Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa
File: EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa (raw, json)
Hash identifier: 65Z6SjYhnJomTvpigscYDnAeg7KwYN8aZLtTF8nSNu8=
Subject key identifier: 10:1C:E6:13:40:39:65:BB:B7:8C:24:E7:68:CD:C6:DB:26:D6:FE:D7
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08E7EFEB
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa
Signing time: Sat 01 Jan 2022 08:05:16 +0000
ROA not before: Sat 01 Jan 2022 08:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39396
IP address blocks: 212.21.129.0/24 maxlen: 24
212.21.133.0/24 maxlen: 24
212.21.159.0/24 maxlen: 24
2a00:e200:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149417963 (0x8e7efeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=101ce613403965bbb78c24e768cdc6db26d6fed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:12:cd:0a:79:5d:89:6a:89:0d:a0:fb:e3:6c:
58:8f:79:87:fd:4f:32:8a:0d:c7:72:9d:87:2c:d8:
46:71:8e:14:8a:1d:95:b8:38:8d:aa:97:17:17:c0:
40:d2:2e:35:9d:20:ec:97:77:3f:a8:f1:b3:5f:27:
e4:f7:4e:8d:2a:07:78:ac:80:63:2f:09:33:86:bb:
45:d9:0b:c2:a9:1b:1c:0e:bf:b1:87:2d:40:b9:de:
cb:d5:7d:f9:a7:26:46:d9:3c:b7:0d:cc:37:4d:15:
fd:41:f2:27:5b:9c:2b:1c:9c:b8:de:b3:02:a1:f3:
f5:35:6e:ea:3e:00:21:92:6b:d4:3a:3d:f9:19:d3:
d9:f3:a9:b6:38:86:1a:ed:36:e8:95:db:87:f7:87:
e6:00:9e:00:78:b9:e3:bc:4b:9d:6b:2b:a5:b1:23:
f6:85:e8:77:b2:c9:65:28:97:af:43:d3:fe:07:0f:
ed:e5:a2:83:13:6a:0f:24:03:9b:86:10:2a:88:23:
9a:8b:cd:86:14:c6:40:08:db:3b:e5:72:ca:aa:b5:
72:cf:a8:10:ef:29:77:d1:73:dc:b9:6d:93:12:af:
f8:d0:ea:1d:1b:29:94:b2:b4:72:18:36:6e:d2:5b:
dd:cd:fb:4b:93:8a:fa:9a:a6:7c:b0:d4:15:72:7a:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1C:E6:13:40:39:65:BB:B7:8C:24:E7:68:CD:C6:DB:26:D6:FE:D7
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.129.0/24
212.21.133.0/24
212.21.159.0/24
IPv6:
2a00:e200:100::/48
Signature Algorithm: sha256WithRSAEncryption
91:9e:3e:90:ef:37:af:c2:2f:f1:a9:a0:a9:a5:93:6d:fb:91:
cf:bc:b1:08:07:73:b2:21:96:bb:07:91:54:98:0f:ab:c7:8d:
ff:02:70:8b:d9:8d:ad:a8:ff:67:05:1d:ac:fb:8f:51:d7:13:
80:89:7e:10:bb:76:d0:a9:25:30:be:bf:4b:c7:0a:8a:f2:25:
9b:97:a1:e6:ef:df:99:82:13:8a:50:0c:ef:c6:b5:aa:1c:60:
0b:e4:0f:e0:c6:97:3f:ea:c7:60:c4:62:1d:51:7c:89:bc:d4:
f0:2a:4f:e1:14:bf:82:46:c6:69:3a:af:52:8d:5a:e0:f4:a8:
bd:8e:ea:19:4b:3f:0d:ec:82:93:28:4a:30:4b:ab:77:fc:08:
4a:1f:45:c7:b5:36:4b:e6:a4:74:da:7a:d5:3c:51:aa:a0:2f:
cc:6e:c6:9b:b3:f8:56:7f:48:5f:56:90:88:43:6a:47:8d:db:
12:81:bf:6b:bf:d5:81:58:a5:34:6a:20:24:46:d8:41:43:42:
30:7c:2a:ba:fa:0f:8c:93:d1:49:94:c4:c8:58:84:7f:a8:44:
7d:f9:99:b1:ec:d4:35:6a:22:54:8b:25:ce:65:67:41:7f:e3:
ba:1b:2d:38:be:70:05:18:69:db:82:08:02:d5:8d:31:9f:cd:
f4:75:09:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECOfv6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTAxY2U2MTM0MDM5
NjViYmI3OGMyNGU3NjhjZGM2ZGIyNmQ2ZmVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgSzQp5XYlqiQ2g++NsWI95h/1PMooNx3KdhyzYRnGOFIod
lbg4jaqXFxfAQNIuNZ0g7Jd3P6jxs18n5PdOjSoHeKyAYy8JM4a7RdkLwqkbHA6/
sYctQLney9V9+acmRtk8tw3MN00V/UHyJ1ucKxycuN6zAqHz9TVu6j4AIZJr1Do9
+RnT2fOptjiGGu026JXbh/eH5gCeAHi547xLnWsrpbEj9oXod7LJZSiXr0PT/gcP
7eWigxNqDyQDm4YQKogjmovNhhTGQAjbO+Vyyqq1cs+oEO8pd9Fz3LltkxKv+NDq
HRsplLK0chg2btJb3c37S5OK+pqmfLDUFXJ6FTcCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQQHOYTQDllu7eMJOdozcbbJtb+1zAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L0VCem1FMEE1WmJ1M2pDVG5hTTNHMnliV190Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEANQVgQMEANQVhQMEANQVnzAPBAIA
AjAJAwcAKgDiAAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCRnj6Q7zevwi/xqaCppZNt
+5HPvLEIB3OyIZa7B5FUmA+rx43/AnCL2Y2tqP9nBR2s+49R1xOAiX4Qu3bQqSUw
vr9LxwqK8iWbl6Hm79+ZghOKUAzvxrWqHGAL5A/gxpc/6sdgxGIdUXyJvNTwKk/h
FL+CRsZpOq9SjVrg9Ki9juoZSz8N7IKTKEowS6t3/AhKH0XHtTZL5qR02nrVPFGq
oC/Mbsabs/hWf0hfVpCIQ2pHjdsSgb9rv9WBWKU0aiAkRthBQ0IwfCq6+g+Mk9FJ
lMTIWIR/qER9+Zmx7NQ1aiJUiyXOZWdBf+O6Gy04vnAFGGnbgggC1Y0xn830dQkc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-fra.rpki-client.org