Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/QhCHjF8-lNWKFfNab5Jmp2GMxvg.roa
File: QhCHjF8-lNWKFfNab5Jmp2GMxvg.roa (raw, json)
Hash identifier: G8myUZPm0QPSGXCLODEU9RlABW74n+Ij8lWD3vEno7o=
Subject key identifier: 42:10:87:8C:5F:3E:94:D5:8A:15:F3:5A:6F:92:66:A7:61:8C:C6:F8
Certificate issuer: /CN=1fa8ac37f9695169627f75e098963396de9638cc
Certificate serial: 400912F6
Authority key identifier: 1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/QhCHjF8-lNWKFfNab5Jmp2GMxvg.roa
Signing time: Sat 01 Jan 2022 03:01:32 +0000
ROA not before: Sat 01 Jan 2022 03:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51728
IP address blocks: 185.40.89.0/24 maxlen: 24
185.40.88.0/24 maxlen: 24
185.40.91.0/24 maxlen: 24
185.40.90.0/24 maxlen: 24
146.66.24.0/21 maxlen: 21
91.190.192.0/21 maxlen: 21
80.66.160.0/20 maxlen: 20
2a00:ac00::/32 maxlen: 32
2a00:ac01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1074336502 (0x400912f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa8ac37f9695169627f75e098963396de9638cc
Validity
Not Before: Jan 1 03:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4210878c5f3e94d58a15f35a6f9266a7618cc6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2e:02:ee:aa:9d:cd:b5:7e:74:9c:12:03:b6:
1a:42:0f:62:bd:b6:97:b4:36:b3:58:51:36:ca:36:
11:e8:5c:6f:7d:4f:e6:87:49:af:f3:85:4b:07:9d:
95:fb:08:9f:eb:37:ce:ea:0b:89:c2:06:aa:b6:6d:
14:3b:b6:71:e0:03:7a:ed:71:88:93:75:18:93:fe:
94:62:06:cc:2b:3a:bd:00:41:f2:28:e8:21:05:5c:
26:f0:aa:60:fc:04:ab:ee:47:3d:8d:ba:6f:ef:f2:
70:1c:3a:f0:34:0e:da:8b:54:24:21:ca:ae:bb:6b:
d6:f4:7a:b0:1f:ec:44:a4:f6:69:63:c3:d9:bc:30:
aa:09:37:c1:f0:bb:71:7d:ac:29:85:aa:3c:7a:84:
bc:69:0d:e3:98:02:4c:90:9e:5c:f8:cb:e5:ab:ad:
22:cc:09:91:16:7c:82:4e:68:57:3a:24:3c:50:fd:
3c:53:a2:ae:2a:59:cf:86:2b:fd:fd:cf:ad:e1:28:
7e:11:56:77:71:c4:b4:2e:61:24:c9:54:24:e0:75:
19:04:3d:7e:57:49:f8:77:18:d1:0c:27:ef:b8:3c:
9c:fe:23:9e:9e:4e:1f:8f:26:b8:c4:a1:91:07:66:
e4:41:85:01:f0:80:70:f1:ff:72:b2:cc:57:b0:84:
4f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:10:87:8C:5F:3E:94:D5:8A:15:F3:5A:6F:92:66:A7:61:8C:C6:F8
X509v3 Authority Key Identifier:
keyid:1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/QhCHjF8-lNWKFfNab5Jmp2GMxvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.160.0/20
91.190.192.0/21
146.66.24.0/21
185.40.88.0/22
IPv6:
2a00:ac00::/31
Signature Algorithm: sha256WithRSAEncryption
96:1d:a5:b1:72:b6:f6:91:b1:71:47:c3:ac:76:36:2d:3a:4b:
4c:f5:35:b5:1e:4c:1c:02:86:19:d0:99:cd:94:cc:c4:b8:38:
e3:b1:6e:45:82:bd:71:b8:bd:01:5e:bb:e9:97:05:17:c7:11:
91:b1:49:fd:d8:fa:80:8d:8a:c7:e0:b1:4b:5c:01:cc:57:a6:
84:b1:d4:fb:17:4c:86:7f:3f:60:2f:6d:01:19:a5:b0:57:7f:
c4:fc:7e:f5:ec:d9:a4:08:3d:b3:19:35:4b:d6:cb:dd:86:1f:
77:25:20:9c:58:11:c7:f7:77:d9:a1:f6:25:f2:68:0e:5b:b8:
9b:ad:e9:f3:c1:ce:d7:a7:49:9e:51:99:c0:b1:19:10:44:af:
63:45:4a:c7:13:c7:25:47:b7:aa:8d:e0:a1:5f:31:f6:0c:5b:
e2:40:1c:7c:62:85:8c:cd:0b:e3:9e:0e:41:58:ef:94:af:d5:
59:de:99:a8:19:61:3f:fb:78:90:59:2d:22:4c:fc:ba:bf:30:
1b:5b:b1:29:c0:73:33:50:9d:54:14:ea:3c:f1:44:f0:26:e9:
a6:f4:34:7a:be:04:02:2b:46:4a:ee:ba:50:4a:c2:e3:be:2b:
f3:68:3e:a8:38:80:54:21:6a:c1:6a:85:04:0e:76:7a:00:b6:
b4:6a:eb:81
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEQAkS9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmE4YWMzN2Y5Njk1MTY5NjI3Zjc1ZTA5ODk2MzM5NmRlOTYzOGNjMB4XDTIyMDEw
MTAzMDEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIxMDg3OGM1ZjNl
OTRkNThhMTVmMzVhNmY5MjY2YTc2MThjYzZmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANouAu6qnc21fnScEgO2GkIPYr22l7Q2s1hRNso2Eehcb31P
5odJr/OFSwedlfsIn+s3zuoLicIGqrZtFDu2ceADeu1xiJN1GJP+lGIGzCs6vQBB
8ijoIQVcJvCqYPwEq+5HPY26b+/ycBw68DQO2otUJCHKrrtr1vR6sB/sRKT2aWPD
2bwwqgk3wfC7cX2sKYWqPHqEvGkN45gCTJCeXPjL5autIswJkRZ8gk5oVzokPFD9
PFOiripZz4Yr/f3PreEofhFWd3HEtC5hJMlUJOB1GQQ9fldJ+HcY0Qwn77g8nP4j
np5OH48muMShkQdm5EGFAfCAcPH/crLMV7CET/8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRCEIeMXz6U1YoV81pvkmanYYzG+DAfBgNVHSMEGDAWgBQfqKw3+WlRaWJ/
deCYljOW3pY4zDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g2aXNOX2xwVVdsaWYzWGdtSll6bHQ2V09Ndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvNWJjMWNjLWQwMmMtNDhlZS05OTM1LTAyM2I2YzA3OTNmMS8x
L1FoQ0hqRjgtbE5XS0ZmTmFiNUptcDJHTXh2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
NWJjMWNjLWQwMmMtNDhlZS05OTM1LTAyM2I2YzA3OTNmMS8xL0g2aXNOX2xwVVds
aWYzWGdtSll6bHQ2V09Ndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFBCoAMEA1u+wAMEA5JCGAMEArko
WDANBAIAAjAHAwUBKgCsADANBgkqhkiG9w0BAQsFAAOCAQEAlh2lsXK29pGxcUfD
rHY2LTpLTPU1tR5MHAKGGdCZzZTMxLg447FuRYK9cbi9AV676ZcFF8cRkbFJ/dj6
gI2Kx+CxS1wBzFemhLHU+xdMhn8/YC9tARmlsFd/xPx+9ezZpAg9sxk1S9bL3YYf
dyUgnFgRx/d32aH2JfJoDlu4m63p88HO16dJnlGZwLEZEESvY0VKxxPHJUe3qo3g
oV8x9gxb4kAcfGKFjM0L454OQVjvlK/VWd6ZqBlhP/t4kFktIkz8ur8wG1uxKcBz
M1CdVBTqPPFE8CbppvQ0er4EAitGSu66UErC474r82g+qDiAVCFqwWqFBA52egC2
tGrrgQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:00 2025 by rpki-client