee:9b:8c:
88:46:12:ad:12:f9:30:d1:7d:a3:17:89:39:5a:41:7a:0e:4d:
2c:2e:a9:82
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYia4ASPcReSg55Tk7CbnYo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA4MTE1OTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWI0NTk0OTY0Nzk2YzcyNjQ5ODdkN2QxYTdiZDIyMTJkZjc5YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXVfJPHhPhne6zwbTi2nOvjyHdfa
HAnxPwE1i/78pMh1FRkQ48oz1FJ1YkvNdiiKKKest6uGewLm3CS6luJWUrwn1nc0
hXDHW5xhN7XBE7jY3fSmBnBO/zCZgwFYNKRXyxSO1PENj0gOZ4oJEPCbxfZCWss5
x0XNI5kkZxWr6f8/svYPIuT3Krtk5dF/Nk17BeXnPLUyCuWD3kaYZHh8Ia2kgD86
IdSixSYKTDtQlpvEHCxtE//1rd8PMLXLk9L4K00P4lOIGP5YZNHVB7KwxyWxx+Mw
CvSKq4OBUWnWHFX3y4EqGgkBEEl3Tz5SWMrXY+Arw5MXZ4WyiIVnK6Z2NwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFBG0WUlkeWxyZJh9fRp70iEt95v5MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRWJSWlNXUjViSEprbUgxOUdudlNJUzMzbV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAAVp
BQMEAAVpBwMEAAVpdgMEAAVpogMEAAVppgMEAAVpqgMEAQVpugMEAQVpxgMEAQVp
ygMEAAVpzjAMAwQABWnXAwQABWnYAwQABWnaAwQABWndAwQBBWnkMAwDBAAFae8D
BAAFafADBAEFafQDBAAFtLADBADBLtIwDQYJKoZIhvcNAQELBQADggEBAFKoLwJF
mlrHBT99fE1vMNHM0HlvIhvRKRKU0e9h6c4+/vGRjOnreDslfJK1/NkpcH/hD/Ha
S743+gMkyEGipenD4AejdEu6J821z5kkVLlbimZFeHZrdzm1SnQFOvmYvwapSwez
4bjnsxCseVA/XCRSSkx1r+vqbOpJKXNqyZAgj+d6w9es4T8Z48TgS4iQJokWFcPi
Cq3ePE2V3adXmC75uKydgK8EOwImUqQaMCCbiDtPPCj4bdF1BsxIqm1dGCfyfjea
4O6D9zSfaokz9On3lUYmE1WciZ+9MJhPhAkOVvpzYtefxO6bjIhGEq0S+TDRfaMX
iTlaQXoOTSwuqYI=
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:05:23 2025 by rpki-client