Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/QTP9HPRLR1vKvH3CD9nIrRVoVoU.roa
File: QTP9HPRLR1vKvH3CD9nIrRVoVoU.roa (raw, json)
Hash identifier: Q8F51GgmJv9AvFiBrC+DkKiltOFbmO2EgFWBkFGxMjM=
Subject key identifier: 41:33:FD:1C:F4:4B:47:5B:CA:BC:7D:C2:0F:D9:C8:AD:15:68:56:85
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01898C0E7A565EDB0A4A6F7C99C4A66E199A
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/QTP9HPRLR1vKvH3CD9nIrRVoVoU.roa
Signing time: Tue 25 Jul 2023 07:58:26 +0000
ROA not before: Tue 25 Jul 2023 07:58:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 264617
IP address blocks: 45.113.238.0/24 maxlen: 24
147.185.250.0/24 maxlen: 24
43.245.119.0/24 maxlen: 24
193.36.172.0/24 maxlen: 24
193.36.86.0/24 maxlen: 24
147.185.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:0e:7a:56:5e:db:0a:4a:6f:7c:99:c4:a6:6e:19:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jul 25 07:58:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4133fd1cf44b475bcabc7dc20fd9c8ad15685685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:e3:99:85:53:9b:b8:7e:86:7d:3a:84:d5:
9c:a8:fc:f3:fd:10:3a:07:38:b4:29:c2:85:87:08:
39:e5:08:46:7f:ee:05:1d:e5:47:75:ef:b3:7c:aa:
a4:3a:12:e9:13:dd:b6:07:51:b3:4b:5a:ae:72:9b:
2c:87:3a:84:73:53:1d:6d:00:c5:50:2e:02:a5:3e:
cb:56:eb:91:20:bc:8d:87:78:d0:93:e8:b0:11:78:
36:93:fe:58:e2:bf:f2:c9:fd:bc:ad:6a:2e:3e:64:
2f:43:ee:38:ec:36:a6:ba:46:cf:b1:c0:38:b3:4f:
6b:4b:e3:0b:91:bf:0d:35:45:6b:e8:ab:34:5b:6f:
d0:ef:05:35:15:0d:b3:10:1a:4a:e7:d0:97:2f:ce:
7f:07:ac:7b:3f:e2:c7:c6:a7:7e:dc:44:02:db:8a:
f5:4b:d1:6a:a0:27:92:35:c8:78:58:1b:42:2d:30:
f7:74:e7:d1:7f:e9:23:ce:5d:dc:bb:7f:5e:a5:81:
78:b2:09:53:95:21:62:08:af:37:cb:94:bb:66:34:
25:38:b0:f2:67:a7:d3:b5:98:e0:25:19:f7:19:ef:
2e:35:13:cd:84:4e:a8:5b:ba:2a:f5:79:30:6f:fd:
ce:4e:25:a6:13:b8:cf:12:23:09:c2:35:e9:b2:aa:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:33:FD:1C:F4:4B:47:5B:CA:BC:7D:C2:0F:D9:C8:AD:15:68:56:85
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/QTP9HPRLR1vKvH3CD9nIrRVoVoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.245.119.0/24
45.113.238.0/24
147.185.217.0/24
147.185.250.0/24
193.36.86.0/24
193.36.172.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:82:7b:6c:ac:61:24:10:93:60:6d:dc:f4:8b:e1:07:56:33:
59:0e:69:33:89:97:36:be:c8:af:60:4a:85:eb:3f:82:49:64:
29:85:47:f7:ae:db:39:88:87:da:c8:2b:43:32:c8:83:ce:e9:
3d:c5:70:f0:be:9f:61:1a:a9:7c:be:b1:a0:1e:43:43:2c:fc:
30:29:68:e5:d3:f8:a6:a3:cb:7a:15:dc:bf:8b:f0:02:c0:53:
e5:7a:5a:4d:9c:29:dd:6a:36:fd:c6:93:db:33:60:87:05:b0:
0b:5f:2a:cc:cd:24:bf:48:7d:22:90:47:10:14:90:7b:ce:f7:
62:81:5c:e0:0b:12:01:b2:c9:8b:79:73:c3:64:f3:22:17:43:
cc:44:d0:72:b0:18:5d:33:bc:bc:7b:2b:27:f5:db:19:08:ff:
2b:eb:13:af:4d:12:2a:ce:c9:51:71:64:c1:e7:d1:b2:a6:5b:
00:55:51:dc:c1:2e:85:6d:87:c8:40:20:20:4d:cf:ec:c2:c3:
8c:30:58:ab:34:05:47:77:4a:3c:e5:1f:77:62:57:4f:23:c4:
a0:38:b9:b9:26:a2:20:f8:cc:dc:2a:23:a6:5c:3b:15:ce:49:
e1:72:cd:bb:32:47:1c:38:2f:78:6d:f0:a6:99:fd:15:4c:c1:
ea:82:3b:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYmMDnpWXtsKSm98mcSmbhmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwNzI1MDc1ODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMzZmQxY2Y0NGI0NzViY2FiYzdkYzIwZmQ5YzhhZDE1Njg1Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsrjmYVTm7h+hn06hNWcqPzz/RA6
Bzi0KcKFhwg55QhGf+4FHeVHde+zfKqkOhLpE922B1GzS1qucpsshzqEc1MdbQDF
UC4CpT7LVuuRILyNh3jQk+iwEXg2k/5Y4r/yyf28rWouPmQvQ+447DamukbPscA4
s09rS+MLkb8NNUVr6Ks0W2/Q7wU1FQ2zEBpK59CXL85/B6x7P+LHxqd+3EQC24r1
S9FqoCeSNch4WBtCLTD3dOfRf+kjzl3cu39epYF4sglTlSFiCK83y5S7ZjQlOLDy
Z6fTtZjgJRn3Ge8uNRPNhE6oW7oq9Xkwb/3OTiWmE7jPEiMJwjXpsqrQxQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEEz/Rz0S0dbyrx9wg/ZyK0VaFaFMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvUVRQOUhQUkxSMXZLdkgzQ0Q5bklyUlZvVm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAK/V3AwQA
LXHuAwQAk7nZAwQAk7n6AwQAwSRWAwQAwSSsMA0GCSqGSIb3DQEBCwUAA4IBAQCk
gntsrGEkEJNgbdz0i+EHVjNZDmkziZc2vsivYEqF6z+CSWQphUf3rts5iIfayCtD
MsiDzuk9xXDwvp9hGql8vrGgHkNDLPwwKWjl0/imo8t6Fdy/i/ACwFPlelpNnCnd
ajb9xpPbM2CHBbALXyrMzSS/SH0ikEcQFJB7zvdigVzgCxIBssmLeXPDZPMiF0PM
RNBysBhdM7y8eysn9dsZCP8r6xOvTRIqzslRcWTB59GyplsAVVHcwS6FbYfIQCAg
Tc/swsOMMFirNAVHd0o85R93YldPI8SgOLm5JqIg+MzcKiOmXDsVzknhcs27Mkcc
OC94bfCmmf0VTMHqgjvq
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:48:15 2025 by rpki-client