Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/2eBC-ZenboHrNAExD7OUg-h6YK0.roa
File: 2eBC-ZenboHrNAExD7OUg-h6YK0.roa (raw, json)
Hash identifier: xBZ1egh5oufFMDmsvu2hpizr/cVv3AgekAn3EyJSxBA=
Subject key identifier: D9:E0:42:F9:97:A7:6E:81:EB:34:01:31:0F:B3:94:83:E8:7A:60:AD
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 01856E38C37EFFED5B5EAC60086A791D0604
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/2eBC-ZenboHrNAExD7OUg-h6YK0.roa
Signing time: Sun 01 Jan 2023 16:44:51 +0000
ROA not before: Sun 01 Jan 2023 16:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 185.15.102.0/23 maxlen: 23
185.15.101.0/24 maxlen: 24
5.152.168.0/21 maxlen: 21
5.8.184.0/24 maxlen: 24
5.8.185.0/24 maxlen: 24
5.8.186.0/24 maxlen: 24
5.8.191.0/24 maxlen: 24
5.8.190.0/24 maxlen: 24
5.8.187.0/24 maxlen: 24
37.1.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c3:7e:ff:ed:5b:5e:ac:60:08:6a:79:1d:06:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Jan 1 16:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9e042f997a76e81eb3401310fb39483e87a60ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f7:28:0c:0b:c4:b2:a1:f7:4f:5c:f2:37:0c:
44:b5:a1:71:c8:a6:d1:f1:f5:b1:85:cf:9f:fa:ea:
7a:8f:c8:9f:f3:f5:87:7d:71:df:c4:b8:a4:97:f6:
9b:51:3b:ac:d4:01:cf:5f:7d:22:a1:b6:dd:c4:22:
e0:0b:1a:86:99:8e:9b:d0:99:e5:f2:c6:88:3a:6a:
cc:01:5e:9e:13:46:1a:22:5b:3e:d0:f4:1f:31:21:
55:b6:da:52:17:fd:d7:d0:95:c0:ca:ca:c8:e0:f9:
b6:93:da:50:cc:c3:17:d2:6f:31:63:e5:86:8c:00:
79:86:4f:1f:8b:89:50:45:5f:4e:b9:f0:78:1d:eb:
89:18:43:a2:95:34:3d:e9:2f:bc:ab:49:8e:45:da:
6a:f8:06:ae:e0:92:10:cf:eb:10:9c:62:97:dd:46:
b1:4e:de:38:07:94:d6:93:1c:b6:67:16:f7:bc:c4:
b6:ba:15:ec:ac:43:b8:45:d2:b2:48:d5:f3:f7:f8:
22:fb:a8:b3:b6:1e:da:29:12:bb:12:bc:82:0b:68:
00:e5:46:08:45:1b:4d:b5:ee:3e:b9:60:cd:26:16:
d8:5e:eb:82:8d:ec:78:5d:71:77:60:a7:38:13:9c:
ea:9b:bf:3e:fd:ab:d2:3b:8f:f6:26:ce:be:20:6d:
3d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E0:42:F9:97:A7:6E:81:EB:34:01:31:0F:B3:94:83:E8:7A:60:AD
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/2eBC-ZenboHrNAExD7OUg-h6YK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/22
5.8.190.0/23
5.152.168.0/21
37.1.183.0/24
185.15.101.0-185.15.103.255
Signature Algorithm: sha256WithRSAEncryption
09:c0:fd:c2:a3:51:a4:b3:7b:f1:8c:1b:e8:92:a4:f5:ea:8a:
f6:7c:b8:e9:a5:86:3a:ff:6d:ad:b2:f2:29:d1:88:ea:6c:43:
70:2e:e9:cd:6a:d5:c2:5b:30:a5:f3:47:00:f0:ce:f5:64:3e:
f3:fa:a3:46:84:ef:8f:90:1d:e5:5c:d6:58:28:5f:85:15:c9:
9b:2b:2d:25:cf:b8:a7:be:4e:6f:de:3f:59:ef:9b:08:42:a0:
27:b4:c3:7e:d3:d2:e1:0b:d3:f1:bc:40:99:92:0d:74:89:12:
a6:fb:db:6a:e5:f6:58:bc:65:bd:dd:fa:56:8a:ac:8c:58:6d:
54:29:09:5b:bb:00:b1:a2:76:3a:31:62:5e:33:ba:3c:04:2e:
27:e1:9c:6f:3f:71:a1:60:5f:ac:62:82:3a:10:7a:39:04:56:
96:31:6d:5a:d9:96:d0:a8:79:39:dc:d0:f1:af:48:b2:40:7a:
18:c1:75:33:05:ae:b7:af:ac:3d:33:1a:8e:f7:d3:71:11:10:
2c:f1:d8:13:29:f3:77:3c:74:27:4d:c8:fc:2c:f8:1d:e0:97:
0f:7c:e2:37:08:1b:28:42:3e:f2:7e:83:39:f9:a3:77:16:48:
c4:43:92:9a:4a:2f:71:53:d2:24:69:37:ec:ac:15:bc:d4:99:
39:62:95:e3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuOMN+/+1bXqxgCGp5HQYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjMwMTAxMTY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWUwNDJmOTk3YTc2ZTgxZWIzNDAxMzEwZmIzOTQ4M2U4N2E2MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfcoDAvEsqH3T1zyNwxEtaFxyKbR
8fWxhc+f+up6j8if8/WHfXHfxLikl/abUTus1AHPX30iobbdxCLgCxqGmY6b0Jnl
8saIOmrMAV6eE0YaIls+0PQfMSFVttpSF/3X0JXAysrI4Pm2k9pQzMMX0m8xY+WG
jAB5hk8fi4lQRV9OufB4HeuJGEOilTQ96S+8q0mORdpq+Aau4JIQz+sQnGKX3Uax
Tt44B5TWkxy2Zxb3vMS2uhXsrEO4RdKySNXz9/gi+6izth7aKRK7EryCC2gA5UYI
RRtNte4+uWDNJhbYXuuCjex4XXF3YKc4E5zqm78+/avSO4/2Js6+IG09gQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNngQvmXp26B6zQBMQ+zlIPoemCtMB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEvMmVCQy1aZW5ib0hyTkFFeEQ3T1VnLWg2WUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBQi4AwQB
BQi+AwQDBZioAwQAJQG3MAwDBAC5D2UDBAO5D2AwDQYJKoZIhvcNAQELBQADggEB
AAnA/cKjUaSze/GMG+iSpPXqivZ8uOmlhjr/ba2y8inRiOpsQ3Au6c1q1cJbMKXz
RwDwzvVkPvP6o0aE74+QHeVc1lgoX4UVyZsrLSXPuKe+Tm/eP1nvmwhCoCe0w37T
0uEL0/G8QJmSDXSJEqb722rl9li8Zb3d+laKrIxYbVQpCVu7ALGidjoxYl4zujwE
LifhnG8/caFgX6xigjoQejkEVpYxbVrZltCoeTnc0PGvSLJAehjBdTMFrrevrD0z
Go7303ERECzx2BMp83c8dCdNyPws+B3glw984jcIGyhCPvJ+gzn5o3cWSMRDkppK
L3FT0iRpN+ysFbzUmTlileM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:17 2025 by rpki-client