Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/EKLkDzEZhdX7QD8q853EYoJ2waw.roa
File: EKLkDzEZhdX7QD8q853EYoJ2waw.roa (raw, json)
Hash identifier: l5RJL7t9hhjtaxddeLMJPGXjuXJz8oasxkfF4EfhXp4=
Subject key identifier: 10:A2:E4:0F:31:19:85:D5:FB:40:3F:2A:F3:9D:C4:62:82:76:C1:AC
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 0188DE9F875C105FA583EFEBDE4764226EB0
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/EKLkDzEZhdX7QD8q853EYoJ2waw.roa
Signing time: Wed 21 Jun 2023 15:42:56 +0000
ROA not before: Wed 21 Jun 2023 15:42:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.116.28.0/24 maxlen: 24
85.116.30.0/24 maxlen: 24
85.116.29.0/24 maxlen: 24
85.116.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:9f:87:5c:10:5f:a5:83:ef:eb:de:47:64:22:6e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Jun 21 15:42:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10a2e40f311985d5fb403f2af39dc4628276c1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:d0:d4:aa:eb:46:0d:bb:58:12:71:fe:d3:
62:7d:11:c5:d8:60:a4:31:b7:7c:90:9a:0e:4d:77:
6e:6c:79:48:42:79:a4:5a:e3:1d:1d:cd:ab:c3:9f:
27:2d:7a:e7:3e:88:6a:26:60:34:fb:98:08:de:b4:
53:c5:7d:2a:25:a8:f4:86:1f:92:d3:e2:df:2f:71:
83:ef:9d:e1:35:8f:3f:e8:80:96:f9:81:28:66:3a:
0d:4c:fe:f4:3d:9a:f5:fa:9e:7e:36:b1:fe:1f:fb:
26:cd:3f:0a:ec:ee:a1:3e:c8:e4:d0:ca:26:4a:18:
1b:9f:6c:f0:f9:64:eb:28:e8:9f:45:a3:23:e8:a2:
04:64:f7:28:11:4b:58:dd:b6:f7:37:90:58:98:8f:
04:33:0e:f8:fd:65:ad:bf:e8:f8:c9:95:04:e5:d5:
df:b2:b4:76:dd:55:5f:ff:9b:3a:e9:5b:fa:91:29:
dc:e8:d7:f3:e2:e7:44:e4:b2:86:eb:84:aa:73:c6:
84:e5:86:a1:26:66:e3:58:62:b3:41:16:15:29:49:
d5:93:ba:9e:a0:cd:e7:f0:ee:e6:a2:8d:6c:cc:38:
2e:e2:eb:11:b3:bb:bf:ff:cb:d5:ea:66:51:da:c2:
4f:90:23:62:9b:a5:58:0c:0a:f1:57:1e:c4:91:59:
b8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A2:E4:0F:31:19:85:D5:FB:40:3F:2A:F3:9D:C4:62:82:76:C1:AC
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/EKLkDzEZhdX7QD8q853EYoJ2waw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.28.0/22
Signature Algorithm: sha256WithRSAEncryption
29:8e:fc:9f:7b:dc:e9:e8:d0:01:80:85:dc:41:00:13:1b:69:
32:89:f3:f4:9d:b0:5e:d7:df:9a:9c:0e:c6:e3:2d:fb:6d:e1:
67:b7:7a:d4:de:5d:7a:e5:e4:bb:48:bc:34:0e:13:1b:ea:34:
62:a5:9e:8a:52:c4:20:82:71:96:55:a4:a5:16:9c:d0:42:1b:
18:12:aa:b4:a9:55:37:59:52:82:9e:11:3a:b5:f0:cf:37:a9:
11:79:ea:ad:fa:b2:77:9a:16:b0:d7:ad:1b:35:8d:9e:3c:aa:
43:08:bf:96:e8:32:06:3a:eb:1b:c8:57:39:08:34:66:c4:65:
1b:95:a5:3b:8d:ea:8c:89:ad:7e:9d:f0:a6:4e:08:df:b7:11:
fc:5a:b3:a1:16:b0:a0:c8:50:03:99:4e:ab:0f:60:36:73:69:
d0:0a:19:89:63:ec:a4:3a:f2:0c:a3:6d:bb:e9:d4:f8:bb:56:
1c:af:38:f5:9a:ad:03:00:e8:1c:3a:b9:79:f5:b4:91:b5:b0:
a5:0b:03:fd:da:a6:20:02:ba:d8:eb:cd:c4:19:78:51:ec:03:
e1:ad:9b:3b:be:52:25:4e:f2:fb:9f:4a:b7:31:fd:ea:10:92:
9e:41:ef:8a:b0:87:f1:d1:85:0f:d8:be:f8:8c:a6:b1:b6:66:
ba:21:04:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjen4dcEF+lg+/r3kdkIm6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjMwNjIxMTU0MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGEyZTQwZjMxMTk4NWQ1ZmI0MDNmMmFmMzlkYzQ2MjgyNzZjMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjnQ1KrrRg27WBJx/tNifRHF2GCk
Mbd8kJoOTXdubHlIQnmkWuMdHc2rw58nLXrnPohqJmA0+5gI3rRTxX0qJaj0hh+S
0+LfL3GD753hNY8/6ICW+YEoZjoNTP70PZr1+p5+NrH+H/smzT8K7O6hPsjk0Mom
Shgbn2zw+WTrKOifRaMj6KIEZPcoEUtY3bb3N5BYmI8EMw74/WWtv+j4yZUE5dXf
srR23VVf/5s66Vv6kSnc6Nfz4udE5LKG64Sqc8aE5YahJmbjWGKzQRYVKUnVk7qe
oM3n8O7moo1szDgu4usRs7u//8vV6mZR2sJPkCNim6VYDArxVx7EkVm4AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCi5A8xGYXV+0A/KvOdxGKCdsGsMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvRUtMa0R6RVpoZFg3UUQ4cTg1M0VZb0oyd2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXQcMA0G
CSqGSIb3DQEBCwUAA4IBAQApjvyfe9zp6NABgIXcQQATG2kyifP0nbBe19+anA7G
4y37beFnt3rU3l165eS7SLw0DhMb6jRipZ6KUsQggnGWVaSlFpzQQhsYEqq0qVU3
WVKCnhE6tfDPN6kReeqt+rJ3mhaw160bNY2ePKpDCL+W6DIGOusbyFc5CDRmxGUb
laU7jeqMia1+nfCmTgjftxH8WrOhFrCgyFADmU6rD2A2c2nQChmJY+ykOvIMo227
6dT4u1Ycrzj1mq0DAOgcOrl59bSRtbClCwP92qYgArrY683EGXhR7APhrZs7vlIl
TvL7n0q3Mf3qEJKeQe+KsIfx0YUP2L74jKaxtma6IQTA
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:11 2025 by rpki-client