Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qfh0GTy6lf5rVgzc3WnS1WTQbgQ.roa
File: qfh0GTy6lf5rVgzc3WnS1WTQbgQ.roa (raw, json)
Hash identifier: +u/5CJkd4oZMDUtuBTmIWHKqWd7ZDWYf11Tn6U4yuss=
Subject key identifier: A9:F8:74:19:3C:BA:95:FE:6B:56:0C:DC:DD:69:D2:D5:64:D0:6E:04
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C8256595649E4B7218C6E9224568010E5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qfh0GTy6lf5rVgzc3WnS1WTQbgQ.roa
Signing time: Tue 19 Dec 2023 13:49:06 +0000
ROA not before: Tue 19 Dec 2023 13:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:56:59:56:49:e4:b7:21:8c:6e:92:24:56:80:10:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 19 13:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f874193cba95fe6b560cdcdd69d2d564d06e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b8:f0:ad:b5:ff:ed:bf:7d:60:0e:26:94:9b:
c2:42:54:4d:51:49:7c:97:bf:55:52:3e:70:1d:df:
33:b4:40:06:f7:b6:4a:1c:2c:48:8d:0a:cd:bb:6d:
96:8b:da:b7:9a:2d:bc:d8:01:f0:3d:a1:bd:0c:3c:
b0:8e:0a:ce:1d:26:39:49:09:70:39:12:b7:49:a5:
ee:46:47:58:ff:b3:95:b8:b5:4e:ae:67:00:3c:4e:
78:4a:89:93:af:1e:b9:15:18:4c:2b:44:96:e6:29:
d8:3b:87:03:63:b7:b6:55:a8:f7:40:b8:ba:27:2b:
0b:fa:a0:33:b5:81:b5:fe:f3:d1:62:27:4d:87:00:
ea:5b:e6:4a:3d:fe:7e:ed:1d:05:77:f7:27:2a:06:
57:25:b6:f6:8d:8c:c6:73:9c:21:35:cd:23:78:d3:
03:ae:f4:d0:1d:5f:df:f9:38:42:44:46:de:39:36:
ab:52:46:48:dc:d2:a6:27:52:80:2a:83:7f:dd:f9:
61:56:94:bc:2a:cb:d4:ad:fb:bc:0b:59:83:a7:ee:
16:a6:83:0a:cc:0b:2d:d6:83:53:7b:6e:0d:aa:a2:
7c:25:de:47:64:0e:45:3e:eb:30:0f:8d:fc:e2:9f:
5d:11:69:ee:58:05:be:e8:61:07:bb:eb:95:28:99:
8b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F8:74:19:3C:BA:95:FE:6B:56:0C:DC:DD:69:D2:D5:64:D0:6E:04
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qfh0GTy6lf5rVgzc3WnS1WTQbgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.126.0/24
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:c1:22:38:80:81:fc:8a:6f:be:d4:4a:f9:66:13:d4:f0:f5:
05:72:19:2f:3e:41:57:41:15:e2:42:32:bb:c9:b8:77:8b:40:
c4:87:61:31:d5:91:ac:2c:ad:f0:06:38:98:f2:2e:e7:08:ea:
6c:42:c1:a3:62:dd:8a:7f:96:2b:20:0b:42:0e:28:5f:c5:59:
21:b1:c0:c5:6b:a5:32:27:df:20:ef:b5:c1:78:d4:f0:39:80:
2a:55:5d:93:3f:ff:c0:cb:e0:1c:5f:fd:27:d0:c0:1d:d8:bf:
bc:29:46:38:8c:33:4a:4d:14:e3:a3:b1:64:9b:1d:73:d0:a1:
79:8a:c8:1d:8d:82:8b:1e:94:8e:7a:f8:86:f7:d9:10:da:93:
63:b3:f0:52:6a:d0:c2:42:8a:70:50:a1:66:23:84:d7:40:4f:
d7:6a:20:6e:a0:b0:df:66:b7:cc:89:16:9f:16:ff:54:4c:5c:
90:9a:37:47:a6:ad:71:d1:8f:f5:3e:a6:57:a1:f2:cc:7c:94:
a0:c6:ac:c2:d9:ac:6b:66:1b:c7:98:c7:3a:39:82:de:cf:99:
22:5d:b5:29:8d:96:97:c7:f4:56:43:84:e2:0c:fe:de:eb:f8:
6d:bc:9f:58:e7:bd:3c:f5:36:6c:e9:55:e2:e7:3c:89:4a:a2:
b8:0a:7d:91
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYyCVllWSeS3IYxukiRWgBDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE5MTM0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY4NzQxOTNjYmE5NWZlNmI1NjBjZGNkZDY5ZDJkNTY0ZDA2ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrjwrbX/7b99YA4mlJvCQlRNUUl8
l79VUj5wHd8ztEAG97ZKHCxIjQrNu22Wi9q3mi282AHwPaG9DDywjgrOHSY5SQlw
ORK3SaXuRkdY/7OVuLVOrmcAPE54SomTrx65FRhMK0SW5inYO4cDY7e2Vaj3QLi6
JysL+qAztYG1/vPRYidNhwDqW+ZKPf5+7R0Fd/cnKgZXJbb2jYzGc5whNc0jeNMD
rvTQHV/f+ThCREbeOTarUkZI3NKmJ1KAKoN/3flhVpS8KsvUrfu8C1mDp+4WpoMK
zAst1oNTe24NqqJ8Jd5HZA5FPuswD4384p9dEWnuWAW+6GEHu+uVKJmL4wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKn4dBk8upX+a1YM3N1p0tVk0G4EMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWZoMEdUeTZsZjVyVmd6YzNXblMxV1RRYmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQA
Uah+AwQCUpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBADvBIjiAgfyKb77USvlmE9Tw9QVyGS8+QVdBFeJC
MrvJuHeLQMSHYTHVkawsrfAGOJjyLucI6mxCwaNi3Yp/lisgC0IOKF/FWSGxwMVr
pTIn3yDvtcF41PA5gCpVXZM//8DL4Bxf/SfQwB3Yv7wpRjiMM0pNFOOjsWSbHXPQ
oXmKyB2NgoselI56+Ib32RDak2Oz8FJq0MJCinBQoWYjhNdAT9dqIG6gsN9mt8yJ
Fp8W/1RMXJCaN0emrXHRj/U+pleh8sx8lKDGrMLZrGtmG8eYxzo5gt7PmSJdtSmN
lpfH9FZDhOIM/t7r+G28n1jnvTz1NmzpVeLnPIlKorgKfZE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:30 2025 by rpki-client