Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/EJqZ5e-HJb-YOPquLJomqx8H5vw.roa
File: EJqZ5e-HJb-YOPquLJomqx8H5vw.roa (raw, json)
Hash identifier: rq1eJNCLXf/O7deVixotX4oCeoVEA38QbAGY5BDFidw=
Subject key identifier: 10:9A:99:E5:EF:87:25:BF:98:38:FA:AE:2C:9A:26:AB:1F:07:E6:FC
Certificate issuer: /CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Certificate serial: 1345615C
Authority key identifier: B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/EJqZ5e-HJb-YOPquLJomqx8H5vw.roa
Signing time: Sat 01 Jan 2022 06:05:52 +0000
ROA not before: Sat 01 Jan 2022 06:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21067
IP address blocks: 185.110.149.0/24 maxlen: 24
185.110.150.0/24 maxlen: 24
185.110.151.0/24 maxlen: 24
185.110.148.0/22 maxlen: 22
185.110.148.0/24 maxlen: 24
2a06:5844::/30 maxlen: 30
2a06:5840::/29 maxlen: 29
2a06:5840::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323314012 (0x1345615c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Validity
Not Before: Jan 1 06:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=109a99e5ef8725bf9838faae2c9a26ab1f07e6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a9:cc:79:a6:a5:86:7d:7d:4b:a3:fc:bf:71:
f4:71:74:42:f3:6f:dc:c7:c7:0a:fa:2e:da:a5:92:
30:d3:27:2e:ec:d9:7e:2b:ba:b7:08:d8:b7:0d:ec:
9e:98:9b:07:63:d2:d8:fb:df:2d:be:07:62:18:fd:
d9:2f:b8:32:91:14:9b:67:51:6d:d6:e5:a4:21:11:
71:55:d1:2b:8a:95:5d:1a:d7:e8:af:0b:23:a7:bd:
7d:61:2a:2a:6a:6c:54:54:1c:ad:01:d0:1d:f8:bc:
1f:7a:e3:7e:ce:a7:2c:a3:ce:3d:a6:cd:89:5c:03:
78:85:0e:b6:1f:e6:b3:8a:13:13:07:e3:10:ba:15:
27:5b:0e:95:0d:13:98:b6:ec:25:9f:19:fd:89:0d:
90:f6:76:54:94:e3:3c:11:f2:62:9a:90:ca:92:3b:
f9:74:7e:57:b4:1a:b6:42:9e:02:d2:b7:f6:49:c1:
86:d0:d6:90:59:32:ab:47:25:e6:96:de:25:6d:f4:
d5:18:a8:6f:54:66:23:89:33:6b:f4:06:2b:9f:c4:
55:42:ba:7c:d9:3a:f0:64:c5:74:a9:e2:93:5a:37:
a2:ba:08:04:39:0a:43:a1:1c:95:42:5c:d1:b4:14:
4a:77:d9:1b:5d:ef:3f:6f:0c:54:55:fc:42:dc:c1:
9f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9A:99:E5:EF:87:25:BF:98:38:FA:AE:2C:9A:26:AB:1F:07:E6:FC
X509v3 Authority Key Identifier:
keyid:B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/EJqZ5e-HJb-YOPquLJomqx8H5vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/sKclKqZD0NvELaQQ6cIPVwM2jNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.148.0/22
IPv6:
2a06:5840::/29
Signature Algorithm: sha256WithRSAEncryption
04:75:a1:7e:05:01:3b:9b:53:2a:3e:d3:12:8c:9b:76:de:85:
00:b7:2a:34:b1:02:1a:77:dc:bf:34:aa:ed:39:9b:33:4b:3e:
db:22:9e:19:6f:48:59:02:97:f0:d0:90:68:b8:e8:ca:2b:7b:
a2:88:2c:80:2f:a0:d6:41:cf:14:ac:9b:dc:46:2e:e9:59:36:
f8:eb:61:2e:67:b5:e6:10:9c:cc:c8:df:a8:54:7c:a1:93:ca:
ca:03:a0:1f:7a:f4:3e:9e:fd:f2:50:5b:f0:8a:07:51:11:11:
23:3a:83:f6:a6:90:b6:c3:d6:65:91:93:aa:8e:d1:59:29:bb:
d7:57:66:7f:ce:a3:26:58:93:50:9e:cc:c6:f6:a0:8e:05:b4:
91:1d:ea:01:21:f0:1c:7c:88:d5:d8:37:73:b2:58:ae:f0:2e:
b4:1f:4a:a7:ea:de:01:3b:f7:1a:8f:85:92:79:eb:81:55:79:
e3:3a:9c:df:50:b9:c5:75:06:fa:0a:8a:e9:72:d1:14:eb:2b:
96:b4:21:9e:e2:0a:b8:91:73:7e:f6:d3:6b:25:34:68:37:06:
c9:a1:14:27:cd:fd:65:f4:a4:55:13:20:17:80:9e:4d:15:5d:
06:99:6f:3b:7d:7d:c9:fb:0a:7c:27:81:b8:ae:2c:07:20:8f:
bf:d8:da:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE0VhXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGE3MjUyYWE2NDNkMGRiYzQyZGE0MTBlOWMyMGY1NzAzMzY4Y2Q4MB4XDTIyMDEw
MTA2MDU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA5YTk5ZTVlZjg3
MjViZjk4MzhmYWFlMmM5YTI2YWIxZjA3ZTZmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmpzHmmpYZ9fUuj/L9x9HF0QvNv3MfHCvou2qWSMNMnLuzZ
fiu6twjYtw3snpibB2PS2PvfLb4HYhj92S+4MpEUm2dRbdblpCERcVXRK4qVXRrX
6K8LI6e9fWEqKmpsVFQcrQHQHfi8H3rjfs6nLKPOPabNiVwDeIUOth/ms4oTEwfj
ELoVJ1sOlQ0TmLbsJZ8Z/YkNkPZ2VJTjPBHyYpqQypI7+XR+V7QatkKeAtK39knB
htDWkFkyq0cl5pbeJW301Riob1RmI4kza/QGK5/EVUK6fNk68GTFdKnik1o3oroI
BDkKQ6EclUJc0bQUSnfZG13vP28MVFX8QtzBn00CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQQmpnl74clv5g4+q4smiarHwfm/DAfBgNVHSMEGDAWgBSwpyUqpkPQ28Qt
pBDpwg9XAzaM2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NLY2xLcVpEME52RUxhUVE2Y0lQVndNMmpOZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZTRmM2VmLTdiZmMtNDA1NS1iNzk4LTAyOGEyYjBhNTNkNS8x
L0VKcVo1ZS1ISmItWU9QcXVMSm9tcXg4SDV2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZTRmM2VmLTdiZmMtNDA1NS1iNzk4LTAyOGEyYjBhNTNkNS8xL3NLY2xLcVpEME52
RUxhUVE2Y0lQVndNMmpOZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlulDANBAIAAjAHAwUDKgZYQDAN
BgkqhkiG9w0BAQsFAAOCAQEABHWhfgUBO5tTKj7TEoybdt6FALcqNLECGnfcvzSq
7TmbM0s+2yKeGW9IWQKX8NCQaLjoyit7oogsgC+g1kHPFKyb3EYu6Vk2+OthLme1
5hCczMjfqFR8oZPKygOgH3r0Pp798lBb8IoHURERIzqD9qaQtsPWZZGTqo7RWSm7
11dmf86jJliTUJ7MxvagjgW0kR3qASHwHHyI1dg3c7JYrvAutB9Kp+reATv3Go+F
knnrgVV54zqc31C5xXUG+gqK6XLRFOsrlrQhnuIKuJFzfvbTayU0aDcGyaEUJ839
ZfSkVRMgF4CeTRVdBplvO319yfsKfCeBuK4sByCPv9jamA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:45 2025 by rpki-client