Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/qpyRitwn7mHAV2f6Otz-3nrV6Yk.roa
File: qpyRitwn7mHAV2f6Otz-3nrV6Yk.roa (raw, json)
Hash identifier: 9q4Aq+tvCwAjr8YUnqGuwenFx6lLkizHg88Re04qNXk=
Subject key identifier: AA:9C:91:8A:DC:27:EE:61:C0:57:67:FA:3A:DC:FE:DE:7A:D5:E9:89
Certificate issuer: /CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Certificate serial: 092FBDE2
Authority key identifier: CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/qpyRitwn7mHAV2f6Otz-3nrV6Yk.roa
Signing time: Sat 01 Jan 2022 15:02:05 +0000
ROA not before: Sat 01 Jan 2022 15:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8280
IP address blocks: 185.51.132.0/22 maxlen: 24
185.51.135.0/24 maxlen: 24
185.51.133.0/24 maxlen: 24
46.227.56.0/21 maxlen: 24
46.227.58.0/24 maxlen: 24
46.227.57.0/24 maxlen: 24
46.227.60.0/24 maxlen: 24
46.227.59.0/24 maxlen: 24
46.227.61.0/24 maxlen: 24
46.227.63.0/24 maxlen: 24
46.227.62.0/24 maxlen: 24
78.108.32.0/20 maxlen: 24
78.108.37.0/24 maxlen: 24
78.108.36.0/24 maxlen: 24
78.108.38.0/24 maxlen: 24
78.108.33.0/24 maxlen: 24
78.108.32.0/24 maxlen: 24
78.108.35.0/24 maxlen: 24
78.108.34.0/24 maxlen: 24
78.108.40.0/24 maxlen: 24
78.108.39.0/24 maxlen: 24
78.108.42.0/24 maxlen: 24
78.108.41.0/24 maxlen: 24
78.108.44.0/24 maxlen: 24
78.108.43.0/24 maxlen: 24
78.108.45.0/24 maxlen: 24
78.108.47.0/24 maxlen: 24
78.108.46.0/24 maxlen: 24
2001:1548:7006::/48 maxlen: 48
2001:1548:7001::/48 maxlen: 48
2001:1548::/29 maxlen: 29
2001:1548:7010::/48 maxlen: 48
2001:1548:7009::/48 maxlen: 48
2001:1548:7004::/48 maxlen: 48
2001:1548:7007::/48 maxlen: 48
2001:1548:7002::/48 maxlen: 48
2001:1548:7011::/48 maxlen: 48
2001:1548:7005::/48 maxlen: 48
2001:1548:7000::/48 maxlen: 48
2001:1548:7003::/48 maxlen: 48
2001:1548:7008::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154123746 (0x92fbde2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Validity
Not Before: Jan 1 15:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa9c918adc27ee61c05767fa3adcfede7ad5e989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:bf:5d:cc:8a:53:5f:0d:89:e6:40:67:de:
b9:e3:ad:b3:2d:eb:1c:1d:e6:24:15:70:c7:31:d8:
13:1d:b4:55:8d:70:30:2f:63:a0:a9:7b:3a:bc:39:
95:36:50:ef:18:7c:73:0b:b1:d2:a1:e7:48:18:33:
10:6d:39:41:9b:dc:ca:da:fe:83:71:73:32:9e:3b:
5b:13:5d:6a:64:ca:39:66:cb:85:8e:70:31:58:a4:
fe:26:c8:b7:87:fd:a6:b8:a6:d1:a6:83:87:ac:09:
4b:f3:66:36:a4:ca:31:f7:ad:a2:74:14:7f:3c:f3:
62:01:87:ea:17:15:27:f5:94:05:08:a9:fa:d1:9c:
ac:dd:b6:40:b8:d3:d8:38:d8:3d:d3:ee:29:a5:0a:
c5:28:a3:97:68:98:13:76:40:91:9d:50:1f:13:7f:
20:3a:23:23:45:b3:90:81:e2:68:a5:43:22:87:17:
2e:1d:fd:4e:17:5e:28:ed:28:b6:c0:e9:94:84:1a:
55:c6:dd:7e:4a:59:db:08:fb:a7:4e:e6:52:93:4b:
d0:0a:1c:7f:ec:0f:20:9a:80:9d:34:c9:2f:15:94:
60:f0:c3:70:f1:00:91:48:b9:02:35:ae:e7:1d:ce:
69:96:27:54:65:93:08:41:b5:8b:87:50:35:f4:00:
a7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9C:91:8A:DC:27:EE:61:C0:57:67:FA:3A:DC:FE:DE:7A:D5:E9:89
X509v3 Authority Key Identifier:
keyid:CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/qpyRitwn7mHAV2f6Otz-3nrV6Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.56.0/21
78.108.32.0/20
185.51.132.0/22
IPv6:
2001:1548::/29
Signature Algorithm: sha256WithRSAEncryption
00:2a:6f:21:97:04:b6:15:c4:a8:07:67:0b:2e:1a:97:5e:65:
1d:68:f2:76:68:ae:61:e4:19:72:c3:8e:a8:4b:a4:48:a1:5a:
a8:b9:85:85:91:ed:51:20:11:6a:92:40:ea:64:c3:2c:50:23:
8e:ac:fc:86:d5:63:32:b8:70:1d:4a:f6:32:c1:84:81:cd:70:
a7:ec:11:1d:7b:92:17:b0:66:9f:94:9d:90:36:22:95:37:07:
70:72:ba:d3:98:83:cd:7e:ce:9a:25:32:a4:a5:7a:1f:a6:bc:
fd:c1:37:86:d7:0e:de:31:cb:fc:3e:80:0e:89:3a:33:98:b2:
a0:15:7b:af:97:d3:3b:e5:89:c1:5d:aa:e4:60:ed:29:2c:4b:
62:e0:cb:fd:47:e1:39:4f:e3:73:25:96:af:68:fa:dc:d9:7c:
b8:ad:b0:ce:f0:20:69:d8:fd:ab:c3:d9:7c:87:af:3b:75:87:
8d:4a:1c:33:63:d6:d7:d3:bc:3a:e9:58:c0:85:06:3c:11:ea:
84:8e:ab:8e:af:4a:92:55:3d:b1:cf:b3:73:86:ed:4b:45:83:
ef:e1:be:57:44:ae:a6:38:18:ff:e1:7b:c0:73:2f:0b:0e:41:
35:7a:79:d1:7c:35:ac:ca:d5:38:66:e4:49:a1:90:a4:2c:e7:
99:9d:97:f8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECS+94jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZjQwZmRkODJhMGZkZjNiNzBiZTE4MjIxZWViYTYwZDgwMWVkN2JmMB4XDTIyMDEw
MTE1MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE5YzkxOGFkYzI3
ZWU2MWMwNTc2N2ZhM2FkY2ZlZGU3YWQ1ZTk4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPEv13MilNfDYnmQGfeueOtsy3rHB3mJBVwxzHYEx20VY1w
MC9joKl7Orw5lTZQ7xh8cwux0qHnSBgzEG05QZvcytr+g3FzMp47WxNdamTKOWbL
hY5wMVik/ibIt4f9prim0aaDh6wJS/NmNqTKMfetonQUfzzzYgGH6hcVJ/WUBQip
+tGcrN22QLjT2DjYPdPuKaUKxSijl2iYE3ZAkZ1QHxN/IDojI0WzkIHiaKVDIocX
Lh39ThdeKO0otsDplIQaVcbdfkpZ2wj7p07mUpNL0Aocf+wPIJqAnTTJLxWUYPDD
cPEAkUi5AjWu5x3OaZYnVGWTCEG1i4dQNfQAp9sCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSqnJGK3CfuYcBXZ/o63P7eetXpiTAfBgNVHSMEGDAWgBTPQP3YKg/fO3C+
GCIe66YNgB7XvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3owRDkyQ29QM3p0d3ZoZ2lIdXVtRFlBZTE3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvNzkyNzM3LTZhMDItNDI0Yi04MmNiLWEyOWNlN2RhMTBmZC8x
L3FweVJpdHduN21IQVYyZjZPdHotM25yVjZZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
NzkyNzM3LTZhMDItNDI0Yi04MmNiLWEyOWNlN2RhMTBmZC8xL3owRDkyQ29QM3p0
d3ZoZ2lIdXVtRFlBZTE3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy7jOAMEBE5sIAMEArkzhDANBAIA
AjAHAwUDIAEVSDANBgkqhkiG9w0BAQsFAAOCAQEAACpvIZcEthXEqAdnCy4al15l
HWjydmiuYeQZcsOOqEukSKFaqLmFhZHtUSARapJA6mTDLFAjjqz8htVjMrhwHUr2
MsGEgc1wp+wRHXuSF7Bmn5SdkDYilTcHcHK605iDzX7OmiUypKV6H6a8/cE3htcO
3jHL/D6ADok6M5iyoBV7r5fTO+WJwV2q5GDtKSxLYuDL/UfhOU/jcyWWr2j63Nl8
uK2wzvAgadj9q8PZfIevO3WHjUocM2PW19O8OulYwIUGPBHqhI6rjq9KklU9sc+z
c4btS0WD7+G+V0SupjgY/+F7wHMvCw5BNXp50Xw1rMrVOGbkSaGQpCznmZ2X+A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:23:38 2025 by rpki-client