Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/EBJaDntQvtMDPPCp_QXgbJVGjxU.roa
File: EBJaDntQvtMDPPCp_QXgbJVGjxU.roa (raw, json)
Hash identifier: +9yJ9+3N0eZ5I7PV9eiNowoHLIoc8sBHZltw4x3rtiE=
Subject key identifier: 10:12:5A:0E:7B:50:BE:D3:03:3C:F0:A9:FD:05:E0:6C:95:46:8F:15
Certificate issuer: /CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Certificate serial: 01856C65CDA51BE4A0198C1F2135DAF04565
Authority key identifier: 46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/EBJaDntQvtMDPPCp_QXgbJVGjxU.roa
Signing time: Sun 01 Jan 2023 08:14:48 +0000
ROA not before: Sun 01 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200678
IP address blocks: 185.99.176.0/22 maxlen: 22
2a00:8e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cd:a5:1b:e4:a0:19:8c:1f:21:35:da:f0:45:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Validity
Not Before: Jan 1 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10125a0e7b50bed3033cf0a9fd05e06c95468f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:00:dd:49:03:0c:ae:ff:fe:05:da:68:be:c9:
15:16:e9:0f:ae:a8:a5:4a:a9:c4:de:1e:5f:e2:28:
31:1e:72:7e:5b:c8:c3:0f:3a:04:cd:23:7e:c1:71:
72:6a:a1:64:30:23:25:1f:69:1f:3e:0f:28:ca:e3:
4c:0a:f7:be:9a:99:30:57:24:ad:4a:bb:70:c2:94:
ad:5f:c8:65:19:14:48:5f:69:81:b5:78:23:88:de:
14:ad:33:67:23:94:79:f2:dd:b1:85:cc:84:32:0c:
85:3e:d1:a6:88:ae:fe:d7:17:9f:88:d9:16:5a:02:
7f:30:9f:ad:32:db:45:1b:29:a8:21:ac:ef:5a:c2:
87:c7:ea:7e:9f:db:b8:7f:b5:fa:22:fb:cc:c8:32:
d1:50:85:28:a4:c3:36:86:fc:5b:84:33:8f:a0:45:
a7:ef:8c:12:c7:af:93:26:81:87:59:18:09:5d:9b:
23:9c:49:12:e7:a8:3d:53:4d:59:eb:5f:10:8e:b1:
72:c6:63:4d:4f:15:c5:c7:8c:c2:97:6e:b4:a1:3d:
83:87:d1:26:f0:00:7c:d7:66:1d:8f:50:04:ab:b8:
ea:a5:28:aa:ae:d8:ee:eb:10:8c:e0:9f:7f:75:34:
26:62:4c:c3:d4:84:f3:1d:b3:cc:4a:42:64:ac:34:
07:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:12:5A:0E:7B:50:BE:D3:03:3C:F0:A9:FD:05:E0:6C:95:46:8F:15
X509v3 Authority Key Identifier:
keyid:46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/EBJaDntQvtMDPPCp_QXgbJVGjxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.176.0/22
IPv6:
2a00:8e80::/32
Signature Algorithm: sha256WithRSAEncryption
7a:a4:5e:42:cc:3b:3a:d2:72:62:e1:59:5e:a7:f0:c8:e6:a1:
a6:25:a2:ad:dc:8c:19:04:1f:df:a4:72:3f:41:1e:6d:c0:22:
90:e6:4b:1b:34:e6:1e:09:56:03:51:4e:c1:bf:11:4d:0b:16:
5b:5e:79:79:6e:9e:4b:e3:5b:a7:7d:a6:a1:7a:c5:d1:3a:07:
c1:48:0b:bb:d4:ed:29:aa:50:17:f3:40:76:31:4d:77:ed:1c:
db:e9:bf:f1:0c:58:20:ee:a5:a0:4a:4e:63:09:42:4b:dd:6a:
00:8d:08:14:ec:2d:98:e3:c9:35:5d:51:1f:1b:96:67:c7:85:
99:ed:4d:1d:7b:ec:b5:ab:5d:85:9c:5a:16:a8:2c:fb:3f:60:
ee:63:ac:19:cf:b4:fa:4c:67:d0:21:7f:d5:5d:24:f2:b0:14:
ea:89:4f:5a:b8:cb:6f:82:c4:65:ce:8f:23:f2:4b:7f:a6:a6:
db:38:6e:b1:c4:7e:d7:8b:0c:2c:ab:86:76:66:c3:1b:3b:9e:
46:a9:04:e1:85:ff:ef:c1:4c:f6:42:cf:8a:33:81:22:00:79:
3b:04:05:2c:c0:6f:1a:a0:33:5c:59:8d:34:a0:89:62:58:a0:
d3:00:40:90:0c:60:c0:ac:44:f4:f9:7c:5a:51:2a:e0:ca:6e:
3b:01:43:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsZc2lG+SgGYwfITXa8EVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIxMWFmOTM1NWRhOWEyYjVkZjczZWNkZDdmZDA5Njdh
NGI1OGMwHhcNMjMwMTAxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDEyNWEwZTdiNTBiZWQzMDMzY2YwYTlmZDA1ZTA2Yzk1NDY4ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQDdSQMMrv/+BdpovskVFukPrqil
SqnE3h5f4igxHnJ+W8jDDzoEzSN+wXFyaqFkMCMlH2kfPg8oyuNMCve+mpkwVySt
SrtwwpStX8hlGRRIX2mBtXgjiN4UrTNnI5R58t2xhcyEMgyFPtGmiK7+1xefiNkW
WgJ/MJ+tMttFGymoIazvWsKHx+p+n9u4f7X6IvvMyDLRUIUopMM2hvxbhDOPoEWn
74wSx6+TJoGHWRgJXZsjnEkS56g9U01Z618QjrFyxmNNTxXFx4zCl260oT2Dh9Em
8AB812Ydj1AEq7jqpSiqrtju6xCM4J9/dTQmYkzD1ITzHbPMSkJkrDQH3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBASWg57UL7TAzzwqf0F4GyVRo8VMB8GA1UdIwQY
MBaAFEbrEa+TVdqaK133Ps3X/QlnpLWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUt
NDVmNDk2ZjJmZTc1LzEvRUJKYURudFF2dE1EUFBDcF9RWGdiSlZHanhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUtNDVmNDk2ZjJmZTc1
LzEvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWOwMA0E
AgACMAcDBQAqAI6AMA0GCSqGSIb3DQEBCwUAA4IBAQB6pF5CzDs60nJi4Vlep/DI
5qGmJaKt3IwZBB/fpHI/QR5twCKQ5ksbNOYeCVYDUU7BvxFNCxZbXnl5bp5L41un
faahesXROgfBSAu71O0pqlAX80B2MU137Rzb6b/xDFgg7qWgSk5jCUJL3WoAjQgU
7C2Y48k1XVEfG5Znx4WZ7U0de+y1q12FnFoWqCz7P2DuY6wZz7T6TGfQIX/VXSTy
sBTqiU9auMtvgsRlzo8j8kt/pqbbOG6xxH7Xiwwsq4Z2ZsMbO55GqQThhf/vwUz2
Qs+KM4EiAHk7BAUswG8aoDNcWY00oIliWKDTAECQDGDArET0+XxaUSrgym47AUO+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:58 2025 by rpki-client