Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/Eb6-rem509liRNWXCdtcIhKd8Pg.roa
File: Eb6-rem509liRNWXCdtcIhKd8Pg.roa (raw, json)
Hash identifier: q2i+aI22+jcuQWJrc4k63hT4RJimSeVhy8jsOiRwubw=
Subject key identifier: 11:BE:BE:AD:E9:B9:D3:D9:62:44:D5:97:09:DB:5C:22:12:9D:F0:F8
Certificate issuer: /CN=372ac6ef92b81d705787a4ef89fd4673805c7abc
Certificate serial: 018A8ECE28BCD7D16CBF14BE413F448DFD6D
Authority key identifier: 37:2A:C6:EF:92:B8:1D:70:57:87:A4:EF:89:FD:46:73:80:5C:7A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NyrG75K4HXBXh6Tvif1Gc4Bcerw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/Eb6-rem509liRNWXCdtcIhKd8Pg.roa
Signing time: Wed 13 Sep 2023 13:49:50 +0000
ROA not before: Wed 13 Sep 2023 13:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198386
IP address blocks: 147.78.62.0/24 maxlen: 24
147.78.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:ce:28:bc:d7:d1:6c:bf:14:be:41:3f:44:8d:fd:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=372ac6ef92b81d705787a4ef89fd4673805c7abc
Validity
Not Before: Sep 13 13:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11bebeade9b9d3d96244d59709db5c22129df0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:91:ce:7d:ec:d0:12:87:ca:15:3e:a5:aa:98:
a9:4f:19:6a:7f:37:8c:d4:10:03:77:7b:31:fc:3e:
27:48:68:57:3f:2e:88:6f:d1:79:ee:f4:fa:2f:1f:
e0:bc:b7:dd:d5:9e:2a:1a:c6:df:c7:ba:6d:fb:93:
65:77:50:ce:89:b3:15:aa:86:3c:72:ad:50:90:e9:
37:86:b9:d6:6d:2a:00:b7:e8:c9:ec:99:98:06:24:
89:69:ac:d9:e3:0a:68:7e:41:c2:c3:15:78:11:c1:
6f:92:6e:82:17:6c:6f:51:b8:eb:e0:bc:7c:07:0e:
27:81:3c:76:74:23:9f:7e:59:6d:46:6b:6d:40:2a:
47:99:3d:0e:97:8b:36:a1:c2:33:2d:26:82:56:8c:
81:c5:09:34:25:32:9c:f3:95:d9:5c:ab:00:d2:e3:
5b:4e:ab:94:ca:2a:a7:82:eb:0c:17:e5:fa:d3:fa:
76:19:f9:be:8a:2e:99:74:44:3c:d4:b6:dc:6d:6d:
6a:ee:df:fa:db:78:a6:8e:ce:79:ee:c4:03:dc:19:
48:05:d3:59:56:91:96:5e:9a:53:bb:9d:6b:0e:6d:
6c:5c:39:46:5a:98:ee:7f:66:eb:8c:46:d6:7c:af:
88:17:20:73:9f:61:39:00:ba:34:1b:72:6a:31:c0:
2c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BE:BE:AD:E9:B9:D3:D9:62:44:D5:97:09:DB:5C:22:12:9D:F0:F8
X509v3 Authority Key Identifier:
keyid:37:2A:C6:EF:92:B8:1D:70:57:87:A4:EF:89:FD:46:73:80:5C:7A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NyrG75K4HXBXh6Tvif1Gc4Bcerw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/Eb6-rem509liRNWXCdtcIhKd8Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/NyrG75K4HXBXh6Tvif1Gc4Bcerw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.62.0/23
Signature Algorithm: sha256WithRSAEncryption
62:81:c9:61:05:7a:b8:96:e8:50:cd:d8:66:f4:1e:9d:52:fa:
97:5a:85:cf:96:71:45:7f:a9:21:95:e7:33:a0:d1:12:0f:05:
d3:3d:19:f3:0f:91:57:59:7e:8f:1a:f5:0b:29:69:18:f8:8b:
64:6a:54:f0:92:3d:33:d0:ae:27:5a:b0:8e:aa:9b:9f:d4:ec:
0f:c3:e7:e2:6d:ac:0a:9b:97:8c:2b:fc:5a:8a:f2:0e:93:14:
17:bf:bb:91:fd:82:2e:8c:87:d7:14:88:2b:03:c8:6d:78:e0:
df:fb:5f:f5:0c:c0:aa:16:8f:84:fa:33:a2:89:2a:8e:80:71:
4c:af:7a:c5:1b:83:9c:7a:72:88:3a:98:ef:ea:f2:4c:8d:ee:
36:8e:8a:b9:41:2d:8a:51:53:48:05:80:ee:91:00:76:d8:e9:
a5:5b:89:f8:1a:d9:b2:c8:74:aa:0b:db:bf:4b:8c:25:1a:bc:
62:e7:d5:16:78:1e:e0:34:a8:7f:f0:a7:a9:58:59:f1:90:d4:
b7:df:e0:83:5e:d2:57:f4:1e:7f:ab:b5:29:60:9d:9c:fc:c8:
4f:e5:c2:1f:54:f5:87:e8:af:9c:34:69:db:98:b3:f9:4c:d6:
dc:0a:b4:27:fc:bd:bf:49:5c:de:86:f1:b3:66:99:7d:2e:9c:
92:f2:a1:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqOzii819FsvxS+QT9Ejf1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MmFjNmVmOTJiODFkNzA1Nzg3YTRlZjg5ZmQ0NjczODA1
YzdhYmMwHhcNMjMwOTEzMTM0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWJlYmVhZGU5YjlkM2Q5NjI0NGQ1OTcwOWRiNWMyMjEyOWRmMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspHOfezQEofKFT6lqpipTxlqfzeM
1BADd3sx/D4nSGhXPy6Ib9F57vT6Lx/gvLfd1Z4qGsbfx7pt+5Nld1DOibMVqoY8
cq1QkOk3hrnWbSoAt+jJ7JmYBiSJaazZ4wpofkHCwxV4EcFvkm6CF2xvUbjr4Lx8
Bw4ngTx2dCOfflltRmttQCpHmT0Ol4s2ocIzLSaCVoyBxQk0JTKc85XZXKsA0uNb
TquUyiqngusMF+X60/p2Gfm+ii6ZdEQ81LbcbW1q7t/623imjs557sQD3BlIBdNZ
VpGWXppTu51rDm1sXDlGWpjuf2brjEbWfK+IFyBzn2E5ALo0G3JqMcAsRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBG+vq3pudPZYkTVlwnbXCISnfD4MB8GA1UdIwQY
MBaAFDcqxu+SuB1wV4ek74n9RnOAXHq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnlyRzc1SzRIWEJYaDZUdmlmMUdjNEJjZXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iMWE2N2QtNWZiMy00ODU1LThkMTkt
MDlhMjhlMGQ3MTc4LzEvRWI2LXJlbTUwOWxpUk5XWENkdGNJaEtkOFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iMWE2N2QtNWZiMy00ODU1LThkMTktMDlhMjhlMGQ3MTc4
LzEvTnlyRzc1SzRIWEJYaDZUdmlmMUdjNEJjZXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk04+MA0G
CSqGSIb3DQEBCwUAA4IBAQBigclhBXq4luhQzdhm9B6dUvqXWoXPlnFFf6khlecz
oNESDwXTPRnzD5FXWX6PGvULKWkY+ItkalTwkj0z0K4nWrCOqpuf1OwPw+fibawK
m5eMK/xaivIOkxQXv7uR/YIujIfXFIgrA8hteODf+1/1DMCqFo+E+jOiiSqOgHFM
r3rFG4OcenKIOpjv6vJMje42joq5QS2KUVNIBYDukQB22OmlW4n4GtmyyHSqC9u/
S4wlGrxi59UWeB7gNKh/8KepWFnxkNS33+CDXtJX9B5/q7UpYJ2c/MhP5cIfVPWH
6K+cNGnbmLP5TNbcCrQn/L2/SVzehvGzZpl9LpyS8qHw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:26 2025 by rpki-client