Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eMlaBCXv3DJug_lqVaWq2kz27KM.roa
File: eMlaBCXv3DJug_lqVaWq2kz27KM.roa (raw, json)
Hash identifier: kphHmhXqFYZ3G4SIJGLC7YfWfQKZgFx1A4f6KBBbuoA=
Subject key identifier: 78:C9:5A:04:25:EF:DC:32:6E:83:F9:6A:55:A5:AA:DA:4C:F6:EC:A3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AD774BF4ADDAA02A7308CF14343DC50BD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eMlaBCXv3DJug_lqVaWq2kz27KM.roa
Signing time: Wed 27 Sep 2023 16:24:27 +0000
ROA not before: Wed 27 Sep 2023 16:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:74:bf:4a:dd:aa:02:a7:30:8c:f1:43:43:dc:50:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 27 16:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78c95a0425efdc326e83f96a55a5aada4cf6eca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:3c:09:22:c3:b9:21:10:5e:fb:3d:ad:a6:
90:52:2c:cd:1c:3f:0d:02:f3:ac:84:c2:6e:3a:6a:
21:07:df:72:f9:7b:df:8f:1c:23:de:a4:3d:a4:6e:
48:9c:83:7a:e7:c2:ac:62:b2:ed:3e:23:21:7f:5f:
25:bf:c3:f4:3c:b1:65:43:d1:a9:0b:8d:ff:12:0e:
72:db:b8:b1:59:8a:b2:ac:f6:38:b9:7f:59:f0:0b:
0b:9a:38:4b:59:e3:56:72:d6:ea:ab:07:ad:29:f1:
f5:e5:fa:a5:14:48:b0:5a:f7:5e:d1:40:4b:f8:8e:
b9:e7:a5:73:ef:f2:35:29:d0:09:13:75:c1:76:5e:
70:c5:78:e5:25:6f:b2:cb:18:57:aa:16:f6:1d:65:
84:0c:df:5a:68:61:6a:de:a6:f2:8d:a3:c4:bc:d9:
88:9e:65:be:9a:cb:14:a1:20:46:ec:96:c9:0e:a2:
23:28:5b:aa:15:db:ff:28:ad:25:32:67:72:46:1c:
c8:cf:9f:62:6f:c1:f1:74:67:f0:7d:69:c9:57:b0:
b1:96:86:3b:d6:b2:2f:86:4b:3e:36:61:e2:89:75:
45:fb:2a:17:6d:7f:7a:b8:08:81:48:56:b6:81:7c:
f5:42:94:2c:fe:34:f8:7c:6a:73:78:aa:15:02:cb:
10:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C9:5A:04:25:EF:DC:32:6E:83:F9:6A:55:A5:AA:DA:4C:F6:EC:A3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eMlaBCXv3DJug_lqVaWq2kz27KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.153.68.0/24
82.153.71.0/24
82.153.136.0/22
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
40:e0:8a:16:f5:31:3d:81:a7:56:d9:b5:5f:0e:c6:8a:1f:cc:
89:71:88:b3:46:e6:fa:eb:9f:cb:87:03:6a:c4:49:61:c2:f1:
c6:8c:c6:0b:3a:8a:40:59:3b:0c:5d:e6:e1:b0:00:4e:92:5b:
c2:94:55:5e:a3:57:83:9e:c7:f9:1a:8f:96:5a:51:72:2f:2e:
6f:80:33:0b:99:c2:68:16:f2:a8:47:d2:8a:77:ed:4b:51:a5:
e0:79:65:90:75:0d:1d:b6:e4:3d:7c:7d:4d:8f:fc:a5:49:f0:
21:39:a1:d8:43:61:7b:58:74:5c:8d:ca:ba:cb:a7:fa:a3:dd:
40:2f:3b:0d:78:84:38:43:48:1d:ce:da:9f:87:3d:13:45:a2:
cb:c5:b0:12:e2:44:65:4a:b6:e9:18:be:ed:35:89:38:5e:7e:
a4:86:8f:8b:6f:50:ab:b0:80:05:6d:6e:a1:6c:91:55:90:fc:
97:0d:30:1d:2d:49:63:79:bd:76:fb:29:ec:70:1f:b5:8a:55:
15:87:6a:5e:ba:56:4b:1e:4b:e2:59:0f:3e:23:72:95:96:01:
9a:98:35:65:a0:fb:06:2e:b4:53:64:5b:41:b9:c0:d1:e1:9c:
a7:de:aa:79:53:b3:8e:4a:2b:46:0f:76:18:0d:9f:dd:dd:5d:
4c:22:ae:ab
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrXdL9K3aoCpzCM8UND3FC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI3MTYyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGM5NWEwNDI1ZWZkYzMyNmU4M2Y5NmE1NWE1YWFkYTRjZjZlY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjc8CSLDuSEQXvs9raaQUizNHD8N
AvOshMJuOmohB99y+Xvfjxwj3qQ9pG5InIN658KsYrLtPiMhf18lv8P0PLFlQ9Gp
C43/Eg5y27ixWYqyrPY4uX9Z8AsLmjhLWeNWctbqqwetKfH15fqlFEiwWvde0UBL
+I6556Vz7/I1KdAJE3XBdl5wxXjlJW+yyxhXqhb2HWWEDN9aaGFq3qbyjaPEvNmI
nmW+mssUoSBG7JbJDqIjKFuqFdv/KK0lMmdyRhzIz59ib8HxdGfwfWnJV7CxloY7
1rIvhks+NmHiiXVF+yoXbX96uAiBSFa2gXz1QpQs/jT4fGpzeKoVAssQxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHjJWgQl79wyboP5alWlqtpM9uyjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZU1sYUJDWHYzREp1Z19scVZhV3Eya3oyN0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUah3AwQA
Uah7AwQAUplEAwQAUplHAwQCUpmIAwQBuTF+AwQA1ZgqMA0GCSqGSIb3DQEBCwUA
A4IBAQBA4IoW9TE9gadW2bVfDsaKH8yJcYizRub665/LhwNqxElhwvHGjMYLOopA
WTsMXebhsABOklvClFVeo1eDnsf5Go+WWlFyLy5vgDMLmcJoFvKoR9KKd+1LUaXg
eWWQdQ0dtuQ9fH1Nj/ylSfAhOaHYQ2F7WHRcjcq6y6f6o91ALzsNeIQ4Q0gdztqf
hz0TRaLLxbAS4kRlSrbpGL7tNYk4Xn6kho+Lb1CrsIAFbW6hbJFVkPyXDTAdLUlj
eb12+ynscB+1ilUVh2peulZLHkviWQ8+I3KVlgGamDVloPsGLrRTZFtBucDR4Zyn
3qp5U7OOSitGD3YYDZ/d3V1MIq6r
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:36 2025 by rpki-client