Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/657a92-6220-4425-8899-07f1950d8894/1/QAHxEJqK08ZnXxy1yHYh7uuWyvk.roa
File: QAHxEJqK08ZnXxy1yHYh7uuWyvk.roa (raw, json)
Hash identifier: YghdKQXeHPAub445sjcnW1H6TSUJJvgy1IIxP5n08tY=
Subject key identifier: 40:01:F1:10:9A:8A:D3:C6:67:5F:1C:B5:C8:76:21:EE:EB:96:CA:F9
Certificate issuer: /CN=eab476f677cd0c3298d2811e60f48e1b29b3afef
Certificate serial: 04A006FC
Authority key identifier: EA:B4:76:F6:77:CD:0C:32:98:D2:81:1E:60:F4:8E:1B:29:B3:AF:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6rR29nfNDDKY0oEeYPSOGymzr-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/657a92-6220-4425-8899-07f1950d8894/1/QAHxEJqK08ZnXxy1yHYh7uuWyvk.roa
Signing time: Sat 01 Jan 2022 13:06:47 +0000
ROA not before: Sat 01 Jan 2022 13:06:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47176
IP address blocks: 185.70.48.0/22 maxlen: 22
185.70.48.0/24 maxlen: 24
93.190.75.0/24 maxlen: 24
93.190.72.0/21 maxlen: 21
2a05:2740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77596412 (0x4a006fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eab476f677cd0c3298d2811e60f48e1b29b3afef
Validity
Not Before: Jan 1 13:06:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4001f1109a8ad3c6675f1cb5c87621eeeb96caf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e4:1b:10:77:05:ca:67:0d:ca:1c:9c:aa:85:
c3:7d:4a:28:d5:a4:9e:40:80:4c:71:a4:1d:7f:91:
d8:8f:95:db:be:1a:9d:d0:62:c3:90:be:90:1c:cf:
38:45:51:c7:71:c5:da:0d:a9:44:ec:bf:dc:ba:7a:
8a:33:c2:ba:24:42:26:0b:c6:5d:ce:38:f8:56:b9:
f9:06:72:95:05:82:47:8b:c3:00:da:62:75:4d:ed:
fa:2f:02:51:83:18:44:28:61:de:d6:9d:86:fb:56:
65:73:02:34:ab:93:26:e4:96:4a:c5:89:c6:36:62:
05:83:e7:c9:e4:b0:6c:f7:2a:c6:dc:f2:65:f9:dc:
40:5f:3f:9e:fc:e6:23:d9:49:66:12:40:15:ee:e8:
14:02:34:06:e4:5e:e0:1e:8c:3c:7f:26:b4:4a:ec:
84:06:06:18:bb:89:9a:ec:df:d6:7f:7c:c6:48:eb:
b5:f4:b4:77:30:41:54:01:71:da:e7:e4:ae:5c:13:
6e:45:65:3b:70:8b:41:a4:b5:39:fc:2c:df:e3:77:
35:56:0b:25:9d:99:e1:b3:a3:95:01:d2:e9:7b:18:
14:19:c1:59:e9:b2:f5:17:f5:c1:b5:e2:8f:53:ee:
45:97:f9:19:e9:1f:ff:ef:d7:7d:ee:0e:30:da:35:
58:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:01:F1:10:9A:8A:D3:C6:67:5F:1C:B5:C8:76:21:EE:EB:96:CA:F9
X509v3 Authority Key Identifier:
keyid:EA:B4:76:F6:77:CD:0C:32:98:D2:81:1E:60:F4:8E:1B:29:B3:AF:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6rR29nfNDDKY0oEeYPSOGymzr-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/657a92-6220-4425-8899-07f1950d8894/1/QAHxEJqK08ZnXxy1yHYh7uuWyvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/657a92-6220-4425-8899-07f1950d8894/1/6rR29nfNDDKY0oEeYPSOGymzr-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.72.0/21
185.70.48.0/22
IPv6:
2a05:2740::/29
Signature Algorithm: sha256WithRSAEncryption
50:38:9b:f5:9c:14:3e:2e:2b:a8:2a:d6:d1:9a:c7:a8:d7:1e:
8c:ae:0c:7a:ab:cb:9c:11:73:7a:45:d6:b5:47:dc:6d:7c:33:
6b:3b:6a:79:b0:ea:fd:79:24:89:c9:a5:9d:4d:6e:69:94:da:
0c:17:70:a2:95:06:e3:04:b7:28:53:ad:f4:3c:2c:1c:a5:ea:
68:c9:dd:2c:96:ad:3f:f0:11:f0:5f:46:90:2a:33:2b:4c:6d:
b1:b5:9c:55:d6:88:24:63:3c:28:3c:5f:18:3f:60:5f:ef:88:
6f:d1:49:2a:eb:16:36:0b:c3:fe:ad:7f:f4:6e:33:a4:48:32:
9c:38:1c:0a:5f:2c:b9:1f:bd:46:0c:f6:c5:e4:70:6a:be:d1:
60:cc:51:85:78:9c:e5:29:e6:62:c6:fe:fa:74:45:2f:80:1e:
c3:ca:5e:17:1f:af:b9:09:89:1b:71:eb:5d:11:de:10:bf:11:
b2:50:61:79:1b:25:5f:98:53:9e:97:03:a1:be:1c:77:24:73:
88:38:69:56:ea:c3:65:0c:cd:7a:1f:27:92:d3:79:f3:9d:e3:
f1:3b:19:e0:a7:50:9b:e4:f4:34:b4:e3:dd:9c:9a:b9:42:54:
64:b5:05:9e:4f:c4:98:3e:9e:24:be:ed:78:9a:b0:38:e4:12:
36:3d:e6:00
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBKAG/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWI0NzZmNjc3Y2QwYzMyOThkMjgxMWU2MGY0OGUxYjI5YjNhZmVmMB4XDTIyMDEw
MTEzMDY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAwMWYxMTA5YThh
ZDNjNjY3NWYxY2I1Yzg3NjIxZWVlYjk2Y2FmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7kGxB3BcpnDcocnKqFw31KKNWknkCATHGkHX+R2I+V274a
ndBiw5C+kBzPOEVRx3HF2g2pROy/3Lp6ijPCuiRCJgvGXc44+Fa5+QZylQWCR4vD
ANpidU3t+i8CUYMYRChh3tadhvtWZXMCNKuTJuSWSsWJxjZiBYPnyeSwbPcqxtzy
ZfncQF8/nvzmI9lJZhJAFe7oFAI0BuRe4B6MPH8mtErshAYGGLuJmuzf1n98xkjr
tfS0dzBBVAFx2ufkrlwTbkVlO3CLQaS1Ofws3+N3NVYLJZ2Z4bOjlQHS6XsYFBnB
Wemy9Rf1wbXij1PuRZf5Gekf/+/Xfe4OMNo1WNECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRAAfEQmorTxmdfHLXIdiHu65bK+TAfBgNVHSMEGDAWgBTqtHb2d80MMpjS
gR5g9I4bKbOv7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZyUjI5bmZORERLWTBvRWVZUFNPR3ltenItOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNjU3YTkyLTYyMjAtNDQyNS04ODk5LTA3ZjE5NTBkODg5NC8x
L1FBSHhFSnFLMDhablh4eTF5SFloN3V1V3l2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NjU3YTkyLTYyMjAtNDQyNS04ODk5LTA3ZjE5NTBkODg5NC8xLzZyUjI5bmZORERL
WTBvRWVZUFNPR3ltenItOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA12+SAMEArlGMDANBAIAAjAHAwUD
KgUnQDANBgkqhkiG9w0BAQsFAAOCAQEAUDib9ZwUPi4rqCrW0ZrHqNcejK4MeqvL
nBFzekXWtUfcbXwzaztqebDq/XkkicmlnU1uaZTaDBdwopUG4wS3KFOt9DwsHKXq
aMndLJatP/AR8F9GkCozK0xtsbWcVdaIJGM8KDxfGD9gX++Ib9FJKusWNgvD/q1/
9G4zpEgynDgcCl8suR+9Rgz2xeRwar7RYMxRhXic5SnmYsb++nRFL4Aew8peFx+v
uQmJG3HrXRHeEL8RslBheRslX5hTnpcDob4cdyRziDhpVurDZQzNeh8nktN5853j
8TsZ4KdQm+T0NLTj3ZyauUJUZLUFnk/EmD6eJL7teJqwOOQSNj3mAA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:00 2025 by rpki-client