Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/EH5QSqEvFKcFkcA5ZDbpf1XJe-g.roa
File: EH5QSqEvFKcFkcA5ZDbpf1XJe-g.roa (raw, json)
Hash identifier: 1gQqBEi5mCdbdRwZ4NB8UCu4sgUwO0mC+j6E+GrOCoE=
Subject key identifier: 10:7E:50:4A:A1:2F:14:A7:05:91:C0:39:64:36:E9:7F:55:C9:7B:E8
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 018572712C00916443973FD2C901468A6406
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/EH5QSqEvFKcFkcA5ZDbpf1XJe-g.roa
Signing time: Mon 02 Jan 2023 12:24:57 +0000
ROA not before: Mon 02 Jan 2023 12:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199496
IP address blocks: 185.13.76.0/22 maxlen: 32
95.129.248.0/21 maxlen: 32
185.65.156.0/22 maxlen: 32
185.249.76.0/22 maxlen: 32
185.235.220.0/22 maxlen: 32
185.165.252.0/22 maxlen: 32
2a00:83e0::/32 maxlen: 64
2a02:f4c0::/29 maxlen: 64
2a09:d00::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:2c:00:91:64:43:97:3f:d2:c9:01:46:8a:64:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Jan 2 12:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=107e504aa12f14a70591c0396436e97f55c97be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9b:c9:87:aa:69:1e:e7:8f:48:1f:92:5a:8b:
6d:df:53:7b:99:ce:d7:f8:d1:d1:96:3a:94:78:8c:
7f:00:19:cd:ce:87:00:d4:fa:6f:d1:3e:23:3a:e1:
e7:8b:d2:81:57:ad:65:98:56:b7:95:ae:ad:fa:aa:
50:eb:de:d1:29:e5:9f:b4:86:20:ad:02:55:3c:fb:
27:de:10:cf:27:e1:6f:ba:a2:3c:a6:35:b8:95:4a:
12:27:e3:28:09:74:02:7d:91:ce:c7:a6:87:ce:17:
82:1c:34:01:47:73:15:9f:3e:0e:cd:6d:77:b2:46:
d4:59:fb:ca:f0:c3:d3:88:eb:91:fa:0f:12:13:49:
11:14:c2:5e:1c:27:f8:40:d7:2a:37:9a:8d:55:14:
80:04:09:2a:ca:06:d2:93:69:8e:06:d7:20:79:af:
81:4a:9f:16:29:6a:52:4b:2e:87:d3:bf:61:5b:99:
f6:cb:ef:68:78:3e:8c:4d:d3:cb:b3:4c:c7:07:e4:
25:d9:00:5b:12:03:66:87:0c:06:ab:7b:9b:00:c9:
20:48:b0:ad:ce:fb:22:29:a5:85:f7:d9:4e:4e:44:
3c:f8:cb:30:77:45:06:33:b8:b8:44:5b:ca:b5:fa:
83:fe:e7:cc:ba:3e:36:17:43:95:a6:f6:a1:cb:fb:
ac:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7E:50:4A:A1:2F:14:A7:05:91:C0:39:64:36:E9:7F:55:C9:7B:E8
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/EH5QSqEvFKcFkcA5ZDbpf1XJe-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.248.0/21
185.13.76.0/22
185.65.156.0/22
185.165.252.0/22
185.235.220.0/22
185.249.76.0/22
IPv6:
2a00:83e0::/32
2a02:f4c0::/29
2a09:d00::/29
Signature Algorithm: sha256WithRSAEncryption
30:95:47:71:97:6b:d8:51:41:d6:9c:db:48:64:a3:10:90:65:
b5:3e:70:bf:53:a7:26:00:4f:d8:aa:8e:b9:09:86:b3:3c:21:
61:89:63:0e:2d:42:a8:79:f3:02:6b:a6:3e:f6:ce:d4:46:d3:
35:f3:a6:ff:2a:23:66:08:23:de:3b:2d:5e:20:6d:41:bd:bb:
bd:f7:09:23:6d:7b:d6:14:72:28:b0:23:1c:88:5f:c8:b7:3e:
68:82:3b:e6:08:48:ca:d7:ab:8e:4a:19:6e:b8:4a:6b:61:a2:
76:64:f4:52:05:93:65:e0:b1:1d:33:02:fc:e5:ab:af:1c:d7:
68:17:83:4b:1b:67:d4:38:fd:a5:aa:1d:15:32:41:72:70:30:
97:63:89:fe:f9:ea:21:00:10:88:0e:c4:9f:d5:6e:a3:17:95:
49:fc:b9:59:23:66:65:cd:89:ba:6d:88:4e:b8:10:dc:46:fa:
1b:9d:18:73:88:49:a6:34:b5:7e:a9:b3:63:2e:f9:47:97:e8:
57:df:7d:bc:fc:c3:f3:9e:ed:af:3a:03:54:82:b7:dc:3d:e0:
64:cb:8b:ed:3b:aa:e8:64:ee:6a:e1:50:78:01:ad:af:64:5a:
c3:ca:47:c3:6f:e3:db:59:45:25:f3:ab:0d:b7:0f:75:3c:1b:
0c:a0:67:c4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVycSwAkWRDlz/SyQFGimQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi
YzgwOTMwHhcNMjMwMTAyMTIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdlNTA0YWExMmYxNGE3MDU5MWMwMzk2NDM2ZTk3ZjU1Yzk3YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZvJh6ppHuePSB+SWott31N7mc7X
+NHRljqUeIx/ABnNzocA1Ppv0T4jOuHni9KBV61lmFa3la6t+qpQ697RKeWftIYg
rQJVPPsn3hDPJ+FvuqI8pjW4lUoSJ+MoCXQCfZHOx6aHzheCHDQBR3MVnz4OzW13
skbUWfvK8MPTiOuR+g8SE0kRFMJeHCf4QNcqN5qNVRSABAkqygbSk2mOBtcgea+B
Sp8WKWpSSy6H079hW5n2y+9oeD6MTdPLs0zHB+Ql2QBbEgNmhwwGq3ubAMkgSLCt
zvsiKaWF99lOTkQ8+Mswd0UGM7i4RFvKtfqD/ufMuj42F0OVpvahy/usCwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFBB+UEqhLxSnBZHAOWQ26X9VyXvoMB8GA1UdIwQY
MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt
MzE4MWRiOTExYTEzLzEvRUg1UVNxRXZGS2NGa2NBNVpEYnBmMVhKZS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz
LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDX4H4AwQC
uQ1MAwQCuUGcAwQCuaX8AwQCuevcAwQCuflMMBsEAgACMBUDBQAqAIPgAwUDKgL0
wAMFAyoJDQAwDQYJKoZIhvcNAQELBQADggEBADCVR3GXa9hRQdac20hkoxCQZbU+
cL9TpyYAT9iqjrkJhrM8IWGJYw4tQqh58wJrpj72ztRG0zXzpv8qI2YII947LV4g
bUG9u733CSNte9YUciiwIxyIX8i3PmiCO+YISMrXq45KGW64SmthonZk9FIFk2Xg
sR0zAvzlq68c12gXg0sbZ9Q4/aWqHRUyQXJwMJdjif756iEAEIgOxJ/VbqMXlUn8
uVkjZmXNibptiE64ENxG+hudGHOISaY0tX6ps2Mu+UeX6Ffffbz8w/Oe7a86A1SC
t9w94GTLi+07quhk7mrhUHgBra9kWsPKR8Nv49tZRSXzqw23D3U8GwygZ8Q=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:55 2025 by rpki-client