Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/EztgDjWgkqaKT7KusWRvkBVsStQ.roa
File: EztgDjWgkqaKT7KusWRvkBVsStQ.roa (raw, json)
Hash identifier: hy0knOPPi2Hjk75L3Hjid1a+7pC8dQcwL1Qt0LxOP7k=
Subject key identifier: 13:3B:60:0E:35:A0:92:A6:8A:4F:B2:AE:B1:64:6F:90:15:6C:4A:D4
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 01856C65DFE5B89382E5CB8911D44D1EA9F2
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/EztgDjWgkqaKT7KusWRvkBVsStQ.roa
Signing time: Sun 01 Jan 2023 08:14:53 +0000
ROA not before: Sun 01 Jan 2023 08:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51269
IP address blocks: 45.155.168.0/22 maxlen: 32
185.157.244.0/23 maxlen: 32
185.216.24.0/22 maxlen: 32
193.168.144.0/22 maxlen: 32
2a0b:b140::/29 maxlen: 29
2a09:6380::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:df:e5:b8:93:82:e5:cb:89:11:d4:4d:1e:a9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Jan 1 08:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=133b600e35a092a68a4fb2aeb1646f90156c4ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:08:1a:01:ed:dc:30:80:41:47:d3:ee:0a:a3:
3b:87:01:65:ca:e0:3e:f1:08:38:4d:d5:40:66:de:
da:48:23:5e:f8:47:c0:3e:39:03:70:1f:3b:2c:d3:
41:36:37:0f:48:66:fc:ae:bb:f2:a6:19:11:0f:f4:
5a:8c:3a:03:18:62:ca:4a:0f:4b:66:6d:ce:95:33:
21:e0:a6:79:e3:59:71:89:76:45:68:6f:63:30:57:
13:99:ad:32:5d:e2:a4:6d:b3:96:5a:f5:7e:00:d2:
cf:2c:12:4d:13:06:5c:89:95:01:2a:cd:6b:aa:e0:
95:5a:ad:44:9a:44:8b:77:ca:dd:20:00:18:c7:6d:
98:e2:25:34:5d:cb:ae:d2:d0:11:2d:19:6a:b3:92:
8d:bf:bf:49:21:99:fa:f5:29:c5:9b:97:b3:68:89:
f6:1a:5e:2c:ae:50:cb:27:a7:98:4f:fb:f9:38:93:
48:bb:20:16:bb:3c:ff:2d:5d:c1:f6:0e:a5:55:cd:
bd:54:c5:b0:cb:65:eb:68:87:9c:39:6e:d8:6e:89:
77:00:84:1b:f0:9e:02:81:c0:5d:5e:80:42:40:4f:
f3:6a:70:7a:23:cb:52:36:b1:cb:24:01:69:d9:bb:
0a:85:3d:13:98:68:c3:2f:07:9d:9f:e3:c6:fe:ba:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3B:60:0E:35:A0:92:A6:8A:4F:B2:AE:B1:64:6F:90:15:6C:4A:D4
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/EztgDjWgkqaKT7KusWRvkBVsStQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a09:6380::/29
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
4e:bb:60:cb:9a:18:da:9a:6c:3c:66:4b:ee:35:fc:98:49:7a:
46:5a:aa:b7:78:9e:3d:2c:4f:d5:b1:d4:c3:a4:1c:67:86:1e:
e4:d0:23:38:04:17:a8:07:0e:55:c8:ba:31:e0:db:c3:93:b0:
65:86:1b:fa:ba:31:73:25:69:be:10:99:72:15:2e:50:d4:a2:
dd:ca:74:2c:99:d4:5d:c8:b4:f4:0e:35:1f:62:1d:8a:62:37:
8f:90:65:14:41:bc:d7:9b:eb:16:31:eb:53:13:0d:15:54:62:
2d:ea:0f:15:86:07:ac:db:fc:09:2a:96:5a:53:fe:08:54:90:
83:7a:82:75:70:09:26:f2:3f:df:14:82:8b:5a:8b:e0:08:87:
9c:2e:1d:bb:2a:8c:05:c7:a8:ea:04:86:97:c0:8a:a1:a6:be:
24:a0:c2:bc:61:a7:4a:5e:1b:fc:34:7a:49:49:46:0f:e5:43:
85:7e:e3:e6:04:cc:a4:f4:e8:96:e7:78:23:69:36:d6:8e:2a:
eb:35:f2:cd:19:85:ef:c8:e7:d2:fd:8d:6e:76:11:74:31:72:
6d:9e:7d:2b:6c:ec:28:df:07:26:ac:88:61:f3:d1:e0:e0:73:
a3:a7:6a:04:df:13:f7:78:a2:be:88:c0:d1:88:15:ca:28:a7:
7f:0a:f9:93
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVsZd/luJOC5cuJEdRNHqnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjMwMTAxMDgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzNiNjAwZTM1YTA5MmE2OGE0ZmIyYWViMTY0NmY5MDE1NmM0YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAgaAe3cMIBBR9PuCqM7hwFlyuA+
8Qg4TdVAZt7aSCNe+EfAPjkDcB87LNNBNjcPSGb8rrvyphkRD/RajDoDGGLKSg9L
Zm3OlTMh4KZ541lxiXZFaG9jMFcTma0yXeKkbbOWWvV+ANLPLBJNEwZciZUBKs1r
quCVWq1EmkSLd8rdIAAYx22Y4iU0Xcuu0tARLRlqs5KNv79JIZn69SnFm5ezaIn2
Gl4srlDLJ6eYT/v5OJNIuyAWuzz/LV3B9g6lVc29VMWwy2XraIecOW7Ybol3AIQb
8J4CgcBdXoBCQE/zanB6I8tSNrHLJAFp2bsKhT0TmGjDLwedn+PG/rrUnwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBM7YA41oJKmik+yrrFkb5AVbErUMB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvRXp0Z0RqV2drcWFLVDdLdXNXUnZrQlZzU3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLZuoAwQB
uZ30AwQCudgYAwQCwaiQMBQEAgACMA4DBQMqCWOAAwUDKguxQDANBgkqhkiG9w0B
AQsFAAOCAQEATrtgy5oY2ppsPGZL7jX8mEl6Rlqqt3iePSxP1bHUw6QcZ4Ye5NAj
OAQXqAcOVci6MeDbw5OwZYYb+roxcyVpvhCZchUuUNSi3cp0LJnUXci09A41H2Id
imI3j5BlFEG815vrFjHrUxMNFVRiLeoPFYYHrNv8CSqWWlP+CFSQg3qCdXAJJvI/
3xSCi1qL4AiHnC4duyqMBceo6gSGl8CKoaa+JKDCvGGnSl4b/DR6SUlGD+VDhX7j
5gTMpPTolud4I2k21o4q6zXyzRmF78jn0v2NbnYRdDFybZ59K2zsKN8HJqyIYfPR
4OBzo6dqBN8T93iivojA0YgVyiinfwr5kw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:37 2025 by rpki-client