Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/ebI9-bltkGYR0Kydd86DKRuR-m4.roa
File: ebI9-bltkGYR0Kydd86DKRuR-m4.roa (raw, json)
Hash identifier: vY97+rbsf2Af/6VZD74+ezDbRo9VJ0nmutVli+2Mzns=
Subject key identifier: 79:B2:3D:F9:B9:6D:90:66:11:D0:AC:9D:77:CE:83:29:1B:91:FA:6E
Certificate issuer: /CN=3bed02136698701f74c49f8a2a9e73e84ec981b6
Certificate serial: 01867460F7C729D465953A06B3175CD85BEA
Authority key identifier: 3B:ED:02:13:66:98:70:1F:74:C4:9F:8A:2A:9E:73:E8:4E:C9:81:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/ebI9-bltkGYR0Kydd86DKRuR-m4.roa
Signing time: Tue 21 Feb 2023 14:29:17 +0000
ROA not before: Tue 21 Feb 2023 14:29:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201273
IP address blocks: 185.161.249.0/24 maxlen: 24
2a12:8340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:60:f7:c7:29:d4:65:95:3a:06:b3:17:5c:d8:5b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bed02136698701f74c49f8a2a9e73e84ec981b6
Validity
Not Before: Feb 21 14:29:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79b23df9b96d906611d0ac9d77ce83291b91fa6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:14:ba:af:3d:ff:9b:1e:c5:e2:22:3c:3e:1c:
ce:85:37:55:80:86:8e:6c:0a:a6:cf:e3:19:a8:35:
63:fe:91:41:1d:c1:d9:0f:14:d5:94:90:f5:3f:fd:
1b:ae:79:72:47:d7:6c:6e:7e:bb:4f:03:ea:af:d9:
26:26:58:df:a7:4d:3d:a6:c6:27:b8:ab:99:a5:5e:
f3:ed:20:9b:90:04:61:22:db:57:ec:38:06:34:1e:
cc:ea:bf:f9:b7:b2:51:c1:78:81:0e:4f:08:dd:2a:
61:b0:27:d2:1f:8d:c5:ce:3b:9e:27:aa:3a:52:c6:
46:cd:f9:50:f6:ee:1f:40:e7:85:59:44:a2:70:1c:
d3:06:b0:d0:73:f3:2f:d4:f7:be:ce:2f:48:a5:bc:
79:d6:ec:bf:6f:6c:a9:ee:e3:8d:f3:36:18:7e:72:
2a:18:ad:f6:86:f5:4a:1a:3b:7a:30:ec:a0:24:8c:
1e:9b:aa:80:59:26:e8:eb:b7:9f:ab:b8:a9:9d:bc:
46:02:32:91:3a:eb:26:88:94:9a:01:6a:ef:57:42:
ae:44:45:cb:31:cc:62:d9:16:b9:53:cc:a5:77:a0:
1b:37:0b:56:87:50:8a:53:d6:3a:19:3e:60:75:a2:
47:9b:ad:01:11:19:29:1c:2e:60:5b:53:4a:a8:80:
e2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B2:3D:F9:B9:6D:90:66:11:D0:AC:9D:77:CE:83:29:1B:91:FA:6E
X509v3 Authority Key Identifier:
keyid:3B:ED:02:13:66:98:70:1F:74:C4:9F:8A:2A:9E:73:E8:4E:C9:81:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/ebI9-bltkGYR0Kydd86DKRuR-m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.249.0/24
IPv6:
2a12:8340::/48
Signature Algorithm: sha256WithRSAEncryption
22:14:1e:0c:f8:4d:ce:17:36:48:e7:27:37:90:ab:0e:ca:4b:
7f:37:71:05:d0:b7:d6:f7:e7:2b:31:cd:50:12:4e:29:08:0a:
98:18:de:c2:25:58:31:f2:1b:f6:d0:70:06:f0:4b:cf:7e:65:
61:55:7a:25:f1:18:e6:b7:83:14:1e:04:5d:be:5f:89:bc:1b:
87:b4:76:20:46:2b:20:52:80:67:7f:22:b6:f2:4e:56:ea:76:
93:02:df:60:81:3d:bc:0c:18:47:e6:61:eb:ce:b7:b7:c7:c3:
4c:5e:0a:97:ff:d6:4a:69:c8:82:db:24:c9:df:16:1d:78:14:
9c:c3:3d:2f:40:b8:4a:d4:6e:1b:22:cb:38:8a:8b:60:c5:4a:
d3:4b:2c:51:ab:85:72:d4:57:fb:57:fc:b6:20:e6:e1:2c:e2:
3f:64:7c:c0:c2:20:21:df:96:a7:7a:e9:c1:03:c5:b7:7a:9d:
47:f4:bb:4a:38:85:d1:fc:8d:23:1f:82:fa:ce:75:8a:15:31:
34:9d:1c:41:2e:07:65:4f:ea:15:57:60:40:5e:6e:c2:b6:4a:
63:f5:c4:8c:1f:39:3a:f9:82:9b:c8:47:fc:7e:8f:aa:59:d9:
0e:f8:d1:b6:19:a0:1d:c4:36:58:8c:d9:e5:fb:cd:1a:20:23:
ae:bd:d8:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ0YPfHKdRllToGsxdc2FvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWQwMjEzNjY5ODcwMWY3NGM0OWY4YTJhOWU3M2U4NGVj
OTgxYjYwHhcNMjMwMjIxMTQyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWIyM2RmOWI5NmQ5MDY2MTFkMGFjOWQ3N2NlODMyOTFiOTFmYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhS6rz3/mx7F4iI8PhzOhTdVgIaO
bAqmz+MZqDVj/pFBHcHZDxTVlJD1P/0brnlyR9dsbn67TwPqr9kmJljfp009psYn
uKuZpV7z7SCbkARhIttX7DgGNB7M6r/5t7JRwXiBDk8I3SphsCfSH43FzjueJ6o6
UsZGzflQ9u4fQOeFWUSicBzTBrDQc/Mv1Pe+zi9Ipbx51uy/b2yp7uON8zYYfnIq
GK32hvVKGjt6MOygJIwem6qAWSbo67efq7ipnbxGAjKROusmiJSaAWrvV0KuREXL
Mcxi2Ra5U8yld6AbNwtWh1CKU9Y6GT5gdaJHm60BERkpHC5gW1NKqIDiRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHmyPfm5bZBmEdCsnXfOgykbkfpuMB8GA1UdIwQY
MBaAFDvtAhNmmHAfdMSfiiqec+hOyYG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZmFlZDEtZjY0Mi00ZTgyLThhNzMt
ZWQ5OWVmNjRhZGJmLzEvZWJJOS1ibHRrR1lSMEt5ZGQ4NkRLUnVSLW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZmFlZDEtZjY0Mi00ZTgyLThhNzMtZWQ5OWVmNjRhZGJm
LzEvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuaH5MA8E
AgACMAkDBwAqEoNAAAAwDQYJKoZIhvcNAQELBQADggEBACIUHgz4Tc4XNkjnJzeQ
qw7KS383cQXQt9b35ysxzVASTikICpgY3sIlWDHyG/bQcAbwS89+ZWFVeiXxGOa3
gxQeBF2+X4m8G4e0diBGKyBSgGd/IrbyTlbqdpMC32CBPbwMGEfmYevOt7fHw0xe
Cpf/1kppyILbJMnfFh14FJzDPS9AuErUbhsiyziKi2DFStNLLFGrhXLUV/tX/LYg
5uEs4j9kfMDCICHflqd66cEDxbd6nUf0u0o4hdH8jSMfgvrOdYoVMTSdHEEuB2VP
6hVXYEBebsK2SmP1xIwfOTr5gpvIR/x+j6pZ2Q740bYZoB3ENliM2eX7zRogI669
2Bs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:46 2025 by rpki-client