Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/QDztFLV9xUEMR45D-cYt2EyYPag.roa
File: QDztFLV9xUEMR45D-cYt2EyYPag.roa (raw, json)
Hash identifier: jZ+KR4yLUniPJ0C4OFegF+3e9/bV977yCUZ1maVmgpc=
Subject key identifier: 40:3C:ED:14:B5:7D:C5:41:0C:47:8E:43:F9:C6:2D:D8:4C:98:3D:A8
Certificate issuer: /CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Certificate serial: 06A09F26
Authority key identifier: 7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/QDztFLV9xUEMR45D-cYt2EyYPag.roa
Signing time: Sat 01 Jan 2022 03:57:32 +0000
ROA not before: Sat 01 Jan 2022 03:57:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 178.240.0.0/13 maxlen: 24
31.140.0.0/14 maxlen: 24
176.237.0.0/16 maxlen: 24
5.27.0.0/19 maxlen: 24
213.43.0.0/16 maxlen: 24
176.91.0.0/16 maxlen: 17
141.196.0.0/16 maxlen: 24
176.239.0.0/16 maxlen: 24
86.108.128.0/17 maxlen: 24
5.26.0.0/16 maxlen: 24
176.90.0.0/15 maxlen: 24
176.227.0.0/17 maxlen: 24
188.56.0.0/14 maxlen: 24
5.24.0.0/14 maxlen: 24
176.238.0.0/16 maxlen: 24
5.11.128.0/17 maxlen: 24
176.89.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111189798 (0x6a09f26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Validity
Not Before: Jan 1 03:57:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=403ced14b57dc5410c478e43f9c62dd84c983da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c0:de:29:12:b5:95:53:fe:ec:49:ed:89:1d:
59:08:0c:14:10:78:3e:e1:e5:b7:4d:4f:a1:5f:8d:
6d:1e:4e:6d:66:27:46:44:a0:9e:df:1a:ce:a3:a1:
dd:eb:ca:78:70:33:37:4a:bb:71:55:f3:b6:9e:bc:
ad:f2:73:2e:e5:3e:e0:ae:83:cb:98:59:97:a0:86:
99:c7:05:7b:7e:9c:a4:86:07:0d:e8:75:05:fd:91:
5a:b3:13:0d:38:af:6f:2f:94:27:bf:f6:8d:79:2f:
98:5a:65:d9:b4:ca:fe:7c:fd:70:52:2d:c0:da:d0:
b7:eb:29:ba:df:1d:d1:4c:9b:b6:db:5e:81:94:87:
b2:b6:3a:95:f7:01:34:85:f9:d3:c3:00:62:a2:c7:
4a:33:96:2b:5d:e2:a5:f1:b6:1d:28:84:19:30:4e:
3c:cb:53:8f:bb:f4:39:bd:57:3b:81:ef:b4:6e:50:
47:ee:11:52:34:35:46:ee:08:67:a5:ef:e4:72:85:
0c:97:22:09:ed:be:41:cc:c4:68:b7:a8:e6:fc:74:
0d:b8:61:a9:e0:0e:8e:e7:b4:7e:94:4f:15:59:73:
6d:7c:ec:36:97:cf:5d:b1:62:1c:cc:5b:16:eb:3b:
5c:ab:36:73:9f:0c:ef:5a:f6:6e:7f:57:7d:62:58:
ec:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3C:ED:14:B5:7D:C5:41:0C:47:8E:43:F9:C6:2D:D8:4C:98:3D:A8
X509v3 Authority Key Identifier:
keyid:7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/QDztFLV9xUEMR45D-cYt2EyYPag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.128.0/17
5.24.0.0/14
31.140.0.0/14
86.108.128.0/17
141.196.0.0/16
176.89.0.0-176.91.255.255
176.227.0.0/17
176.237.0.0-176.239.255.255
178.240.0.0/13
188.56.0.0/14
213.43.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:07:7a:3f:09:bb:8b:56:82:11:14:f5:f6:05:30:b4:22:f7:
14:48:0d:4f:10:3f:bf:28:c0:1f:eb:d4:fd:63:53:7d:7f:32:
c2:ec:d7:25:52:bb:66:89:15:af:35:12:76:d8:65:0b:11:c8:
df:a4:2a:2f:19:8e:a5:71:23:1a:68:48:0b:b3:4b:8f:54:68:
d1:16:a5:ff:7d:7d:b8:62:cf:90:8f:97:a6:2e:e2:6d:45:d2:
5c:e0:3d:04:76:bb:14:c1:85:ca:a5:88:5e:9a:11:11:6e:2c:
b3:09:f9:e9:a4:05:9d:8d:14:ba:a5:c7:37:8f:9b:d7:83:42:
af:37:fb:10:06:91:8d:72:cd:23:dc:44:83:62:1c:97:fe:ee:
4b:e7:d3:76:f5:55:43:7d:50:e0:7c:18:62:09:e3:16:95:49:
f4:d3:93:cf:3d:18:34:ef:c2:79:bf:06:ce:6b:ee:90:0b:95:
82:b1:c4:7f:4c:10:59:aa:bb:51:80:27:68:ae:52:de:5c:11:
55:f3:d4:a8:d5:19:50:02:64:49:81:0e:b6:0b:a1:66:30:1f:
78:01:7e:97:9e:5b:1a:e5:0b:81:d8:af:a0:68:f6:1d:7b:ac:
80:1e:33:74:2e:be:c1:17:67:34:d9:a5:96:b5:93:e0:b8:8f:
93:18:a9:f5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEBqCfJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWM2NWExZGNmODIyNWU3ZjEwYmUyMGRkZGUxZTIxNmU4MDBiNjdjMB4XDTIyMDEw
MTAzNTczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAzY2VkMTRiNTdk
YzU0MTBjNDc4ZTQzZjljNjJkZDg0Yzk4M2RhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHA3ikStZVT/uxJ7YkdWQgMFBB4PuHlt01PoV+NbR5ObWYn
RkSgnt8azqOh3evKeHAzN0q7cVXztp68rfJzLuU+4K6Dy5hZl6CGmccFe36cpIYH
Deh1Bf2RWrMTDTivby+UJ7/2jXkvmFpl2bTK/nz9cFItwNrQt+sput8d0Uybttte
gZSHsrY6lfcBNIX508MAYqLHSjOWK13ipfG2HSiEGTBOPMtTj7v0Ob1XO4HvtG5Q
R+4RUjQ1Ru4IZ6Xv5HKFDJciCe2+QczEaLeo5vx0DbhhqeAOjue0fpRPFVlzbXzs
NpfPXbFiHMxbFus7XKs2c58M71r2bn9XfWJY7C8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBRAPO0UtX3FQQxHjkP5xi3YTJg9qDAfBgNVHSMEGDAWgBR+xlodz4Il5/EL
4g3d4eIW6AC2fDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZzWmFIYy1DSmVmeEMtSU4zZUhpRnVnQXRudy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOGU3Nzg1LTk0NTEtNDZmYi1iMjQ0LTdkOWI4MjMwNTM3ZS8x
L1FEenRGTFY5eFVFTVI0NUQtY1l0MkV5WVBhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OGU3Nzg1LTk0NTEtNDZmYi1iMjQ0LTdkOWI4MjMwNTM3ZS8xL2ZzWmFIYy1DSmVm
eEMtSU4zZUhpRnVnQXRudy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEBwULgAMDAgUYAwMCH4wDBAdWbIAD
AwCNxDAKAwMAsFkDAwKwWAMEB7DjADAKAwMAsO0DAwSw4AMDA7LwAwMCvDgDAwDV
KzANBgkqhkiG9w0BAQsFAAOCAQEAlQd6Pwm7i1aCERT19gUwtCL3FEgNTxA/vyjA
H+vU/WNTfX8ywuzXJVK7ZokVrzUSdthlCxHI36QqLxmOpXEjGmhIC7NLj1Ro0Ral
/319uGLPkI+Xpi7ibUXSXOA9BHa7FMGFyqWIXpoREW4sswn56aQFnY0UuqXHN4+b
14NCrzf7EAaRjXLNI9xEg2Icl/7uS+fTdvVVQ31Q4HwYYgnjFpVJ9NOTzz0YNO/C
eb8GzmvukAuVgrHEf0wQWaq7UYAnaK5S3lwRVfPUqNUZUAJkSYEOtguhZjAfeAF+
l55bGuULgdivoGj2HXusgB4zdC6+wRdnNNmllrWT4LiPkxip9Q==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:46:05 2025 by rpki-client