Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/QCp8MwZwpI0QJwDiTZ7UFb7OGXk.roa
File: QCp8MwZwpI0QJwDiTZ7UFb7OGXk.roa (raw, json)
Hash identifier: yl9vZJypnjcz44DMvO29EvIojaH9GB3CDPqCjFLtObA=
Subject key identifier: 40:2A:7C:33:06:70:A4:8D:10:27:00:E2:4D:9E:D4:15:BE:CE:19:79
Certificate issuer: /CN=27a4e5aacb129ea507382b23db97ca4200704d69
Certificate serial: 0898D2FF
Authority key identifier: 27:A4:E5:AA:CB:12:9E:A5:07:38:2B:23:DB:97:CA:42:00:70:4D:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/QCp8MwZwpI0QJwDiTZ7UFb7OGXk.roa
Signing time: Tue 17 May 2022 08:07:29 +0000
ROA not before: Tue 17 May 2022 08:07:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59886
IP address blocks: 185.49.44.0/24 maxlen: 24
185.49.47.0/24 maxlen: 24
185.49.46.0/24 maxlen: 24
185.49.45.0/24 maxlen: 24
185.67.206.0/24 maxlen: 24
185.67.205.0/24 maxlen: 24
185.67.204.0/24 maxlen: 24
185.67.207.0/24 maxlen: 24
2a03:2620::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144233215 (0x898d2ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a4e5aacb129ea507382b23db97ca4200704d69
Validity
Not Before: May 17 08:07:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=402a7c330670a48d102700e24d9ed415bece1979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:97:0c:96:2c:07:7f:31:08:83:9b:0f:59:
b5:09:b2:7e:d5:b8:38:d0:b5:22:6e:d6:ea:f4:59:
fc:bf:ea:e8:35:1e:2d:44:c5:1b:b1:dd:2c:77:82:
24:c0:70:cf:37:a0:a2:58:65:6c:3b:10:37:4c:17:
f5:c3:f5:9e:fc:02:be:f0:4b:3d:12:9d:b8:07:e5:
4b:49:21:32:aa:eb:98:92:67:9f:eb:41:bd:8d:6d:
38:b2:5a:e9:06:35:82:ea:46:a9:d9:dd:f5:f0:e5:
e3:bf:0b:9b:13:ea:21:a5:54:9b:af:df:84:e2:58:
87:3c:b6:f7:87:51:7e:2a:72:4c:c5:a3:b8:f3:0d:
a7:19:66:fe:3f:ad:51:26:3a:92:cf:b1:fc:04:a6:
1f:9a:cb:3d:d4:5c:4e:ec:8c:81:22:7d:c6:9c:4a:
1b:27:c1:8f:aa:b8:61:ae:51:3c:8c:43:ef:ba:e7:
ba:42:16:63:bf:21:c1:84:9b:59:29:93:0a:79:81:
b9:45:fa:4b:ee:c9:d0:b7:8a:aa:c5:ad:e9:8f:bb:
e6:a1:0b:ed:e7:ac:89:0a:b6:d7:8b:98:6a:70:ea:
74:31:6b:e7:46:1c:ca:87:14:0e:e6:7d:57:8f:01:
cf:b3:d3:8f:ed:61:17:b8:9a:59:05:ab:c6:66:70:
ad:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:2A:7C:33:06:70:A4:8D:10:27:00:E2:4D:9E:D4:15:BE:CE:19:79
X509v3 Authority Key Identifier:
keyid:27:A4:E5:AA:CB:12:9E:A5:07:38:2B:23:DB:97:CA:42:00:70:4D:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/QCp8MwZwpI0QJwDiTZ7UFb7OGXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/J6TlqssSnqUHOCsj25fKQgBwTWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.44.0/22
185.67.204.0/22
IPv6:
2a03:2620::/32
Signature Algorithm: sha256WithRSAEncryption
aa:35:41:6d:d8:95:16:3c:4c:95:9f:f4:86:bf:2e:7e:1f:56:
de:5d:77:15:30:7b:51:b4:e7:8a:c7:8f:b9:2a:a5:74:75:9a:
bf:e8:34:39:4e:dd:09:3a:75:a9:22:2c:3e:4f:ee:89:cb:ed:
93:25:34:4d:7b:4a:aa:3d:80:62:6f:d6:3a:bb:4a:e3:e5:13:
a4:d5:f2:e4:c8:14:30:b7:b3:05:ea:68:68:71:55:79:d1:f9:
36:04:8d:fd:42:85:ad:e8:d6:8b:b4:58:13:ee:f7:e5:fb:35:
76:53:2d:06:c5:24:ac:ea:54:99:1c:aa:d6:9e:ee:15:99:fb:
07:06:1d:d4:0d:75:a2:76:5d:73:ae:22:1a:98:3f:5d:42:cd:
f0:e6:b2:7a:47:b2:13:df:08:d1:8c:5a:66:2e:91:35:5e:33:
0d:bc:fe:5d:6e:7d:35:c7:19:d1:9e:d9:6c:63:64:f7:d2:01:
22:a0:38:80:ae:ed:25:c8:8a:cb:a3:bf:a7:56:fd:37:69:f7:
3c:22:50:9d:a5:2b:53:7d:3c:9f:ea:cc:17:a0:6a:4e:dd:5d:
2b:9d:53:cf:29:a6:9b:cc:ed:ae:57:ba:2f:3e:d1:4a:11:85:
1b:66:ac:d9:16:21:74:f9:57:94:dc:0d:65:44:4d:8b:96:72:
9b:05:78:03
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECJjS/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2E0ZTVhYWNiMTI5ZWE1MDczODJiMjNkYjk3Y2E0MjAwNzA0ZDY5MB4XDTIyMDUx
NzA4MDcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAyYTdjMzMwNjcw
YTQ4ZDEwMjcwMGUyNGQ5ZWQ0MTViZWNlMTk3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhKlwyWLAd/MQiDmw9ZtQmyftW4ONC1Im7W6vRZ/L/q6DUe
LUTFG7HdLHeCJMBwzzegolhlbDsQN0wX9cP1nvwCvvBLPRKduAflS0khMqrrmJJn
n+tBvY1tOLJa6QY1gupGqdnd9fDl478LmxPqIaVUm6/fhOJYhzy294dRfipyTMWj
uPMNpxlm/j+tUSY6ks+x/ASmH5rLPdRcTuyMgSJ9xpxKGyfBj6q4Ya5RPIxD77rn
ukIWY78hwYSbWSmTCnmBuUX6S+7J0LeKqsWt6Y+75qEL7eesiQq214uYanDqdDFr
50YcyocUDuZ9V48Bz7PTj+1hF7iaWQWrxmZwrSMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRAKnwzBnCkjRAnAOJNntQVvs4ZeTAfBgNVHSMEGDAWgBQnpOWqyxKepQc4
KyPbl8pCAHBNaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2VGxxc3NTbnFVSE9Dc2oyNWZLUWdCd1RXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZmU4MDQyLWZlZjQtNGZmMC1iYWM0LWM4YTQ4MzM5Y2E3OS8x
L1FDcDhNd1p3cEkwUUp3RGlUWjdVRmI3T0dYay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZmU4MDQyLWZlZjQtNGZmMC1iYWM0LWM4YTQ4MzM5Y2E3OS8xL0o2VGxxc3NTbnFV
SE9Dc2oyNWZLUWdCd1RXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkxLAMEArlDzDANBAIAAjAHAwUA
KgMmIDANBgkqhkiG9w0BAQsFAAOCAQEAqjVBbdiVFjxMlZ/0hr8ufh9W3l13FTB7
UbTnisePuSqldHWav+g0OU7dCTp1qSIsPk/uicvtkyU0TXtKqj2AYm/WOrtK4+UT
pNXy5MgUMLezBepoaHFVedH5NgSN/UKFrejWi7RYE+735fs1dlMtBsUkrOpUmRyq
1p7uFZn7BwYd1A11onZdc64iGpg/XULN8OayekeyE98I0YxaZi6RNV4zDbz+XW59
NccZ0Z7ZbGNk99IBIqA4gK7tJciKy6O/p1b9N2n3PCJQnaUrU308n+rMF6BqTt1d
K51Tzymmm8ztrle6Lz7RShGFG2as2RYhdPlXlNwNZURNi5ZymwV4Aw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:43:29 2025 by rpki-client