Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/ewM__Z1mhyXCrNZ6yeZQj7EGAJ0.roa
File: ewM__Z1mhyXCrNZ6yeZQj7EGAJ0.roa (raw, json)
Hash identifier: 1PQODqRWxfbaP6/TjynNOcYKJlHzOYzNfBI6ae+aAFU=
Subject key identifier: 7B:03:3F:FD:9D:66:87:25:C2:AC:D6:7A:C9:E6:50:8F:B1:06:00:9D
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 01856EF42CA41A697663B438912F07896584
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/ewM__Z1mhyXCrNZ6yeZQj7EGAJ0.roa
Signing time: Sun 01 Jan 2023 20:09:34 +0000
ROA not before: Sun 01 Jan 2023 20:09:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31621
IP address blocks: 91.194.188.0/23 maxlen: 24
185.31.24.0/22 maxlen: 24
193.23.48.0/24 maxlen: 24
178.21.152.0/21 maxlen: 24
194.0.251.0/24 maxlen: 24
2a02:dcd::/32 maxlen: 48
2a02:dcc::/32 maxlen: 48
2a02:dce::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:2c:a4:1a:69:76:63:b4:38:91:2f:07:89:65:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Jan 1 20:09:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b033ffd9d668725c2acd67ac9e6508fb106009d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:95:ff:e2:ef:28:d3:c5:78:3f:ca:bf:25:ff:
61:20:57:ba:ab:fa:85:ce:2f:50:43:0a:fc:f8:a0:
69:80:b4:6d:0b:db:88:cf:97:e3:84:11:70:49:36:
e7:35:fc:5e:16:fb:36:c6:58:95:db:c8:ef:2d:72:
7d:7e:e5:04:16:24:a0:56:06:19:99:38:ae:aa:1f:
6b:ac:75:f3:05:4f:79:fe:8e:28:d8:fc:94:2f:ad:
51:6e:76:c8:4d:ba:f5:55:b9:8c:94:d3:7d:7e:47:
e6:d1:bd:9c:10:92:5f:b7:76:95:02:38:c8:a9:eb:
67:b9:63:cf:15:4a:ef:5b:cc:0b:4a:2c:96:dc:10:
29:d7:f7:f6:1c:1a:52:f2:8d:91:52:36:ab:1b:15:
11:f0:2c:41:bf:33:b1:5e:f8:c7:7f:06:d3:6c:bb:
12:0f:73:67:ee:9b:b8:1b:e5:5b:88:cb:f1:8c:9c:
7d:52:54:98:40:67:a5:e3:94:67:15:f4:67:4a:93:
13:b5:f1:7c:3d:92:0e:cd:73:7f:65:4b:2b:ac:55:
10:b2:68:94:50:bb:2a:1d:53:e7:7a:08:66:54:0d:
73:3b:ee:f0:ca:2f:85:b8:0c:18:4d:11:f4:19:05:
82:a6:39:3b:87:65:87:1b:6c:11:4d:1c:a6:5f:91:
4e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:03:3F:FD:9D:66:87:25:C2:AC:D6:7A:C9:E6:50:8F:B1:06:00:9D
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/ewM__Z1mhyXCrNZ6yeZQj7EGAJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.188.0/23
178.21.152.0/21
185.31.24.0/22
193.23.48.0/24
194.0.251.0/24
IPv6:
2a02:dcc::-2a02:dce:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:22:b7:7d:74:53:cb:db:e8:9f:ff:c1:48:c7:7c:dc:c3:d0:
2e:58:e4:0a:20:d6:af:b0:d5:bd:c1:cd:b7:28:db:f6:e8:28:
8a:f7:69:ea:48:36:d6:74:7b:8a:f0:a9:e7:bd:f9:ac:4c:ad:
d1:cd:b4:17:00:8a:cb:cb:b9:c8:d1:0a:62:5a:6b:bf:de:05:
61:ff:2b:12:60:c0:4b:84:09:ac:31:67:dc:98:04:a2:5f:08:
19:0b:d9:8d:92:6b:dc:be:a8:a3:31:43:fe:ba:80:3c:75:a7:
ed:7e:48:a8:d6:2a:04:53:37:bc:e7:4f:73:b6:4d:49:76:d2:
46:dc:87:62:a9:97:fa:24:d2:20:46:c9:35:a4:4a:2a:1e:12:
68:99:8c:4d:e4:fa:d9:12:c6:65:fe:14:31:2f:7f:71:2a:96:
7b:5e:63:c9:fd:be:39:05:39:94:00:ef:3f:73:59:aa:73:0d:
97:f4:9a:e1:0b:2d:35:37:ab:8b:8a:fa:22:f8:05:b1:e1:b3:
50:44:09:a3:9d:64:82:d1:d8:f0:58:c1:17:0a:62:e7:52:39:
05:6f:01:75:29:12:d0:3b:1e:77:b8:03:a1:e2:5d:04:93:cf:
77:fb:c3:f7:06:f1:d9:39:cd:80:19:9d:d4:b8:6b:45:99:81:
51:d1:ce:9d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVu9CykGml2Y7Q4kS8HiWWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWIwOTMxMTE4ZjA4YmY0YTM0YjNlMDUyZmQ4ZjhhNWMx
ZWNhYjAwHhcNMjMwMTAxMjAwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAzM2ZmZDlkNjY4NzI1YzJhY2Q2N2FjOWU2NTA4ZmIxMDYwMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZX/4u8o08V4P8q/Jf9hIFe6q/qF
zi9QQwr8+KBpgLRtC9uIz5fjhBFwSTbnNfxeFvs2xliV28jvLXJ9fuUEFiSgVgYZ
mTiuqh9rrHXzBU95/o4o2PyUL61RbnbITbr1VbmMlNN9fkfm0b2cEJJft3aVAjjI
qetnuWPPFUrvW8wLSiyW3BAp1/f2HBpS8o2RUjarGxUR8CxBvzOxXvjHfwbTbLsS
D3Nn7pu4G+VbiMvxjJx9UlSYQGel45RnFfRnSpMTtfF8PZIOzXN/ZUsrrFUQsmiU
ULsqHVPneghmVA1zO+7wyi+FuAwYTRH0GQWCpjk7h2WHG2wRTRymX5FOjwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHsDP/2dZoclwqzWesnmUI+xBgCdMB8GA1UdIwQY
MBaAFOybCTERjwi/SjSz4FL9j4pcHsqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAt
NWIzMDRlZWMwMDI1LzEvZXdNX19aMW1oeVhDck5aNnllWlFqN0VHQUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAtNWIzMDRlZWMwMDI1
LzEvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQBW8K8AwQD
shWYAwQCuR8YAwQAwRcwAwQAwgD7MBYEAgACMBAwDgMFAioCDcwDBQAqAg3OMA0G
CSqGSIb3DQEBCwUAA4IBAQBrIrd9dFPL2+if/8FIx3zcw9AuWOQKINavsNW9wc23
KNv26CiK92nqSDbWdHuK8KnnvfmsTK3RzbQXAIrLy7nI0QpiWmu/3gVh/ysSYMBL
hAmsMWfcmASiXwgZC9mNkmvcvqijMUP+uoA8daftfkio1ioEUze8509ztk1JdtJG
3IdiqZf6JNIgRsk1pEoqHhJomYxN5PrZEsZl/hQxL39xKpZ7XmPJ/b45BTmUAO8/
c1mqcw2X9JrhCy01N6uLivoi+AWx4bNQRAmjnWSC0djwWMEXCmLnUjkFbwF1KRLQ
Ox53uAOh4l0Ek893+8P3BvHZOc2AGZ3UuGtFmYFR0c6d
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:34 2025 by rpki-client