Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QEEkNbf8LHSY6kJt6H7ofPISlag.roa
File: QEEkNbf8LHSY6kJt6H7ofPISlag.roa (raw, json)
Hash identifier: TfoJ/FMxwW3NY9iXyGl4zLuZBFK+TNJBum/+oyG3mgc=
Subject key identifier: 40:41:24:35:B7:FC:2C:74:98:EA:42:6D:E8:7E:E8:7C:F2:12:95:A8
Certificate issuer: /CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Certificate serial: 01870E858F990641CB4D707C53519130FB47
Authority key identifier: 40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QEEkNbf8LHSY6kJt6H7ofPISlag.roa
Signing time: Thu 23 Mar 2023 12:50:46 +0000
ROA not before: Thu 23 Mar 2023 12:50:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206175
IP address blocks: 62.148.108.0/24 maxlen: 24
62.148.117.0/24 maxlen: 24
62.148.116.0/24 maxlen: 24
62.148.115.0/24 maxlen: 24
62.148.121.0/24 maxlen: 24
62.148.120.0/24 maxlen: 24
62.148.119.0/24 maxlen: 24
62.148.125.0/24 maxlen: 24
62.148.124.0/24 maxlen: 24
62.148.123.0/24 maxlen: 24
62.148.122.0/24 maxlen: 24
62.148.100.0/24 maxlen: 24
62.148.99.0/24 maxlen: 24
62.148.105.0/24 maxlen: 24
62.148.103.0/24 maxlen: 24
62.148.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:85:8f:99:06:41:cb:4d:70:7c:53:51:91:30:fb:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Validity
Not Before: Mar 23 12:50:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40412435b7fc2c7498ea426de87ee87cf21295a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:fd:14:43:05:be:a7:1d:57:87:9d:c8:83:
9a:b8:d0:9a:c8:b1:3e:64:31:23:2b:ad:00:1c:fe:
b5:6f:01:d9:36:1b:55:10:62:45:f9:80:d6:dd:97:
ca:17:64:e6:71:17:42:00:08:a6:9f:2f:9c:80:eb:
9b:31:8b:e9:0a:04:aa:f2:b4:6b:0c:bf:68:81:61:
72:37:e7:ed:3a:28:8e:ab:99:15:8b:a5:e1:c9:7b:
e7:a0:ef:aa:96:ca:cc:a4:c9:46:88:17:a9:96:5c:
b6:f8:52:66:36:ff:17:12:e9:58:e3:a9:ee:a1:ef:
f8:51:72:e7:51:31:01:50:7f:21:ce:46:61:7a:2c:
2a:69:31:74:43:69:ea:f1:58:a3:66:9e:c9:e7:75:
7b:02:ab:47:18:51:ba:0b:f3:6c:20:f2:6d:2a:8c:
c7:6e:aa:fb:f4:1e:ec:68:db:1a:d1:53:17:e3:79:
d3:4b:c2:de:ba:79:79:a2:90:ca:c1:e2:4e:7e:b7:
bd:e5:86:02:e2:6b:79:d3:a5:a1:e4:dc:49:cd:5d:
ac:00:15:73:c5:6c:30:d0:bc:66:f5:4d:12:3d:59:
1f:87:87:b5:a5:7e:f3:6c:2b:c6:52:b8:7a:2e:16:
1d:ee:95:c0:aa:61:89:ce:21:45:c7:ad:7f:90:71:
ee:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:41:24:35:B7:FC:2C:74:98:EA:42:6D:E8:7E:E8:7C:F2:12:95:A8
X509v3 Authority Key Identifier:
keyid:40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QEEkNbf8LHSY6kJt6H7ofPISlag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.99.0-62.148.101.255
62.148.103.0/24
62.148.105.0/24
62.148.108.0/24
62.148.115.0-62.148.117.255
62.148.119.0-62.148.125.255
Signature Algorithm: sha256WithRSAEncryption
34:74:e9:43:45:84:5c:f5:aa:25:ef:32:06:f9:11:83:d0:58:
43:ba:5f:e5:ab:e0:d1:bc:3a:c6:a9:31:f4:8b:c5:1c:a9:eb:
d6:b9:d6:c4:16:71:bf:e9:9e:8d:08:3c:94:7b:62:0c:da:e3:
2c:5a:85:81:a1:8d:36:3a:69:a8:77:53:f1:65:14:a5:cd:80:
b1:2e:5c:22:cc:8f:9c:05:dc:6f:08:c4:e9:da:b9:a5:fb:59:
3d:db:7e:bd:14:ea:d5:90:6c:cd:9a:98:40:cd:1f:15:bd:bd:
75:1e:3b:3a:f6:ae:6b:b6:2e:4e:42:63:9c:d4:0b:46:17:7e:
51:ba:1d:1b:ca:b5:87:fc:88:22:3b:91:f1:c6:cb:d4:8c:48:
68:6f:df:ce:df:03:56:3b:9e:d4:ac:50:34:b1:61:d7:11:c9:
96:41:1f:5a:7b:2c:d7:e6:b2:a7:bd:84:fa:a3:b3:f2:c2:2f:
8c:7f:5a:2d:e2:24:46:14:1f:73:16:8e:4d:b7:e6:a8:78:4e:
3c:f1:bb:84:d5:9f:59:54:8e:65:87:8e:93:2d:a4:2c:4a:f1:
f4:dd:68:37:90:49:2f:6b:21:7a:02:2b:69:82:e9:e1:1a:22:
57:39:31:b0:5e:fe:5c:e7:a1:80:fc:db:bc:d8:4e:bb:7d:35:
14:d8:34:ed
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYcOhY+ZBkHLTXB8U1GRMPtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZWRmYWE5Mzk5YWQzZDU1MzFmYTQ3MWExMmIzYmZl
MzdlMTIwHhcNMjMwMzIzMTI1MDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQxMjQzNWI3ZmMyYzc0OThlYTQyNmRlODdlZTg3Y2YyMTI5NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXr9FEMFvqcdV4edyIOauNCayLE+
ZDEjK60AHP61bwHZNhtVEGJF+YDW3ZfKF2TmcRdCAAimny+cgOubMYvpCgSq8rRr
DL9ogWFyN+ftOiiOq5kVi6XhyXvnoO+qlsrMpMlGiBeplly2+FJmNv8XEulY46nu
oe/4UXLnUTEBUH8hzkZheiwqaTF0Q2nq8VijZp7J53V7AqtHGFG6C/NsIPJtKozH
bqr79B7saNsa0VMX43nTS8Leunl5opDKweJOfre95YYC4mt506Wh5NxJzV2sABVz
xWww0Lxm9U0SPVkfh4e1pX7zbCvGUrh6LhYd7pXAqmGJziFFx61/kHHuiQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEBBJDW3/Cx0mOpCbeh+6HzyEpWoMB8GA1UdIwQY
MBaAFEC/3t+qk5mtPVUx+kcaErO/434SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYt
OGU5ODUxYjdmODExLzEvUUVFa05iZjhMSFNZNmtKdDZIN29mUElTbGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYtOGU5ODUxYjdmODEx
LzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAA+lGMD
BAE+lGQDBAA+lGcDBAA+lGkDBAA+lGwwDAMEAD6UcwMEAT6UdDAMAwQAPpR3AwQB
PpR8MA0GCSqGSIb3DQEBCwUAA4IBAQA0dOlDRYRc9aol7zIG+RGD0FhDul/lq+DR
vDrGqTH0i8UcqevWudbEFnG/6Z6NCDyUe2IM2uMsWoWBoY02Ommod1PxZRSlzYCx
LlwizI+cBdxvCMTp2rml+1k92369FOrVkGzNmphAzR8Vvb11Hjs69q5rti5OQmOc
1AtGF35Ruh0byrWH/IgiO5HxxsvUjEhob9/O3wNWO57UrFA0sWHXEcmWQR9aeyzX
5rKnvYT6o7Pywi+Mf1ot4iRGFB9zFo5Nt+aoeE488buE1Z9ZVI5lh46TLaQsSvH0
3Wg3kEkvayF6AitpgunhGiJXOTGwXv5c56GA/Nu82E67fTUU2DTt
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:34 2025 by rpki-client