Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/EhN96MqzIOXgRl1aZZ-vo5-uqJQ.roa
File: EhN96MqzIOXgRl1aZZ-vo5-uqJQ.roa (raw, json)
Hash identifier: 3aMDkuTKNsRXfaDc1qNmVHaHAPwTGRuS23llw4AOgfc=
Subject key identifier: 12:13:7D:E8:CA:B3:20:E5:E0:46:5D:5A:65:9F:AF:A3:9F:AE:A8:94
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 018751AAB885FF336DA1BD591790E2D8A1C4
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/EhN96MqzIOXgRl1aZZ-vo5-uqJQ.roa
Signing time: Wed 05 Apr 2023 13:45:55 +0000
ROA not before: Wed 05 Apr 2023 13:45:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201508
IP address blocks: 194.126.152.0/22 maxlen: 22
185.4.24.0/22 maxlen: 22
185.42.0.0/22 maxlen: 22
185.182.52.0/22 maxlen: 22
185.245.212.0/22 maxlen: 22
185.65.164.0/22 maxlen: 22
185.208.240.0/22 maxlen: 22
46.36.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:aa:b8:85:ff:33:6d:a1:bd:59:17:90:e2:d8:a1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Apr 5 13:45:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12137de8cab320e5e0465d5a659fafa39faea894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:05:75:ae:fd:68:e9:23:48:a4:6d:47:dc:e7:
77:fa:4d:1d:4b:d4:a0:cb:9d:1c:f0:2b:f4:45:01:
52:70:07:ce:96:95:ee:d5:e4:91:b9:16:96:35:f8:
85:b1:9a:14:de:ea:ad:ca:78:59:86:19:31:79:7f:
58:85:91:26:b9:79:a3:01:96:8b:de:e9:92:23:be:
89:26:20:d1:2a:cd:75:d3:a0:20:ad:ee:71:97:1f:
f1:15:6c:88:4d:ce:9e:d1:3a:83:3f:b4:90:83:c0:
58:39:9e:2f:61:dd:ef:be:8c:2b:4c:97:3b:95:89:
13:63:de:e1:53:e0:5d:77:4c:f6:8f:8e:ad:ce:e5:
fe:06:df:a5:5b:1e:ad:69:4e:eb:ee:0a:97:56:ee:
74:44:3c:be:7e:15:be:9e:0c:50:fb:0d:8b:05:d0:
77:ce:18:f0:10:1a:c3:0f:1c:80:34:8e:f2:45:b2:
07:c6:67:1c:01:c3:db:9f:2f:98:f3:32:b0:ea:08:
c9:fb:ae:7a:f8:c9:8b:6e:72:92:d1:62:3f:ed:70:
b3:07:93:24:b2:ae:06:04:c9:74:7d:34:9e:15:e4:
d1:bd:8a:17:73:80:7d:df:73:be:ae:03:ad:4f:04:
3f:f1:48:37:0e:37:02:c7:0d:03:e5:c1:21:0d:1d:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:13:7D:E8:CA:B3:20:E5:E0:46:5D:5A:65:9F:AF:A3:9F:AE:A8:94
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/EhN96MqzIOXgRl1aZZ-vo5-uqJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.192.0/21
185.4.24.0/22
185.42.0.0/22
185.65.164.0/22
185.182.52.0/22
185.208.240.0/22
185.245.212.0/22
194.126.152.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:93:9d:ec:18:de:09:69:da:e7:67:95:1e:d2:0a:bc:f9:db:
91:0e:cd:5f:27:59:be:0f:cc:d8:bc:67:fd:a0:da:da:6c:12:
3c:ff:5b:a2:82:e0:e6:12:66:f5:56:1b:e1:51:e0:95:cc:13:
34:8e:47:1d:b5:c3:3c:b3:2d:31:41:af:7e:cc:04:59:c4:91:
cb:66:d2:51:14:15:a0:47:14:cc:9a:c4:97:35:4f:6f:be:c8:
74:13:19:f1:18:68:61:5e:80:37:60:6a:15:37:71:d6:58:90:
d6:8b:c7:c0:86:8c:4b:c8:4e:5e:9b:44:07:d6:a2:a7:8b:0a:
33:85:75:92:a3:14:ca:79:1f:1e:42:3a:bd:fb:c3:23:9c:1c:
25:8d:b5:5d:ac:f6:84:58:13:09:52:da:d4:f2:f2:ee:8e:45:
3a:86:90:a8:e5:80:bc:bb:9b:18:05:fc:96:7e:ea:96:58:a6:
0b:71:e7:e0:7f:a5:fd:d6:5d:9c:dd:77:34:ba:d9:e9:2b:09:
cb:27:46:4d:2d:11:4a:44:16:ba:93:97:f9:47:e5:d3:9d:1f:
78:b6:a9:69:03:5f:0c:29:85:2a:5c:8c:c9:eb:e1:8f:8a:c6:
48:b6:73:58:91:69:56:07:dc:ba:22:57:9c:c7:f6:ec:51:ce:
9c:bb:31:9c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdRqriF/zNtob1ZF5Di2KHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMwNDA1MTM0NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjEzN2RlOGNhYjMyMGU1ZTA0NjVkNWE2NTlmYWZhMzlmYWVhODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQV1rv1o6SNIpG1H3Od3+k0dS9Sg
y50c8Cv0RQFScAfOlpXu1eSRuRaWNfiFsZoU3uqtynhZhhkxeX9YhZEmuXmjAZaL
3umSI76JJiDRKs1106Agre5xlx/xFWyITc6e0TqDP7SQg8BYOZ4vYd3vvowrTJc7
lYkTY97hU+Bdd0z2j46tzuX+Bt+lWx6taU7r7gqXVu50RDy+fhW+ngxQ+w2LBdB3
zhjwEBrDDxyANI7yRbIHxmccAcPbny+Y8zKw6gjJ+656+MmLbnKS0WI/7XCzB5Mk
sq4GBMl0fTSeFeTRvYoXc4B933O+rgOtTwQ/8Ug3DjcCxw0D5cEhDR3mRQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBITfejKsyDl4EZdWmWfr6OfrqiUMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvRWhOOTZNcXpJT1hnUmwxYVpaLXZvNS11cUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDLiTAAwQC
uQQYAwQCuSoAAwQCuUGkAwQCubY0AwQCudDwAwQCufXUAwQCwn6YMA0GCSqGSIb3
DQEBCwUAA4IBAQCKk53sGN4JadrnZ5Ue0gq8+duRDs1fJ1m+D8zYvGf9oNrabBI8
/1uiguDmEmb1VhvhUeCVzBM0jkcdtcM8sy0xQa9+zARZxJHLZtJRFBWgRxTMmsSX
NU9vvsh0ExnxGGhhXoA3YGoVN3HWWJDWi8fAhoxLyE5em0QH1qKniwozhXWSoxTK
eR8eQjq9+8MjnBwljbVdrPaEWBMJUtrU8vLujkU6hpCo5YC8u5sYBfyWfuqWWKYL
cefgf6X91l2c3Xc0utnpKwnLJ0ZNLRFKRBa6k5f5R+XTnR94tqlpA18MKYUqXIzJ
6+GPisZItnNYkWlWB9y6Ilecx/bsUc6cuzGc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:22 2025 by rpki-client