Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QNTCb0lYZE-ndOY8iti13ea5ZfU.roa
File: QNTCb0lYZE-ndOY8iti13ea5ZfU.roa (raw, json)
Hash identifier: SSG7wOikVxZa9oMhTJdx1YIH+f5qzNeceb+y2ySW2io=
Subject key identifier: 40:D4:C2:6F:49:58:64:4F:A7:74:E6:3C:8A:D8:B5:DD:E6:B9:65:F5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 027F00F1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QNTCb0lYZE-ndOY8iti13ea5ZfU.roa
Signing time: Fri 25 Mar 2022 07:39:19 +0000
ROA not before: Fri 25 Mar 2022 07:39:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.154.230.0/24 maxlen: 24
45.130.253.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.157.37.0/24 maxlen: 24
45.153.219.0/24 maxlen: 24
45.147.31.0/24 maxlen: 24
45.147.30.0/24 maxlen: 24
45.95.98.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
45.91.211.0/24 maxlen: 24
45.91.208.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
91.212.107.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
193.41.39.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
2a0f:ac00::/29 maxlen: 29
2a0f:e1c2::/32 maxlen: 32
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:e1c0::/32 maxlen: 32
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0e:2440::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:a02::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:e6c0:123::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41877745 (0x27f00f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 25 07:39:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40d4c26f4958644fa774e63c8ad8b5dde6b965f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:cc:dc:c6:31:04:df:a0:0f:bc:f5:99:a1:
cb:82:0d:da:00:30:ad:ad:15:dd:1a:96:37:5f:fa:
c3:8c:03:80:d7:a0:61:e7:35:83:b2:c5:bc:04:46:
dd:40:b2:9d:9d:79:83:dd:bf:b7:6f:8d:d1:d0:27:
3b:ff:11:28:ad:8e:eb:a2:64:ef:15:d3:51:55:b4:
06:f6:b7:f0:cb:09:66:77:85:85:ec:bb:e7:0c:f4:
c5:1f:9e:4b:2a:4e:a4:b6:bb:2a:ae:f0:fa:7e:e0:
df:8b:f6:1c:06:4e:ac:73:65:2e:5a:ca:74:53:c8:
22:fd:ba:88:d8:5d:46:34:c1:15:7a:4f:74:30:32:
42:07:75:85:84:42:35:09:4f:6e:7f:df:1d:6c:13:
f4:f4:b9:c3:89:33:eb:8d:cc:0d:3b:ed:f0:a6:9a:
85:89:a9:95:ab:76:8d:e0:3c:c9:d3:9f:2e:8b:08:
57:a0:88:0d:5a:a8:6f:76:27:71:a7:d7:7b:07:2c:
1d:80:9b:bc:fe:2b:39:62:7f:50:c3:26:37:61:d3:
8d:fc:d7:78:24:c2:b7:85:d5:94:e6:1b:be:38:d3:
9a:fe:f4:f3:0e:9b:d2:d6:38:cb:fa:60:cf:8a:cf:
eb:3b:ce:61:d8:0e:df:33:0c:0b:2f:2b:be:83:28:
04:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D4:C2:6F:49:58:64:4F:A7:74:E6:3C:8A:D8:B5:DD:E6:B9:65:F5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QNTCb0lYZE-ndOY8iti13ea5ZfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.91.208.0/24
45.91.211.0/24
45.95.98.0/24
45.128.77.0/24
45.130.253.0/24
45.137.41.0/24
45.137.86.0/24
45.147.30.0/23
45.152.197.0/24
45.153.21.0/24
45.153.23.0/24
45.153.219.0/24
45.154.230.0/24
45.157.37.0-45.157.38.255
45.158.197.0/24
91.212.107.0/24
113.30.152.0/22
185.164.59.0/24
193.39.209.0/24
193.41.39.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c2::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e6c0:123::/48
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
3a:55:32:e6:d1:87:04:83:3b:7b:e6:d7:25:05:14:07:54:aa:
cb:4a:81:71:79:d6:e6:e8:db:5b:89:b4:ff:72:c4:62:ee:6b:
75:71:14:77:e3:b6:4e:87:e8:07:4e:41:25:33:cc:99:15:44:
30:ad:d1:68:09:bb:f9:38:b8:a4:43:84:a1:49:c2:d3:9c:eb:
61:03:5a:62:5a:55:69:ea:01:d1:8d:cf:9e:49:b5:15:37:5b:
e5:73:b6:ca:5d:e0:69:51:96:67:9c:0e:29:e1:5b:93:dd:ca:
39:4f:23:1f:77:43:56:d5:ee:a5:e8:fe:78:da:29:aa:4c:a7:
ff:ca:a4:d0:cd:63:be:31:52:da:c8:f7:19:89:ae:75:1c:c9:
6f:16:e8:06:02:45:1b:25:08:a9:16:89:61:91:df:7a:07:f9:
0b:a8:93:34:0c:76:ab:3b:8e:60:0d:30:f2:49:0f:27:a8:12:
16:80:91:4b:43:a4:85:4f:fd:76:a8:7d:fd:72:40:39:6c:54:
04:d0:1b:ba:7f:66:49:70:db:fe:0b:01:93:06:9e:00:29:36:
b1:b9:52:a2:8a:9c:dd:cf:ef:1e:ff:e7:ec:b4:fd:b1:10:00:
d8:d3:a4:53:59:65:72:bb:ad:39:e3:b7:91:4c:12:19:eb:2d:
62:d7:a1:ed
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgIEAn8A8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDMy
NTA3MzkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBkNGMyNmY0OTU4
NjQ0ZmE3NzRlNjNjOGFkOGI1ZGRlNmI5NjVmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLVzNzGMQTfoA+89Zmhy4IN2gAwra0V3RqWN1/6w4wDgNeg
Yec1g7LFvARG3UCynZ15g92/t2+N0dAnO/8RKK2O66Jk7xXTUVW0Bva38MsJZneF
hey75wz0xR+eSypOpLa7Kq7w+n7g34v2HAZOrHNlLlrKdFPIIv26iNhdRjTBFXpP
dDAyQgd1hYRCNQlPbn/fHWwT9PS5w4kz643MDTvt8KaahYmplat2jeA8ydOfLosI
V6CIDVqob3YncafXewcsHYCbvP4rOWJ/UMMmN2HTjfzXeCTCt4XVlOYbvjjTmv70
8w6b0tY4y/pgz4rP6zvOYdgO3zMMCy8rvoMoBAMCAwEAAaOCAy4wggMqMB0GA1Ud
DgQWBBRA1MJvSVhkT6d05jyK2LXd5rll9TAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L1FOVENiMGxZWkUtbmRPWThpdGkxM2VhNVpmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUIGCCsGAQUFBwEHAQH/BIIBMTCCAS0wgZ8EAgABMIGYAwQALQ26AwQALVvQAwQA
LVvTAwQALV9iAwQALYBNAwQALYL9AwQALYkpAwQALYlWAwQBLZMeAwQALZjFAwQA
LZkVAwQALZkXAwQALZnbAwQALZrmMAwDBAAtnSUDBAAtnSYDBAAtnsUDBABb1GsD
BAJxHpgDBAC5pDsDBADBJ9EDBADBKScDBAHBbwQDBAHBbxIDBADCISAwgYgEAgAC
MIGBAwcAKg4iQAACAwUDKg4kQAMFAyoO6YADBwAqDvIAAAIwDgMFASoPCgIDBQAq
DwoEAwUDKg8fgAMFAyoPrAADBQMqD9pAAwUDKg/awAMFACoP4UMDBQAqD+HAAwUA
Kg/hwgMFACoP4ccDBwAqD+YAAAEDBwAqD+bAASMDBQMqD+lAMA0GCSqGSIb3DQEB
CwUAA4IBAQA6VTLm0YcEgzt75tclBRQHVKrLSoFxedbm6NtbibT/csRi7mt1cRR3
47ZOh+gHTkElM8yZFUQwrdFoCbv5OLikQ4ShScLTnOthA1piWlVp6gHRjc+eSbUV
N1vlc7bKXeBpUZZnnA4p4VuT3co5TyMfd0NW1e6l6P542imqTKf/yqTQzWO+MVLa
yPcZia51HMlvFugGAkUbJQipFolhkd96B/kLqJM0DHarO45gDTDySQ8nqBIWgJFL
Q6SFT/12qH39ckA5bFQE0Bu6f2ZJcNv+CwGTBp4AKTaxuVKiipzdz+8e/+fstP2x
EADY06RTWWVyu60547eRTBIZ6y1i16Ht
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:08 2025 by rpki-client