Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tQhxfX0_BPlV2AvvnvbeWJ6p4mg.roa
File: tQhxfX0_BPlV2AvvnvbeWJ6p4mg.roa (raw, json)
Hash identifier: TLclMLZYaKGv1XaDN2kCRkq6me+i/CW9zUwjaHGAMRQ=
Subject key identifier: B5:08:71:7D:7D:3F:04:F9:55:D8:0B:EF:9E:F6:DE:58:9E:A9:E2:68
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0268246D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tQhxfX0_BPlV2AvvnvbeWJ6p4mg.roa
Signing time: Fri 18 Mar 2022 11:50:08 +0000
ROA not before: Fri 18 Mar 2022 11:50:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 45.95.98.0/24 maxlen: 24
193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
45.91.211.0/24 maxlen: 24
45.91.208.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.154.230.0/24 maxlen: 24
45.130.253.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
193.41.39.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.157.37.0/24 maxlen: 24
45.153.219.0/24 maxlen: 24
45.147.31.0/24 maxlen: 24
45.147.30.0/24 maxlen: 24
45.153.218.0/24 maxlen: 24
2a0e:e980::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a0f:e1c2::/32 maxlen: 32
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:a02::/32 maxlen: 32
2a0f:e1c0::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0e:2440::/29 maxlen: 29
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40379501 (0x268246d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 18 11:50:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b508717d7d3f04f955d80bef9ef6de589ea9e268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5d:2b:5b:f2:8d:71:d3:a1:ac:51:78:a9:c4:
e7:e1:29:43:25:a8:07:a2:f7:79:bb:a0:b2:35:7b:
5a:a5:8d:69:53:bb:ab:b3:c2:04:90:f0:bb:a8:e4:
93:e9:27:a9:ed:9e:21:d0:b6:89:8e:0f:82:dd:d6:
b1:5a:f1:cb:b1:62:0c:77:a3:21:01:f0:55:4b:43:
b3:48:18:20:ae:e1:09:81:72:25:26:ad:44:31:70:
c7:f5:f9:d6:a5:26:3b:27:6b:8a:1f:29:9e:09:62:
b4:d5:a5:3d:cf:fe:d0:85:21:0a:cf:2d:f8:48:a0:
5a:3a:bf:e2:29:2d:6e:56:26:74:aa:51:12:9c:7d:
3a:6c:18:d1:99:f3:42:6f:3b:99:43:fa:6a:46:fc:
ce:1e:97:37:b3:14:40:cc:d7:cb:c8:39:09:f8:6b:
74:d1:fb:cf:2f:c6:0c:40:39:5f:e5:70:0c:8f:e8:
6c:81:4c:20:ac:57:49:c3:41:98:cd:9d:53:23:8a:
c8:03:68:85:1a:0a:dd:af:01:07:3c:46:0c:b6:e7:
eb:00:d0:dd:20:6a:d8:bd:f1:d2:32:aa:6e:fb:cb:
e7:84:ba:dd:96:24:c7:ae:ad:63:a6:3c:a3:6f:8a:
d7:78:cf:23:a7:80:52:78:f0:66:2f:c7:f3:8b:33:
d8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:08:71:7D:7D:3F:04:F9:55:D8:0B:EF:9E:F6:DE:58:9E:A9:E2:68
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tQhxfX0_BPlV2AvvnvbeWJ6p4mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.91.208.0/24
45.91.211.0/24
45.95.98.0/24
45.128.77.0/24
45.130.253.0/24
45.137.41.0/24
45.137.86.0/24
45.147.30.0/23
45.152.197.0/24
45.153.21.0/24
45.153.23.0/24
45.153.218.0/23
45.154.230.0/24
45.157.37.0-45.157.38.255
45.158.197.0/24
113.30.152.0/22
185.164.59.0/24
193.39.209.0/24
193.41.39.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c2::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
62:c7:08:50:38:29:59:aa:ed:8f:ff:10:d2:5d:95:99:f0:b8:
b6:aa:ae:13:c0:87:9f:fc:74:df:48:ea:b1:8e:8c:bd:ce:5f:
8d:c6:9e:37:6d:6e:d4:c5:ed:8f:e6:42:98:2c:4e:e2:fd:95:
d5:1a:12:d9:f8:06:65:71:e6:91:60:4c:db:b7:15:3e:bf:9c:
b7:8a:ff:4a:66:03:63:c5:b0:42:f9:e0:9f:7a:bd:3e:3b:13:
f7:43:07:5d:c2:6b:47:e8:9b:84:c8:a6:b3:cb:dd:c3:cc:f2:
1c:a8:3f:9e:89:e1:67:e6:f2:de:68:6f:f0:2d:ea:e3:b0:b6:
2f:c3:5c:dc:23:10:ad:c6:0b:5f:90:b1:96:f1:52:9a:2f:fd:
a7:66:f1:d4:65:62:28:ef:dd:45:34:5f:a6:c8:63:af:a0:e7:
91:01:67:dd:b1:55:12:7d:b8:93:30:74:f1:c2:85:17:0b:c6:
7f:be:ac:4b:dc:2b:b0:2c:c1:cf:74:d8:d6:c5:9c:38:27:5c:
84:00:66:83:32:bc:f0:ef:46:9b:c7:03:85:8d:ef:d7:e8:ea:
ab:69:3d:60:82:5e:4e:dc:3f:0c:98:98:40:41:7b:ea:7b:5a:
48:e9:18:09:ad:1f:e6:05:07:dd:e8:78:57:8f:ce:88:88:d7:
8d:8e:69:98
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgIEAmgkbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDMx
ODExNTAwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUwODcxN2Q3ZDNm
MDRmOTU1ZDgwYmVmOWVmNmRlNTg5ZWE5ZTI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNdK1vyjXHToaxReKnE5+EpQyWoB6L3ebugsjV7WqWNaVO7
q7PCBJDwu6jkk+knqe2eIdC2iY4Pgt3WsVrxy7FiDHejIQHwVUtDs0gYIK7hCYFy
JSatRDFwx/X51qUmOydrih8pnglitNWlPc/+0IUhCs8t+EigWjq/4iktblYmdKpR
Epx9OmwY0ZnzQm87mUP6akb8zh6XN7MUQMzXy8g5CfhrdNH7zy/GDEA5X+VwDI/o
bIFMIKxXScNBmM2dUyOKyANohRoK3a8BBzxGDLbn6wDQ3SBq2L3x0jKqbvvL54S6
3ZYkx66tY6Y8o2+K13jPI6eAUnjwZi/H84sz2K8CAwEAAaOCAx0wggMZMB0GA1Ud
DgQWBBS1CHF9fT8E+VXYC++e9t5YnqniaDAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L3RRaHhmWDBfQlBsVjJBdnZudmJlV0o2cDRtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATEGCCsGAQUFBwEHAQH/BIIBIDCCARwwgZkEAgABMIGSAwQALQ26AwQALVvQAwQA
LVvTAwQALV9iAwQALYBNAwQALYL9AwQALYkpAwQALYlWAwQBLZMeAwQALZjFAwQA
LZkVAwQALZkXAwQBLZnaAwQALZrmMAwDBAAtnSUDBAAtnSYDBAAtnsUDBAJxHpgD
BAC5pDsDBADBJ9EDBADBKScDBAHBbwQDBAHBbxIDBADCISAwfgQCAAIweAMHACoO
IkAAAgMFAyoOJEADBQMqDumAAwcAKg7yAAACMA4DBQEqDwoCAwUAKg8KBAMFAyoP
H4ADBQMqD6wAAwUDKg/aQAMFAyoP2sADBQAqD+FDAwUAKg/hwAMFACoP4cIDBQAq
D+HHAwcAKg/mAAABAwUDKg/pQDANBgkqhkiG9w0BAQsFAAOCAQEAYscIUDgpWart
j/8Q0l2VmfC4tqquE8CHn/x030jqsY6Mvc5fjcaeN21u1MXtj+ZCmCxO4v2V1RoS
2fgGZXHmkWBM27cVPr+ct4r/SmYDY8WwQvngn3q9PjsT90MHXcJrR+ibhMims8vd
w8zyHKg/nonhZ+by3mhv8C3q47C2L8Nc3CMQrcYLX5CxlvFSmi/9p2bx1GViKO/d
RTRfpshjr6DnkQFn3bFVEn24kzB08cKFFwvGf76sS9wrsCzBz3TY1sWcOCdchABm
gzK88O9Gm8cDhY3v1+jqq2k9YIJeTtw/DJiYQEF76ntaSOkYCa0f5gUH3eh4V4/O
iIjXjY5pmA==
-----END CERTIFICATE-----
Generated at Sun May 11 16:27:00 2025 by rpki-client