Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/EKrX6mI-Mfd9J43trCM2PMqN9hw.roa
File: EKrX6mI-Mfd9J43trCM2PMqN9hw.roa (raw, json)
Hash identifier: dfuj2vvy82hprXzLPRPFQIjTvd65agz47tnzLiDXl5c=
Subject key identifier: 10:AA:D7:EA:62:3E:31:F7:7D:27:8D:ED:AC:23:36:3C:CA:8D:F6:1C
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65F6EAE5C66FB3D04C58E423CE04A1
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/EKrX6mI-Mfd9J43trCM2PMqN9hw.roa
Signing time: Sun 01 Jan 2023 08:14:59 +0000
ROA not before: Sun 01 Jan 2023 08:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201247
IP address blocks: 79.133.97.0/24 maxlen: 24
185.13.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:f6:ea:e5:c6:6f:b3:d0:4c:58:e4:23:ce:04:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10aad7ea623e31f77d278dedac23363cca8df61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9f:7e:66:4b:a4:b0:63:36:5c:65:39:aa:15:
21:bf:9a:43:56:75:56:db:bf:76:7f:5e:d3:89:79:
40:69:d6:85:d1:d6:85:61:2f:bd:1e:4a:33:60:45:
85:13:dd:4e:60:43:48:07:ed:ef:14:65:cc:91:2b:
c5:5b:28:d4:60:11:0e:2e:6d:bf:8a:e2:33:a7:3b:
e0:dc:dd:cf:92:82:01:77:b1:9c:ce:0e:d3:12:3c:
7b:da:dc:7d:00:03:83:2a:86:c6:8e:e9:2b:29:bf:
6d:04:35:32:5c:37:a9:d3:c0:af:d9:37:b8:44:ef:
48:b8:7a:b2:9c:7a:61:da:9b:24:0e:de:ff:e4:6f:
a7:d3:c7:af:65:7b:4e:b2:bf:e1:32:c2:c7:e9:77:
87:2c:0d:89:a3:09:a6:fb:5a:6b:e5:b3:b3:b4:70:
d7:2b:56:f3:97:45:c6:ba:23:79:ce:22:4f:f3:82:
4f:1f:4b:86:ef:fc:38:a8:d6:a6:4b:c2:bf:0f:61:
bb:3a:13:15:49:44:cc:a6:e7:43:63:2a:63:88:5b:
bc:41:e2:a9:a1:26:fb:df:ce:58:10:99:e0:68:1f:
36:2b:b7:f2:ba:c2:67:7a:44:e3:a1:80:cb:d5:04:
01:0b:b8:0f:3c:20:c2:c0:cd:c8:07:93:7f:c9:41:
83:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AA:D7:EA:62:3E:31:F7:7D:27:8D:ED:AC:23:36:3C:CA:8D:F6:1C
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/EKrX6mI-Mfd9J43trCM2PMqN9hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.97.0/24
185.13.34.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:2d:40:45:59:6f:dd:4f:d7:9f:a6:51:34:88:b2:4a:da:22:
91:8a:e3:93:ba:5f:ff:2b:64:86:fb:cd:53:72:eb:9a:92:f7:
73:a2:3d:e8:d3:66:72:a2:55:9b:4e:39:8f:b7:ee:e7:6e:5c:
3f:0d:90:b7:9c:79:0f:97:b0:9b:81:c7:f8:c9:2a:f3:36:55:
bf:68:57:ba:85:f1:9c:38:51:62:1b:bf:e4:d0:e0:9e:e1:36:
f2:44:a5:ba:5b:35:b9:a4:4b:f5:8a:e7:00:3f:5b:7c:85:ad:
bd:41:83:ce:42:68:2d:ee:d1:7c:de:80:85:24:d3:86:fe:1e:
5c:21:d2:a3:e9:c2:83:ca:cc:2b:6d:58:d8:b8:46:7e:cd:bc:
96:16:a8:0f:8b:56:09:3a:d9:4d:13:0e:1d:ae:6b:03:3d:66:
1e:4b:c4:bf:c2:21:3d:66:7e:89:37:d7:78:4d:73:58:fb:a6:
20:e0:ec:76:e9:2d:e6:bc:76:77:33:a7:98:39:6c:41:6a:c0:
d7:20:e8:21:f3:ce:95:d3:fe:be:b2:04:76:07:23:39:19:2d:
d7:d9:f2:1c:4d:82:45:14:92:40:4f:20:1d:2e:84:70:e3:c2:
37:37:58:8f:91:02:ae:6c:f2:9d:c8:e8:da:0d:ac:8d:89:66:
42:e7:17:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZfbq5cZvs9BMWOQjzgShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFhZDdlYTYyM2UzMWY3N2QyNzhkZWRhYzIzMzYzY2NhOGRmNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ9+ZkuksGM2XGU5qhUhv5pDVnVW
2792f17TiXlAadaF0daFYS+9HkozYEWFE91OYENIB+3vFGXMkSvFWyjUYBEOLm2/
iuIzpzvg3N3PkoIBd7Gczg7TEjx72tx9AAODKobGjukrKb9tBDUyXDep08Cv2Te4
RO9IuHqynHph2pskDt7/5G+n08evZXtOsr/hMsLH6XeHLA2Jowmm+1pr5bOztHDX
K1bzl0XGuiN5ziJP84JPH0uG7/w4qNamS8K/D2G7OhMVSUTMpudDYypjiFu8QeKp
oSb7385YEJngaB82K7fyusJnekTjoYDL1QQBC7gPPCDCwM3IB5N/yUGDZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBCq1+piPjH3fSeN7awjNjzKjfYcMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvRUtyWDZtSS1NZmQ5SjQzdHJDTTJQTXFOOWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT4VhAwQA
uQ0iMA0GCSqGSIb3DQEBCwUAA4IBAQBMLUBFWW/dT9efplE0iLJK2iKRiuOTul//
K2SG+81Tcuuakvdzoj3o02ZyolWbTjmPt+7nblw/DZC3nHkPl7Cbgcf4ySrzNlW/
aFe6hfGcOFFiG7/k0OCe4TbyRKW6WzW5pEv1iucAP1t8ha29QYPOQmgt7tF83oCF
JNOG/h5cIdKj6cKDyswrbVjYuEZ+zbyWFqgPi1YJOtlNEw4drmsDPWYeS8S/wiE9
Zn6JN9d4TXNY+6Yg4Ox26S3mvHZ3M6eYOWxBasDXIOgh886V0/6+sgR2ByM5GS3X
2fIcTYJFFJJATyAdLoRw48I3N1iPkQKubPKdyOjaDayNiWZC5xcJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:33:24 2025 by rpki-client