Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/R8n4KdhJ1ExroA1A2My4pXRML5s.roa
File: R8n4KdhJ1ExroA1A2My4pXRML5s.roa (raw, json)
Hash identifier: iAXfSqQS6tP0llQ7D9eHfGKJ14SMzVETn2jdJMCE8+E=
Subject key identifier: 47:C9:F8:29:D8:49:D4:4C:6B:A0:0D:40:D8:CC:B8:A5:74:4C:2F:9B
Certificate issuer: /CN=4c1b0c40969080957fccee1fb8a3fb4bb38bf5dc
Certificate serial: 03A101B4
Authority key identifier: 4C:1B:0C:40:96:90:80:95:7F:CC:EE:1F:B8:A3:FB:4B:B3:8B:F5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBsMQJaQgJV_zO4fuKP7S7OL9dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/R8n4KdhJ1ExroA1A2My4pXRML5s.roa
Signing time: Sat 01 Jan 2022 01:50:57 +0000
ROA not before: Sat 01 Jan 2022 01:50:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60849
IP address blocks: 185.27.117.0/24 maxlen: 24
185.27.118.0/24 maxlen: 24
185.27.116.0/22 maxlen: 22
185.27.116.0/24 maxlen: 24
185.27.119.0/24 maxlen: 24
2a04:2ec0::/29 maxlen: 29
2a04:2ec0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60883380 (0x3a101b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c1b0c40969080957fccee1fb8a3fb4bb38bf5dc
Validity
Not Before: Jan 1 01:50:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47c9f829d849d44c6ba00d40d8ccb8a5744c2f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:15:24:30:c2:7a:74:e2:08:0a:22:a8:c2:a2:
0e:a8:0f:4e:f5:33:d9:02:c5:10:ca:07:17:af:83:
8b:e5:d9:19:70:ac:b3:11:29:ce:36:e8:31:1f:cf:
79:74:d9:f1:6a:21:b0:4a:a0:00:56:b6:35:cf:d4:
dc:2a:9e:ba:54:36:63:0f:d4:9e:27:f3:cc:75:3b:
9b:07:f8:ab:d8:70:51:76:aa:41:58:c6:cd:85:a5:
ba:f7:00:b6:d4:bb:5a:05:18:d4:02:b0:5e:30:ce:
7a:7e:c3:6a:93:ae:0c:bc:07:b9:09:3e:eb:01:3c:
35:9e:1c:19:9f:19:f7:4c:c5:0e:fd:ae:de:d2:78:
31:b5:76:d4:dd:39:3b:1b:95:64:ac:86:37:e3:c0:
c6:a6:68:ca:8f:3f:a0:b5:c7:d2:c0:1f:3c:6b:c4:
1f:3e:41:19:6b:8d:71:ac:4e:77:3a:f1:bf:ae:b1:
24:ad:56:24:62:6b:ed:84:98:d4:2d:77:92:92:e2:
62:e6:b3:f7:7c:03:55:e7:68:e5:08:94:0b:2c:f5:
c5:05:42:e6:f0:a4:f2:fe:0a:70:77:20:2f:da:fe:
d2:d4:49:f8:59:31:44:c0:2f:f8:12:39:09:89:82:
53:54:ab:77:b8:d9:89:16:ed:b3:85:21:9a:f7:86:
b6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C9:F8:29:D8:49:D4:4C:6B:A0:0D:40:D8:CC:B8:A5:74:4C:2F:9B
X509v3 Authority Key Identifier:
keyid:4C:1B:0C:40:96:90:80:95:7F:CC:EE:1F:B8:A3:FB:4B:B3:8B:F5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBsMQJaQgJV_zO4fuKP7S7OL9dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/R8n4KdhJ1ExroA1A2My4pXRML5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/TBsMQJaQgJV_zO4fuKP7S7OL9dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.116.0/22
IPv6:
2a04:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:b2:f9:6a:58:d6:ce:98:f9:e4:69:45:4b:a4:d6:75:b3:19:
bd:36:a9:24:b8:7b:46:f3:89:a2:23:4f:f6:e8:a2:99:5b:3b:
1c:78:3e:b1:4e:45:e4:90:a5:cf:9e:33:76:b1:3a:bc:43:2d:
31:26:7f:2c:c8:01:2d:9c:80:a7:01:b1:3c:a8:93:03:e8:f5:
a8:dc:e0:ca:54:d2:df:82:05:70:f8:6b:6b:cb:74:82:e6:15:
6a:66:65:43:fd:37:8d:e0:05:a6:1f:1a:b0:c1:a0:88:76:67:
f5:d3:fc:41:2c:51:3c:3f:20:20:cd:9b:95:c7:b7:b1:50:79:
c3:fb:a9:43:fa:ee:ff:0c:79:3d:84:0b:00:a7:81:db:a2:f4:
ea:cc:37:68:46:e3:9d:7c:ee:4e:7d:fd:1b:01:e5:3b:44:43:
48:60:2e:db:14:51:36:32:31:56:f3:af:46:41:8a:91:08:d7:
7e:90:b1:5f:83:dc:a0:d0:e0:f0:66:13:c5:72:38:99:b5:87:
25:bc:95:cb:8c:06:0a:c3:16:5a:17:cc:24:04:df:4a:82:9b:
38:a0:3e:ba:25:17:f2:5c:8d:f1:ce:dc:c7:e3:61:1b:16:ac:
81:ef:d5:0c:74:f5:26:9f:40:d1:3f:31:a2:66:9c:a9:61:20:
45:14:19:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA6EBtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzFiMGM0MDk2OTA4MDk1N2ZjY2VlMWZiOGEzZmI0YmIzOGJmNWRjMB4XDTIyMDEw
MTAxNTA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdjOWY4MjlkODQ5
ZDQ0YzZiYTAwZDQwZDhjY2I4YTU3NDRjMmY5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoVJDDCenTiCAoiqMKiDqgPTvUz2QLFEMoHF6+Di+XZGXCs
sxEpzjboMR/PeXTZ8WohsEqgAFa2Nc/U3CqeulQ2Yw/UnifzzHU7mwf4q9hwUXaq
QVjGzYWluvcAttS7WgUY1AKwXjDOen7DapOuDLwHuQk+6wE8NZ4cGZ8Z90zFDv2u
3tJ4MbV21N05OxuVZKyGN+PAxqZoyo8/oLXH0sAfPGvEHz5BGWuNcaxOdzrxv66x
JK1WJGJr7YSY1C13kpLiYuaz93wDVedo5QiUCyz1xQVC5vCk8v4KcHcgL9r+0tRJ
+FkxRMAv+BI5CYmCU1Srd7jZiRbts4UhmveGtqkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRHyfgp2EnUTGugDUDYzLildEwvmzAfBgNVHSMEGDAWgBRMGwxAlpCAlX/M
7h+4o/tLs4v13DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RCc01RSmFRZ0pWX3pPNGZ1S1A3UzdPTDlkdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvZWUyOWE2LTY5MWQtNGIwYy1hZDYzLTk0YzgyNTRiZDNiNy8x
L1I4bjRLZGhKMUV4cm9BMUEyTXk0cFhSTUw1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
ZWUyOWE2LTY5MWQtNGIwYy1hZDYzLTk0YzgyNTRiZDNiNy8xL1RCc01RSmFRZ0pW
X3pPNGZ1S1A3UzdPTDlkdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkbdDANBAIAAjAHAwUDKgQuwDAN
BgkqhkiG9w0BAQsFAAOCAQEADLL5aljWzpj55GlFS6TWdbMZvTapJLh7RvOJoiNP
9uiimVs7HHg+sU5F5JClz54zdrE6vEMtMSZ/LMgBLZyApwGxPKiTA+j1qNzgylTS
34IFcPhra8t0guYVamZlQ/03jeAFph8asMGgiHZn9dP8QSxRPD8gIM2blce3sVB5
w/upQ/ru/wx5PYQLAKeB26L06sw3aEbjnXzuTn39GwHlO0RDSGAu2xRRNjIxVvOv
RkGKkQjXfpCxX4PcoNDg8GYTxXI4mbWHJbyVy4wGCsMWWhfMJATfSoKbOKA+uiUX
8lyN8c7cx+NhGxasge/VDHT1Jp9A0T8xomacqWEgRRQZHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:34 2024 by rpki-client on console-fra.rpki-client.org