Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c3c45f-5f1c-47f2-910d-396ad701230e/1/EPQYNNBT-h6a5OJMMXsjazD-FA4.roa
File: EPQYNNBT-h6a5OJMMXsjazD-FA4.roa (raw, json)
Hash identifier: i3UmBK4igwVn6gixv3kNE8x1CDwdmJbf5ijgFwkRUx0=
Subject key identifier: 10:F4:18:34:D0:53:FA:1E:9A:E4:E2:4C:31:7B:23:6B:30:FE:14:0E
Certificate issuer: /CN=9c93eb8a7d19ffd7804765acfdcf2260c6c0d659
Certificate serial: 01856FA6FB1E00B76B5CD9A0993927366907
Authority key identifier: 9C:93:EB:8A:7D:19:FF:D7:80:47:65:AC:FD:CF:22:60:C6:C0:D6:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nJPrin0Z_9eAR2Ws_c8iYMbA1lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/c3c45f-5f1c-47f2-910d-396ad701230e/1/EPQYNNBT-h6a5OJMMXsjazD-FA4.roa
Signing time: Sun 01 Jan 2023 23:24:52 +0000
ROA not before: Sun 01 Jan 2023 23:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199811
IP address blocks: 185.214.152.0/22 maxlen: 22
185.74.35.0/24 maxlen: 24
185.74.32.0/22 maxlen: 22
185.74.32.0/24 maxlen: 24
185.43.244.0/22 maxlen: 22
109.237.60.0/22 maxlen: 22
2a01:71e0::/32 maxlen: 32
2a05:4880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:fb:1e:00:b7:6b:5c:d9:a0:99:39:27:36:69:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c93eb8a7d19ffd7804765acfdcf2260c6c0d659
Validity
Not Before: Jan 1 23:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10f41834d053fa1e9ae4e24c317b236b30fe140e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:54:60:b1:7b:dd:8d:a7:7c:30:a6:e4:dd:ce:
6c:93:8b:bd:10:96:ac:cc:39:6f:1a:08:36:2b:58:
6e:b4:9c:30:49:37:2c:53:02:36:dd:65:78:aa:3c:
40:42:62:12:8b:64:ac:65:dc:52:dc:23:b0:27:ea:
1b:8d:6c:d6:7a:2d:f5:a4:68:9b:54:4b:ea:b9:60:
7d:40:ce:26:88:eb:df:40:c0:df:18:5e:49:30:e5:
37:3d:9c:d4:08:b5:19:b8:e9:ec:69:6f:c6:13:70:
67:9f:a9:f7:7d:b5:b0:da:af:3b:3a:e3:32:86:9c:
bb:00:55:b2:72:9f:61:49:0b:06:33:1d:e7:28:e1:
90:2d:fa:f4:67:f5:cb:05:fb:48:27:20:ac:9b:97:
5d:79:c4:ec:35:48:41:24:8f:b9:ba:da:60:2a:94:
c2:d2:58:eb:0c:6a:d8:c0:bd:dc:16:2e:8a:4a:3f:
5c:72:c6:46:4d:52:27:2b:1b:27:63:f3:ac:f7:ed:
82:d1:1b:a4:12:82:c4:45:5c:d7:00:13:c1:a7:9c:
a7:63:03:9f:ee:55:6c:9e:9a:b4:c6:fb:90:11:d8:
19:69:5d:19:b4:0c:06:e6:df:7b:64:f7:61:89:b9:
36:ce:f5:6d:b1:ad:c6:66:32:6f:11:17:b1:73:60:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F4:18:34:D0:53:FA:1E:9A:E4:E2:4C:31:7B:23:6B:30:FE:14:0E
X509v3 Authority Key Identifier:
keyid:9C:93:EB:8A:7D:19:FF:D7:80:47:65:AC:FD:CF:22:60:C6:C0:D6:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nJPrin0Z_9eAR2Ws_c8iYMbA1lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c3c45f-5f1c-47f2-910d-396ad701230e/1/EPQYNNBT-h6a5OJMMXsjazD-FA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c3c45f-5f1c-47f2-910d-396ad701230e/1/nJPrin0Z_9eAR2Ws_c8iYMbA1lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.60.0/22
185.43.244.0/22
185.74.32.0/22
185.214.152.0/22
IPv6:
2a01:71e0::/32
2a05:4880::/29
Signature Algorithm: sha256WithRSAEncryption
57:da:d4:b5:21:55:37:60:5c:ff:b0:50:29:b4:7a:59:d4:d5:
d7:62:c2:c5:ca:55:25:28:cf:c3:ce:6c:81:87:f8:af:ac:81:
1b:ec:ad:28:8e:b0:4e:e7:f2:2c:98:c4:2d:95:b4:e5:bb:8e:
d8:8f:50:6e:12:ec:6e:2f:92:11:22:f4:c9:64:df:79:01:43:
70:f2:41:77:c3:fc:d5:d3:f5:8e:f7:d4:f4:c8:83:2a:77:73:
86:78:88:fc:e9:e8:2f:b5:fd:b2:6b:6e:32:c5:de:f9:4b:e4:
e1:1b:68:91:93:2b:9f:63:75:6f:ca:82:de:9d:92:0d:5b:62:
77:a1:4e:64:c8:94:69:a7:d2:e2:ce:82:25:9d:74:35:e5:e0:
6b:67:b1:c2:27:cf:8d:6e:6a:9d:54:86:c3:2f:eb:a2:10:1c:
3e:79:18:c1:72:f3:04:98:e0:e0:61:ad:fd:ab:ef:48:4d:b9:
af:c3:08:79:c1:8e:f1:e6:cc:2a:8e:f2:98:fb:a4:89:ab:38:
1a:c7:2f:69:ae:76:4e:96:db:5d:76:88:1d:61:f0:55:57:6a:
15:ce:34:77:32:69:01:93:7e:8e:06:0d:16:a5:00:08:45:76:
ee:3b:41:2e:23:5b:20:ff:4f:58:38:a9:f4:f9:01:0b:bc:c0:
fa:52:4b:6c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvpvseALdrXNmgmTknNmkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljOTNlYjhhN2QxOWZmZDc4MDQ3NjVhY2ZkY2YyMjYwYzZj
MGQ2NTkwHhcNMjMwMTAxMjMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGY0MTgzNGQwNTNmYTFlOWFlNGUyNGMzMTdiMjM2YjMwZmUxNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFRgsXvdjad8MKbk3c5sk4u9EJas
zDlvGgg2K1hutJwwSTcsUwI23WV4qjxAQmISi2SsZdxS3COwJ+objWzWei31pGib
VEvquWB9QM4miOvfQMDfGF5JMOU3PZzUCLUZuOnsaW/GE3Bnn6n3fbWw2q87OuMy
hpy7AFWycp9hSQsGMx3nKOGQLfr0Z/XLBftIJyCsm5ddecTsNUhBJI+5utpgKpTC
0ljrDGrYwL3cFi6KSj9ccsZGTVInKxsnY/Os9+2C0RukEoLERVzXABPBp5ynYwOf
7lVsnpq0xvuQEdgZaV0ZtAwG5t97ZPdhibk2zvVtsa3GZjJvERexc2CmtwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBD0GDTQU/oemuTiTDF7I2sw/hQOMB8GA1UdIwQY
MBaAFJyT64p9Gf/XgEdlrP3PImDGwNZZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkpQcmluMFpfOWVBUjJXc19jOGlZTWJBMWxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jM2M0NWYtNWYxYy00N2YyLTkxMGQt
Mzk2YWQ3MDEyMzBlLzEvRVBRWU5OQlQtaDZhNU9KTU1Yc2phekQtRkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jM2M0NWYtNWYxYy00N2YyLTkxMGQtMzk2YWQ3MDEyMzBl
LzEvbkpQcmluMFpfOWVBUjJXc19jOGlZTWJBMWxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCbe08AwQC
uSv0AwQCuUogAwQCudaYMBQEAgACMA4DBQAqAXHgAwUDKgVIgDANBgkqhkiG9w0B
AQsFAAOCAQEAV9rUtSFVN2Bc/7BQKbR6WdTV12LCxcpVJSjPw85sgYf4r6yBG+yt
KI6wTufyLJjELZW05buO2I9QbhLsbi+SESL0yWTfeQFDcPJBd8P81dP1jvfU9MiD
KndzhniI/OnoL7X9smtuMsXe+Uvk4RtokZMrn2N1b8qC3p2SDVtid6FOZMiUaafS
4s6CJZ10NeXga2exwifPjW5qnVSGwy/rohAcPnkYwXLzBJjg4GGt/avvSE25r8MI
ecGO8ebMKo7ymPukias4Gscvaa52TpbbXXaIHWHwVVdqFc40dzJpAZN+jgYNFqUA
CEV27jtBLiNbIP9PWDip9PkBC7zA+lJLbA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:52 2025 by rpki-client