Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/EbPupUBS67cPThn_3XR1JjTR26A.roa
File: EbPupUBS67cPThn_3XR1JjTR26A.roa (raw, json)
Hash identifier: z60N3yglsDBOs8mMMTxfaoev9Z0mesfR0q5TXPm6MCg=
Subject key identifier: 11:B3:EE:A5:40:52:EB:B7:0F:4E:19:FF:DD:74:75:26:34:D1:DB:A0
Certificate issuer: /CN=2e03bff3e7352373238964647dfd893b26a3b349
Certificate serial: 0CEBFEA6
Authority key identifier: 2E:03:BF:F3:E7:35:23:73:23:89:64:64:7D:FD:89:3B:26:A3:B3:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgO_8-c1I3MjiWRkff2JOyajs0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/EbPupUBS67cPThn_3XR1JjTR26A.roa
Signing time: Sat 01 Jan 2022 06:55:34 +0000
ROA not before: Sat 01 Jan 2022 06:55:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202970
IP address blocks: 185.148.232.0/23 maxlen: 23
185.148.232.0/22 maxlen: 22
185.148.234.0/23 maxlen: 23
185.148.234.0/24 maxlen: 24
185.148.235.0/24 maxlen: 24
2a07:62c0::/29 maxlen: 29
2a07:62c0::/30 maxlen: 30
2a07:62c4::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 216792742 (0xcebfea6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e03bff3e7352373238964647dfd893b26a3b349
Validity
Not Before: Jan 1 06:55:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11b3eea54052ebb70f4e19ffdd74752634d1dba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4c:66:f4:c4:84:6f:1d:c4:21:0d:38:48:a3:
44:f3:af:31:21:74:7d:93:c4:e9:31:02:8d:50:c9:
81:fc:51:0f:73:ce:0f:a2:e4:e5:fd:8a:cc:8e:51:
6f:b6:6b:c3:7f:c2:68:6a:37:33:00:58:c3:48:44:
a2:87:13:1a:27:3e:56:f3:8c:4f:7f:83:3c:99:aa:
a4:8e:ec:2a:9d:66:de:5c:aa:55:01:3c:2e:e7:13:
c8:ca:6e:f0:a3:37:6f:32:ba:78:8c:4c:b2:14:2b:
ae:a5:bd:8c:6a:04:55:e9:03:3c:06:38:9a:9c:74:
12:f7:3b:4f:f3:9f:57:bf:b7:e9:da:fb:cd:e3:fe:
c4:88:ac:8a:ef:86:d4:5c:f4:8a:e7:91:c9:c1:01:
10:0f:cb:c0:71:ab:eb:4f:d9:59:84:a4:a7:29:98:
89:73:cc:02:8b:cd:e3:89:36:47:ae:9e:cb:e4:e3:
73:54:3f:80:2d:70:eb:ae:55:1b:bd:48:5d:0c:15:
3b:e5:f6:3d:d6:bc:e7:1a:18:14:55:9b:a9:89:8f:
e5:e8:5b:e3:5d:a8:3f:e3:4e:f2:f5:2f:8b:e9:00:
d4:83:1c:a4:ff:ba:00:5a:9d:be:a0:c9:bd:cc:77:
43:48:8a:d5:10:dd:2a:0d:f3:3b:e8:89:89:c1:9a:
78:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B3:EE:A5:40:52:EB:B7:0F:4E:19:FF:DD:74:75:26:34:D1:DB:A0
X509v3 Authority Key Identifier:
keyid:2E:03:BF:F3:E7:35:23:73:23:89:64:64:7D:FD:89:3B:26:A3:B3:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgO_8-c1I3MjiWRkff2JOyajs0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/EbPupUBS67cPThn_3XR1JjTR26A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/LgO_8-c1I3MjiWRkff2JOyajs0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.232.0/22
IPv6:
2a07:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:ca:2c:a1:26:6b:b8:32:1d:61:bf:b9:a1:86:47:5b:78:3e:
1a:09:af:13:92:9b:1b:80:97:36:89:56:54:ea:02:03:be:1b:
b0:70:a8:a2:80:b7:76:9c:47:9f:47:07:54:4b:4b:91:d4:1a:
f8:19:8a:06:fc:13:bf:a0:b0:70:55:cd:69:1c:53:75:49:6c:
ef:86:6b:fa:03:e2:46:ce:8b:1c:dc:c5:05:16:6c:0c:91:c6:
9a:98:ca:e0:cc:6b:b7:26:91:e0:22:a7:92:5c:e2:65:88:48:
d0:d1:70:6d:f8:01:35:6b:fe:c2:34:79:ba:bf:75:3e:32:51:
40:a7:33:b1:0b:a8:96:c1:f9:d6:3e:f6:a4:db:4a:0a:95:e3:
35:b2:25:d7:69:27:fb:ce:d3:66:00:4b:5f:c7:5e:73:73:c8:
6d:40:c6:1b:6d:86:76:be:68:17:32:b2:a8:67:77:02:b0:59:
e1:40:81:9f:03:1b:5b:ea:d2:12:8f:52:51:2b:7b:81:d1:3a:
71:91:59:e9:5b:39:62:87:7f:20:ea:35:5d:1b:4c:10:08:52:
84:7e:8a:26:0b:9a:08:8f:8a:64:1a:2e:2e:ab:20:c2:15:67:
83:4c:18:76:77:2e:57:58:5a:37:12:20:f1:44:ae:75:65:d0:
29:82:f1:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDOv+pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTAzYmZmM2U3MzUyMzczMjM4OTY0NjQ3ZGZkODkzYjI2YTNiMzQ5MB4XDTIyMDEw
MTA2NTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFiM2VlYTU0MDUy
ZWJiNzBmNGUxOWZmZGQ3NDc1MjYzNGQxZGJhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdMZvTEhG8dxCENOEijRPOvMSF0fZPE6TECjVDJgfxRD3PO
D6Lk5f2KzI5Rb7Zrw3/CaGo3MwBYw0hEoocTGic+VvOMT3+DPJmqpI7sKp1m3lyq
VQE8LucTyMpu8KM3bzK6eIxMshQrrqW9jGoEVekDPAY4mpx0Evc7T/OfV7+36dr7
zeP+xIisiu+G1Fz0iueRycEBEA/LwHGr60/ZWYSkpymYiXPMAovN44k2R66ey+Tj
c1Q/gC1w665VG71IXQwVO+X2Pda85xoYFFWbqYmP5ehb412oP+NO8vUvi+kA1IMc
pP+6AFqdvqDJvcx3Q0iK1RDdKg3zO+iJicGaeEsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQRs+6lQFLrtw9OGf/ddHUmNNHboDAfBgNVHSMEGDAWgBQuA7/z5zUjcyOJ
ZGR9/Yk7JqOzSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xnT184LWMxSTNNamlXUmtmZjJKT3lhanMway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMWFjNzk1LTJlOTMtNDA1Ni05M2Q5LTY4NGU4NTVkN2RkYy8x
L0ViUHVwVUJTNjdjUFRobl8zWFIxSmpUUjI2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MWFjNzk1LTJlOTMtNDA1Ni05M2Q5LTY4NGU4NTVkN2RkYy8xL0xnT184LWMxSTNN
amlXUmtmZjJKT3lhanMway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmU6DANBAIAAjAHAwUDKgdiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdMosoSZruDIdYb+5oYZHW3g+GgmvE5KbG4CXNolW
VOoCA74bsHCoooC3dpxHn0cHVEtLkdQa+BmKBvwTv6CwcFXNaRxTdUls74Zr+gPi
Rs6LHNzFBRZsDJHGmpjK4MxrtyaR4CKnklziZYhI0NFwbfgBNWv+wjR5ur91PjJR
QKczsQuolsH51j72pNtKCpXjNbIl12kn+87TZgBLX8dec3PIbUDGG22Gdr5oFzKy
qGd3ArBZ4UCBnwMbW+rSEo9SUSt7gdE6cZFZ6Vs5Yod/IOo1XRtMEAhShH6KJgua
CI+KZBouLqsgwhVng0wYdncuV1haNxIg8USudWXQKYLxkQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:58:56 2025 by rpki-client