Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/ejg4wtNKItJsMO6oBKGqcUV13hA.roa
File: ejg4wtNKItJsMO6oBKGqcUV13hA.roa (raw, json)
Hash identifier: uDEJ6nON2QCwf1RTwGPfnwbj2l3S8lfhmLNgu8NhaB0=
Subject key identifier: 7A:38:38:C2:D3:4A:22:D2:6C:30:EE:A8:04:A1:AA:71:45:75:DE:10
Certificate issuer: /CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Certificate serial: 018844DBF0A2F83C16359E0EA81A396EB7B6
Authority key identifier: 7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/ejg4wtNKItJsMO6oBKGqcUV13hA.roa
Signing time: Mon 22 May 2023 19:07:24 +0000
ROA not before: Mon 22 May 2023 19:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20722
IP address blocks: 85.204.44.0/24 maxlen: 24
194.102.188.0/24 maxlen: 24
185.88.130.0/23 maxlen: 23
185.88.131.0/24 maxlen: 24
185.88.128.0/22 maxlen: 22
185.88.129.0/24 maxlen: 24
85.204.56.0/21 maxlen: 21
85.204.56.0/24 maxlen: 24
85.204.57.0/24 maxlen: 24
85.204.58.0/24 maxlen: 24
85.204.59.0/24 maxlen: 24
85.204.60.0/24 maxlen: 24
85.204.61.0/24 maxlen: 24
85.204.62.0/24 maxlen: 24
85.204.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:db:f0:a2:f8:3c:16:35:9e:0e:a8:1a:39:6e:b7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Validity
Not Before: May 22 19:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a3838c2d34a22d26c30eea804a1aa714575de10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:47:ee:af:b4:2b:e2:ab:78:16:b7:21:ee:82:
80:71:94:6e:ea:69:5a:22:e3:ad:12:14:53:0a:39:
37:65:15:40:05:a3:f6:33:e2:2f:b9:41:9f:4f:d6:
ae:34:82:53:be:9f:f2:9c:da:6a:ce:64:2b:3d:f2:
94:06:23:8f:3b:ed:a5:b0:ff:25:10:17:20:cf:22:
ff:de:3e:c3:b2:ce:40:e7:08:f6:91:c1:26:06:bc:
a1:e9:dd:47:d7:ad:5c:ff:a6:4f:25:89:14:69:25:
0a:5f:8e:42:c1:9b:ac:e1:d2:bc:a6:9f:46:0b:c0:
a0:e0:57:7d:da:a1:cf:eb:6d:00:d5:b3:46:b7:68:
ce:f2:be:03:5a:51:6c:98:54:0b:12:94:2a:e0:fc:
a4:57:0b:76:9e:b0:b3:b4:6b:39:30:42:68:ca:a8:
f0:29:44:d9:21:25:b1:cf:2d:73:68:34:04:66:ce:
37:42:6b:37:ac:7e:5e:f9:19:84:e7:8f:2d:8e:3d:
cd:20:a1:11:02:ff:fb:ad:b6:f0:c7:d2:10:2d:61:
64:3a:59:ed:90:79:f1:d2:e2:2f:7e:27:2e:16:da:
bb:32:06:05:33:8a:9f:be:df:64:0b:06:a8:e1:da:
34:c2:ae:7a:8f:55:e3:39:d2:21:bf:0e:4f:91:2e:
3b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:38:38:C2:D3:4A:22:D2:6C:30:EE:A8:04:A1:AA:71:45:75:DE:10
X509v3 Authority Key Identifier:
keyid:7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/ejg4wtNKItJsMO6oBKGqcUV13hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.44.0/24
85.204.56.0/21
185.88.128.0/22
194.102.188.0/24
Signature Algorithm: sha256WithRSAEncryption
40:b6:cc:92:4a:28:56:78:3f:15:52:93:f4:fc:97:3b:36:a9:
b6:35:e3:99:15:bb:d1:55:ba:54:f9:6f:82:6d:4c:ff:ed:c9:
da:7a:b4:1d:d1:14:bf:ff:e7:17:b8:a0:94:a1:69:ce:19:82:
bd:c0:27:d2:a5:e7:52:e4:a0:c1:f0:9d:f3:4c:82:03:eb:22:
c4:7c:f2:a3:93:56:72:6f:86:40:b9:ca:91:d7:43:a9:f2:17:
95:62:9d:65:c0:06:23:df:cf:65:e5:64:89:49:e3:ce:22:b3:
fc:5c:c5:a3:4b:0f:c6:08:b4:e1:89:40:59:a1:cb:43:92:0c:
31:3b:31:e6:cc:05:6a:ff:52:9a:ac:35:0d:b8:e6:66:67:5c:
13:0d:9d:58:e8:74:17:ee:d9:aa:1e:6d:aa:62:12:f7:20:97:
ed:ac:f2:bf:88:01:0f:58:e4:6c:6e:0f:a0:29:70:eb:fa:b2:
b1:19:1f:82:79:43:6d:d6:da:bc:fa:35:d1:b8:8c:76:bc:ee:
5a:d6:08:a6:7b:4b:08:ca:e4:d3:01:49:2c:dd:76:b4:81:10:
6f:78:e0:a2:05:65:52:0a:26:fe:c2:1f:ed:14:46:f4:17:f8:
5e:4b:2c:69:6b:fb:76:95:9d:bd:01:66:58:d4:c5:c6:15:b5:
c3:7c:85:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhE2/Ci+DwWNZ4OqBo5bre2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZWYwNjllN2UzZWQ1YmY3MGY2ODJjZTQwYzU4MTBmZjNl
NWUzNzgwHhcNMjMwNTIyMTkwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM4MzhjMmQzNGEyMmQyNmMzMGVlYTgwNGExYWE3MTQ1NzVkZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUfur7Qr4qt4Frch7oKAcZRu6mla
IuOtEhRTCjk3ZRVABaP2M+IvuUGfT9auNIJTvp/ynNpqzmQrPfKUBiOPO+2lsP8l
EBcgzyL/3j7Dss5A5wj2kcEmBryh6d1H161c/6ZPJYkUaSUKX45CwZus4dK8pp9G
C8Cg4Fd92qHP620A1bNGt2jO8r4DWlFsmFQLEpQq4PykVwt2nrCztGs5MEJoyqjw
KUTZISWxzy1zaDQEZs43Qms3rH5e+RmE548tjj3NIKERAv/7rbbwx9IQLWFkOlnt
kHnx0uIvficuFtq7MgYFM4qfvt9kCwao4do0wq56j1XjOdIhvw5PkS47RwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHo4OMLTSiLSbDDuqAShqnFFdd4QMB8GA1UdIwQY
MBaAFHrvBp5+PtW/cPaCzkDFgQ/z5eN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmIt
OTAwMDM0ZjAwZDllLzEvZWpnNHd0TktJdEpzTU82b0JLR3FjVVYxM2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmItOTAwMDM0ZjAwZDll
LzEvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcwsAwQD
Vcw4AwQCuViAAwQAwma8MA0GCSqGSIb3DQEBCwUAA4IBAQBAtsySSihWeD8VUpP0
/Jc7Nqm2NeOZFbvRVbpU+W+CbUz/7cnaerQd0RS//+cXuKCUoWnOGYK9wCfSpedS
5KDB8J3zTIID6yLEfPKjk1Zyb4ZAucqR10Op8heVYp1lwAYj389l5WSJSePOIrP8
XMWjSw/GCLThiUBZoctDkgwxOzHmzAVq/1KarDUNuOZmZ1wTDZ1Y6HQX7tmqHm2q
YhL3IJftrPK/iAEPWORsbg+gKXDr+rKxGR+CeUNt1tq8+jXRuIx2vO5a1gime0sI
yuTTAUks3Xa0gRBveOCiBWVSCib+wh/tFEb0F/heSyxpa/t2lZ29AWZY1MXGFbXD
fIWs
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:23:14 2025 by rpki-client