Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/8nEor0D0_Q0ISbpupykZ42LsAeo.roa
File: 8nEor0D0_Q0ISbpupykZ42LsAeo.roa (raw, json)
Hash identifier: qJOwMRJ5oeSjdJ+PqxHcPAFOpCaSMVa4kOyhu6v2gic=
Subject key identifier: F2:71:28:AF:40:F4:FD:0D:08:49:BA:6E:A7:29:19:E3:62:EC:01:EA
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 05CA3698
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/8nEor0D0_Q0ISbpupykZ42LsAeo.roa
Signing time: Sat 01 Jan 2022 16:02:19 +0000
ROA not before: Sat 01 Jan 2022 16:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50272
IP address blocks: 185.41.64.0/22 maxlen: 22
185.41.64.0/24 maxlen: 24
62.24.32.0/19 maxlen: 19
2a03:1400::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97138328 (0x5ca3698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Jan 1 16:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f27128af40f4fd0d0849ba6ea72919e362ec01ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0a:75:78:8c:13:94:c2:59:b8:e9:a3:ab:79:
1a:3b:a8:36:52:b5:95:31:a1:8b:66:a0:d4:a8:7f:
32:b3:21:a6:d2:2d:db:a0:f1:a3:56:cb:d0:c6:8f:
60:26:b5:0d:7e:4c:49:e2:6c:29:36:d7:63:20:17:
35:7b:af:79:9d:c0:ea:d4:d2:fc:8c:63:b4:94:48:
48:d1:2d:79:21:e2:20:0d:a4:7d:96:d9:0c:d1:88:
d9:d7:13:3f:ad:c0:43:f9:2e:19:f3:26:1a:95:1f:
01:ef:a8:8c:2b:7f:cf:b5:c3:36:bd:36:31:55:44:
93:71:20:89:cd:2c:bd:fa:41:ca:67:f3:5c:f7:bd:
4c:5c:c3:0e:85:46:8d:e9:4d:9e:4d:1c:51:27:4d:
57:d8:1d:1c:b0:d2:1e:3b:9f:5d:4b:05:58:36:b1:
49:fa:37:f8:8d:9b:0a:c6:cf:6e:6d:50:2e:90:5d:
9a:0b:4c:d9:6c:5b:c4:92:76:38:1b:83:8b:73:22:
90:e2:9d:a2:27:16:29:2e:60:7d:6e:a1:b9:38:b4:
3e:31:e6:f1:13:86:fd:33:6e:74:b9:8a:00:c9:6a:
0e:e5:c9:4e:cf:39:de:65:da:26:cc:9c:77:9e:2b:
fb:d1:1c:62:2a:ff:f2:54:16:dc:91:7b:8a:6d:41:
08:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:71:28:AF:40:F4:FD:0D:08:49:BA:6E:A7:29:19:E3:62:EC:01:EA
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/8nEor0D0_Q0ISbpupykZ42LsAeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.24.32.0/19
185.41.64.0/22
IPv6:
2a03:1400::/32
Signature Algorithm: sha256WithRSAEncryption
bc:4d:5a:65:f8:60:d2:56:b2:4b:05:f0:bf:15:e4:38:bd:8c:
0a:0c:b8:65:51:78:f3:d2:f4:9e:7a:a0:c3:f4:3e:3e:0b:11:
2f:ff:3b:fb:f0:78:b5:ed:e2:70:fa:11:31:91:7b:e3:f6:26:
d2:58:fc:51:61:d9:9a:86:f9:27:d7:dd:f7:20:4f:47:c4:f3:
4a:4d:a1:ca:f6:53:a1:a7:0f:34:5b:09:0a:ab:fd:91:3c:ab:
c5:f4:2d:eb:bb:1c:19:87:ce:7b:1d:b0:bd:86:ee:eb:7e:80:
c4:1b:20:b6:c2:2e:63:c4:13:9b:6e:83:20:aa:6c:61:01:a9:
f5:ac:49:fb:c1:ec:f5:50:9e:6a:a7:01:e1:09:af:4f:07:55:
c3:8e:ed:a1:40:ac:2a:be:46:88:d4:00:e7:26:ec:da:48:09:
06:dd:fa:ac:24:32:22:71:55:70:63:53:28:6d:bf:de:f0:b1:
62:0f:53:f8:23:ea:c8:e9:d0:91:4d:10:9f:df:88:d8:9a:0b:
57:a4:81:fe:9e:ef:71:33:f7:63:65:b0:10:8e:15:7b:08:c7:
17:8a:f1:6f:16:d1:87:e7:7e:59:44:ed:53:ac:0c:1d:25:bc:
a2:39:0e:46:32:5b:a4:b4:29:ea:f8:06:6f:8c:31:aa:a3:ad:
fd:53:cc:d4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBco2mDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Y2E5OGIxZDBlY2NjYzRmNmZmMWE3ZTdkYjg0YjRiYjJmNTViMDhkMB4XDTIyMDEw
MTE2MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI3MTI4YWY0MGY0
ZmQwZDA4NDliYTZlYTcyOTE5ZTM2MmVjMDFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOIKdXiME5TCWbjpo6t5GjuoNlK1lTGhi2ag1Kh/MrMhptIt
26Dxo1bL0MaPYCa1DX5MSeJsKTbXYyAXNXuveZ3A6tTS/IxjtJRISNEteSHiIA2k
fZbZDNGI2dcTP63AQ/kuGfMmGpUfAe+ojCt/z7XDNr02MVVEk3Egic0svfpBymfz
XPe9TFzDDoVGjelNnk0cUSdNV9gdHLDSHjufXUsFWDaxSfo3+I2bCsbPbm1QLpBd
mgtM2WxbxJJ2OBuDi3MikOKdoicWKS5gfW6huTi0PjHm8ROG/TNudLmKAMlqDuXJ
Ts853mXaJsycd54r+9EcYir/8lQW3JF7im1BCLkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTycSivQPT9DQhJum6nKRnjYuwB6jAfBgNVHSMEGDAWgBT8qYsdDszMT2/x
p+fbhLS7L1WwjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19LbUxIUTdNekU5djhhZm4yNFMwdXk5VnNJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvOTcxZTczLWZhODMtNDU3OS04NTMyLTU4ZjBmMzI1YzJiOC8x
LzhuRW9yMEQwX1EwSVNicHVweWtaNDJMc0Flby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
OTcxZTczLWZhODMtNDU3OS04NTMyLTU4ZjBmMzI1YzJiOC8xL19LbUxIUTdNekU5
djhhZm4yNFMwdXk5VnNJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBT4YIAMEArkpQDANBAIAAjAHAwUA
KgMUADANBgkqhkiG9w0BAQsFAAOCAQEAvE1aZfhg0laySwXwvxXkOL2MCgy4ZVF4
89L0nnqgw/Q+PgsRL/87+/B4te3icPoRMZF74/Ym0lj8UWHZmob5J9fd9yBPR8Tz
Sk2hyvZToacPNFsJCqv9kTyrxfQt67scGYfOex2wvYbu636AxBsgtsIuY8QTm26D
IKpsYQGp9axJ+8Hs9VCeaqcB4QmvTwdVw47toUCsKr5GiNQA5ybs2kgJBt36rCQy
InFVcGNTKG2/3vCxYg9T+CPqyOnQkU0Qn9+I2JoLV6SB/p7vcTP3Y2WwEI4VewjH
F4rxbxbRh+d+WUTtU6wMHSW8ojkORjJbpLQp6vgGb4wxqqOt/VPM1A==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:41:38 2025 by rpki-client