Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/XPkMgfummjmjx0VJsY53OlyxO38.roa
File: XPkMgfummjmjx0VJsY53OlyxO38.roa (raw, json)
Hash identifier: HxJ+aDDlUf6XXueSxGmUx49R0m+LBm6Lujkbv7CJ6HY=
Subject key identifier: 5C:F9:0C:81:FB:A6:9A:39:A3:C7:45:49:B1:8E:77:3A:5C:B1:3B:7F
Certificate issuer: /CN=27a4e5aacb129ea507382b23db97ca4200704d69
Certificate serial: 0185720349AE0E8A0C896A45CFD51B7C1706
Authority key identifier: 27:A4:E5:AA:CB:12:9E:A5:07:38:2B:23:DB:97:CA:42:00:70:4D:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/XPkMgfummjmjx0VJsY53OlyxO38.roa
Signing time: Mon 02 Jan 2023 10:24:56 +0000
ROA not before: Mon 02 Jan 2023 10:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59886
IP address blocks: 185.49.44.0/24 maxlen: 24
185.49.47.0/24 maxlen: 24
185.49.46.0/24 maxlen: 24
185.49.45.0/24 maxlen: 24
185.67.206.0/24 maxlen: 24
185.67.205.0/24 maxlen: 24
185.67.204.0/24 maxlen: 24
185.67.207.0/24 maxlen: 24
2a03:2620::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:49:ae:0e:8a:0c:89:6a:45:cf:d5:1b:7c:17:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a4e5aacb129ea507382b23db97ca4200704d69
Validity
Not Before: Jan 2 10:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf90c81fba69a39a3c74549b18e773a5cb13b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c0:cd:9f:e0:27:a0:6b:b8:9a:d2:09:ee:b6:
ac:0c:5f:b5:73:5f:ac:43:8b:dc:76:a5:5d:ab:6f:
d1:d3:c6:fc:fe:40:a1:64:00:c0:12:4a:ac:25:73:
90:ce:10:38:c7:51:7c:74:94:8a:95:37:32:e2:64:
60:df:22:04:8e:28:3c:b3:9a:a7:a0:a8:ba:00:6e:
b0:b0:8d:df:91:93:57:70:56:c9:08:58:c3:ea:d4:
8c:82:60:8c:f2:db:32:91:27:8e:10:82:64:4c:a3:
41:ba:96:32:72:1d:5c:fa:a9:8f:9b:00:ae:90:75:
3a:88:a7:de:31:fb:60:b7:e2:b8:63:14:95:b1:36:
21:3d:b7:98:83:e0:47:cf:78:ea:22:41:a9:d1:b1:
d7:0b:16:a0:ff:d6:12:0e:97:0a:f0:9d:e0:a4:b1:
f8:c8:ae:69:16:cf:e2:b7:c2:d4:79:e2:eb:5d:f0:
94:a8:7c:d8:78:5a:f6:a8:01:b4:8a:25:2f:5c:8e:
bb:ae:6b:42:3f:87:a7:91:d8:77:4d:30:50:96:8e:
f3:9e:09:b6:ee:49:7d:5e:68:c9:f8:52:44:d1:35:
9f:5a:e5:e0:2c:bc:a3:ab:61:37:b0:77:1f:94:dd:
4d:b4:06:eb:a2:65:b0:f5:30:a5:a7:08:a3:34:e8:
35:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F9:0C:81:FB:A6:9A:39:A3:C7:45:49:B1:8E:77:3A:5C:B1:3B:7F
X509v3 Authority Key Identifier:
keyid:27:A4:E5:AA:CB:12:9E:A5:07:38:2B:23:DB:97:CA:42:00:70:4D:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/XPkMgfummjmjx0VJsY53OlyxO38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/J6TlqssSnqUHOCsj25fKQgBwTWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.44.0/22
185.67.204.0/22
IPv6:
2a03:2620::/32
Signature Algorithm: sha256WithRSAEncryption
9d:97:19:26:d1:0d:a2:40:9c:a5:fa:4c:d4:70:e4:13:67:ae:
41:50:8d:9d:9a:21:af:00:5d:c8:5b:29:1a:84:79:6c:f5:71:
af:97:24:08:9a:3b:12:76:83:15:a6:64:0e:9b:78:f0:7f:d1:
b1:ee:d8:20:3d:bc:75:d6:54:c9:c2:e5:d1:ed:12:48:49:39:
da:2a:6f:9d:e7:8e:88:0a:6a:fb:81:cf:2c:49:58:ef:95:08:
45:78:bf:61:25:22:6d:61:d4:66:7a:09:bd:11:98:b3:04:27:
04:6f:e4:db:5a:97:27:b5:70:89:b1:9a:53:26:c3:4e:88:c5:
ba:78:c5:a1:28:3f:4a:1e:31:14:ad:62:72:29:f1:06:8a:1b:
cc:35:ef:c3:e6:95:62:42:36:42:b3:9c:52:ea:2c:e3:7d:af:
13:a0:68:93:75:ae:9d:bd:f0:fe:9b:28:c5:f0:0c:28:d2:7e:
71:ce:61:44:c7:ba:76:68:28:ae:2a:e6:fa:50:b7:6e:87:53:
57:b8:b2:b9:f4:23:33:72:b7:76:80:e1:01:5c:75:f3:5e:c5:
f7:4c:6b:57:a5:6d:77:8b:43:3c:64:92:25:bc:ee:88:00:b2:
ba:83:8c:51:43:e3:de:74:76:34:a1:64:d5:aa:09:c9:4a:6c:
e4:74:97:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyA0muDooMiWpFz9UbfBcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTRlNWFhY2IxMjllYTUwNzM4MmIyM2RiOTdjYTQyMDA3
MDRkNjkwHhcNMjMwMTAyMTAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y5MGM4MWZiYTY5YTM5YTNjNzQ1NDliMThlNzczYTVjYjEzYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMDNn+AnoGu4mtIJ7rasDF+1c1+s
Q4vcdqVdq2/R08b8/kChZADAEkqsJXOQzhA4x1F8dJSKlTcy4mRg3yIEjig8s5qn
oKi6AG6wsI3fkZNXcFbJCFjD6tSMgmCM8tsykSeOEIJkTKNBupYych1c+qmPmwCu
kHU6iKfeMftgt+K4YxSVsTYhPbeYg+BHz3jqIkGp0bHXCxag/9YSDpcK8J3gpLH4
yK5pFs/it8LUeeLrXfCUqHzYeFr2qAG0iiUvXI67rmtCP4enkdh3TTBQlo7zngm2
7kl9XmjJ+FJE0TWfWuXgLLyjq2E3sHcflN1NtAbromWw9TClpwijNOg1gQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFz5DIH7ppo5o8dFSbGOdzpcsTt/MB8GA1UdIwQY
MBaAFCek5arLEp6lBzgrI9uXykIAcE1pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZUbHFzc1NucVVIT0NzajI1ZktRZ0J3VFdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mZTgwNDItZmVmNC00ZmYwLWJhYzQt
YzhhNDgzMzljYTc5LzEvWFBrTWdmdW1tam1qeDBWSnNZNTNPbHl4TzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mZTgwNDItZmVmNC00ZmYwLWJhYzQtYzhhNDgzMzljYTc5
LzEvSjZUbHFzc1NucVVIT0NzajI1ZktRZ0J3VFdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTEsAwQC
uUPMMA0EAgACMAcDBQAqAyYgMA0GCSqGSIb3DQEBCwUAA4IBAQCdlxkm0Q2iQJyl
+kzUcOQTZ65BUI2dmiGvAF3IWykahHls9XGvlyQImjsSdoMVpmQOm3jwf9Gx7tgg
Pbx11lTJwuXR7RJISTnaKm+d546ICmr7gc8sSVjvlQhFeL9hJSJtYdRmegm9EZiz
BCcEb+TbWpcntXCJsZpTJsNOiMW6eMWhKD9KHjEUrWJyKfEGihvMNe/D5pViQjZC
s5xS6izjfa8ToGiTda6dvfD+myjF8Awo0n5xzmFEx7p2aCiuKub6ULduh1NXuLK5
9CMzcrd2gOEBXHXzXsX3TGtXpW13i0M8ZJIlvO6IALK6g4xRQ+PedHY0oWTVqgnJ
SmzkdJcA
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:26 2025 by rpki-client