Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/811463-39ff-48fa-b3c5-e83689433dc0/1/emPB2m28d_2OAKgrrg1MstSerps.roa
File: emPB2m28d_2OAKgrrg1MstSerps.roa (raw, json)
Hash identifier: QYdCs56A4cSV0YCtW2EODcucLS/3dx+SJtvzmkFFYWQ=
Subject key identifier: 7A:63:C1:DA:6D:BC:77:FD:8E:00:A8:2B:AE:0D:4C:B2:D4:9E:AE:9B
Certificate issuer: /CN=b118ae24c94cd40274b3807babfc8b9bccea8b36
Certificate serial: 016B1B18
Authority key identifier: B1:18:AE:24:C9:4C:D4:02:74:B3:80:7B:AB:FC:8B:9B:CC:EA:8B:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sRiuJMlM1AJ0s4B7q_yLm8zqizY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/811463-39ff-48fa-b3c5-e83689433dc0/1/emPB2m28d_2OAKgrrg1MstSerps.roa
Signing time: Mon 28 Feb 2022 05:57:22 +0000
ROA not before: Mon 28 Feb 2022 05:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210775
IP address blocks: 2001:67c:85c::/48 maxlen: 48
2001:67c:854::/48 maxlen: 48
2001:67c:84c::/48 maxlen: 48
2001:67c:858::/48 maxlen: 48
2001:67c:850::/48 maxlen: 48
2001:67c:848::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23796504 (0x16b1b18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b118ae24c94cd40274b3807babfc8b9bccea8b36
Validity
Not Before: Feb 28 05:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a63c1da6dbc77fd8e00a82bae0d4cb2d49eae9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:19:80:12:3d:d5:d9:9a:1d:1f:9d:78:b4:
40:b8:df:3c:da:55:b8:02:a9:9a:81:47:4e:ad:76:
d6:27:1a:75:1d:a3:3e:bd:d5:46:42:0b:39:51:91:
6b:d1:18:e9:a2:2a:83:7b:1f:72:89:51:05:78:a0:
c9:ce:57:83:31:fd:d9:12:0c:68:84:99:db:c7:44:
73:6e:e4:11:10:59:ee:da:0e:64:d0:f5:32:69:bf:
5d:dd:b9:ef:21:03:e7:2d:e0:71:0e:e3:98:b0:e3:
d6:5c:d1:0d:90:9e:3e:88:c5:d3:d2:f5:23:7c:55:
5c:b6:42:7b:79:2f:fc:56:6f:d4:9b:59:0e:86:55:
3d:69:84:d6:aa:c1:4f:79:c0:21:11:18:79:27:ea:
17:1d:46:30:17:a7:a3:5c:25:7c:b8:0e:5e:51:ed:
75:c4:b9:8a:b4:17:88:9f:d4:02:78:7d:a5:d6:3d:
ea:91:61:48:72:13:44:22:06:73:10:d4:49:85:00:
b8:5a:e9:ef:96:6f:4b:ce:68:c4:71:0f:5c:1d:29:
7d:07:3c:7e:a5:23:77:ef:51:69:67:53:93:cc:9b:
c7:e6:16:3c:37:82:5e:4f:81:74:50:2b:e6:4b:31:
34:03:08:fc:fa:85:07:bb:41:de:3d:49:30:61:59:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:63:C1:DA:6D:BC:77:FD:8E:00:A8:2B:AE:0D:4C:B2:D4:9E:AE:9B
X509v3 Authority Key Identifier:
keyid:B1:18:AE:24:C9:4C:D4:02:74:B3:80:7B:AB:FC:8B:9B:CC:EA:8B:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sRiuJMlM1AJ0s4B7q_yLm8zqizY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/811463-39ff-48fa-b3c5-e83689433dc0/1/emPB2m28d_2OAKgrrg1MstSerps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/811463-39ff-48fa-b3c5-e83689433dc0/1/sRiuJMlM1AJ0s4B7q_yLm8zqizY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:848::/48
2001:67c:84c::/48
2001:67c:850::/48
2001:67c:854::/48
2001:67c:858::/48
2001:67c:85c::/48
Signature Algorithm: sha256WithRSAEncryption
bc:9a:f9:3f:16:3c:00:89:6d:e1:30:33:e4:ef:eb:db:e8:44:
19:23:cf:a0:93:24:d5:8d:31:75:aa:77:05:13:57:2a:ff:e8:
e1:bd:f4:56:eb:d4:7a:bb:5b:f6:7f:8c:69:c6:d8:8f:76:77:
ed:f8:4c:b4:16:81:0d:d5:77:d6:f6:20:21:b4:88:8e:4e:44:
fe:6e:67:45:1b:54:f2:65:a3:f1:cd:cb:b9:b9:eb:a0:11:0e:
22:18:58:28:55:47:66:1d:9f:00:d3:b1:5e:1e:0f:cb:2a:00:
69:1d:8d:f8:a8:ab:39:07:cc:25:99:75:3b:65:c9:96:1e:90:
5b:bc:b3:68:a5:1d:e9:b6:74:64:9c:16:f0:ef:58:db:4c:da:
b1:cc:c6:b9:6e:7c:26:2c:3b:9a:cf:ef:5d:d5:32:8c:08:02:
a6:b7:2c:31:ad:3b:d1:d4:b9:1a:ab:aa:11:a2:18:33:77:88:
40:2f:71:f5:1f:6c:23:2d:a0:44:03:54:13:1d:a2:b6:dc:ec:
01:6d:b9:14:9c:3b:ca:cb:06:f3:b7:bd:cc:83:f8:53:0b:b7:
45:b8:0c:cc:d3:b6:14:99:61:c3:1c:70:2c:a1:0e:c9:8c:2f:
52:db:9b:d7:38:67:d1:88:0b:2e:cf:36:79:55:2a:24:88:9f:
e5:cc:6a:1f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEAWsbGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTE4YWUyNGM5NGNkNDAyNzRiMzgwN2JhYmZjOGI5YmNjZWE4YjM2MB4XDTIyMDIy
ODA1NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E2M2MxZGE2ZGJj
NzdmZDhlMDBhODJiYWUwZDRjYjJkNDllYWU5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK07GYASPdXZmh0fnXi0QLjfPNpVuAKpmoFHTq121icadR2j
Pr3VRkILOVGRa9EY6aIqg3sfcolRBXigyc5XgzH92RIMaISZ28dEc27kERBZ7toO
ZND1Mmm/Xd257yED5y3gcQ7jmLDj1lzRDZCePojF09L1I3xVXLZCe3kv/FZv1JtZ
DoZVPWmE1qrBT3nAIREYeSfqFx1GMBeno1wlfLgOXlHtdcS5irQXiJ/UAnh9pdY9
6pFhSHITRCIGcxDUSYUAuFrp75ZvS85oxHEPXB0pfQc8fqUjd+9RaWdTk8ybx+YW
PDeCXk+BdFAr5ksxNAMI/PqFB7tB3j1JMGFZX0MCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBR6Y8Habbx3/Y4AqCuuDUyy1J6umzAfBgNVHSMEGDAWgBSxGK4kyUzUAnSz
gHur/IubzOqLNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NSaXVKTWxNMUFKMHM0QjdxX3lMbTh6cWl6WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvODExNDYzLTM5ZmYtNDhmYS1iM2M1LWU4MzY4OTQzM2RjMC8x
L2VtUEIybTI4ZF8yT0FLZ3JyZzFNc3RTZXJwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ODExNDYzLTM5ZmYtNDhmYS1iM2M1LWU4MzY4OTQzM2RjMC8xL3NSaXVKTWxNMUFK
MHM0QjdxX3lMbTh6cWl6WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAIwNgMHACABBnwISAMHACABBnwITAMHACAB
BnwIUAMHACABBnwIVAMHACABBnwIWAMHACABBnwIXDANBgkqhkiG9w0BAQsFAAOC
AQEAvJr5PxY8AIlt4TAz5O/r2+hEGSPPoJMk1Y0xdap3BRNXKv/o4b30VuvUertb
9n+MacbYj3Z37fhMtBaBDdV31vYgIbSIjk5E/m5nRRtU8mWj8c3LubnroBEOIhhY
KFVHZh2fANOxXh4PyyoAaR2N+KirOQfMJZl1O2XJlh6QW7yzaKUd6bZ0ZJwW8O9Y
20zasczGuW58Jiw7ms/vXdUyjAgCprcsMa070dS5GquqEaIYM3eIQC9x9R9sIy2g
RANUEx2ittzsAW25FJw7yssG87e9zIP4Uwu3RbgMzNO2FJlhwxxwLKEOyYwvUtub
1zhn0YgLLs82eVUqJIif5cxqHw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:01 2025 by rpki-client