Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/40e57e-c627-4b9b-9577-596fa8c0a57a/1/EkKs-buXMim12jZenHwW0Y4GY7o.roa
File: EkKs-buXMim12jZenHwW0Y4GY7o.roa (raw, json)
Hash identifier: 4oo3O2/pzllk128DGmFT+vpEp07S3tbSteSHs0o5Wnw=
Subject key identifier: 12:42:AC:F9:BB:97:32:29:B5:DA:36:5E:9C:7C:16:D1:8E:06:63:BA
Certificate issuer: /CN=30628d9238e23d6bf4c735995c9e2dea0050f00c
Certificate serial: 018BF2ED0501867166E09CC2EC3B0AC2BE12
Authority key identifier: 30:62:8D:92:38:E2:3D:6B:F4:C7:35:99:5C:9E:2D:EA:00:50:F0:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGKNkjjiPWv0xzWZXJ4t6gBQ8Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/40e57e-c627-4b9b-9577-596fa8c0a57a/1/EkKs-buXMim12jZenHwW0Y4GY7o.roa
Signing time: Tue 21 Nov 2023 17:28:21 +0000
ROA not before: Tue 21 Nov 2023 17:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50000
IP address blocks: 185.135.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:ed:05:01:86:71:66:e0:9c:c2:ec:3b:0a:c2:be:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30628d9238e23d6bf4c735995c9e2dea0050f00c
Validity
Not Before: Nov 21 17:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1242acf9bb973229b5da365e9c7c16d18e0663ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:86:65:1a:b4:86:15:03:c3:29:2f:ac:3c:
a6:01:7d:ca:e6:ee:81:34:21:13:4a:93:45:03:64:
4b:f1:c9:e9:c0:d5:64:5e:36:35:0e:f6:a9:38:2c:
fe:ca:e3:d0:46:c9:6b:14:f5:63:48:e4:45:85:fd:
99:8e:c0:bf:8c:1b:d9:ff:bb:6b:0f:14:c8:81:64:
dc:1c:2b:ac:b7:a2:1e:18:25:02:6e:90:94:93:7a:
46:1d:93:46:ac:21:b6:cd:b5:3e:e2:35:a7:78:11:
76:b5:19:99:bd:df:71:c3:69:c5:5b:4d:ef:39:58:
34:49:79:fa:6b:1c:68:37:58:a3:0a:fb:a7:3d:2d:
39:48:0a:26:d5:00:cf:14:a8:75:78:3a:14:79:6f:
f2:a2:fe:04:05:68:fb:23:a5:cc:df:e4:a6:e3:70:
fa:d5:c1:95:3a:01:d9:4c:fe:44:77:b0:84:4c:58:
13:b4:28:a8:93:06:60:34:83:e5:38:a0:82:6e:5f:
31:7c:fd:49:d7:79:00:5a:75:a6:64:03:bb:6f:4a:
29:7d:39:41:28:ad:e1:45:d7:24:36:9d:4f:94:c3:
0b:4a:ec:49:0b:5e:c7:1c:b2:89:2e:13:c6:c3:ff:
51:6e:0b:43:64:93:48:cb:fc:3c:64:f1:36:3e:80:
09:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:42:AC:F9:BB:97:32:29:B5:DA:36:5E:9C:7C:16:D1:8E:06:63:BA
X509v3 Authority Key Identifier:
keyid:30:62:8D:92:38:E2:3D:6B:F4:C7:35:99:5C:9E:2D:EA:00:50:F0:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGKNkjjiPWv0xzWZXJ4t6gBQ8Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/40e57e-c627-4b9b-9577-596fa8c0a57a/1/EkKs-buXMim12jZenHwW0Y4GY7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/40e57e-c627-4b9b-9577-596fa8c0a57a/1/MGKNkjjiPWv0xzWZXJ4t6gBQ8Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.46.0/24
Signature Algorithm: sha256WithRSAEncryption
20:11:ad:dc:a9:a4:65:52:62:7d:b3:d4:89:ce:ea:f1:15:3a:
dc:29:26:d4:4e:95:83:cb:8b:d4:08:15:ad:c8:9b:43:96:4a:
94:9a:f7:74:8b:c0:7a:5b:d0:83:0a:6b:07:29:8e:49:65:3f:
3a:11:e2:72:9b:fa:60:c6:12:f8:50:56:04:3e:e6:ae:c3:71:
26:29:c3:7e:bc:eb:b8:3a:a5:e4:15:75:75:3a:4d:18:5c:ff:
76:78:4c:45:3a:57:cb:e1:a3:e7:0c:2a:49:2e:c6:f7:10:e7:
e7:fa:e5:29:f6:cb:a4:de:c3:c0:34:fd:42:3d:e5:5c:a9:7e:
ee:f6:dc:42:af:a0:ce:a9:aa:b2:69:07:6e:7e:0e:82:0c:aa:
85:85:fe:61:02:50:54:c6:ed:b7:13:3d:d6:b2:78:da:d0:49:
0b:78:fc:b7:48:7f:6b:78:04:3d:80:cc:58:bf:65:71:e0:c7:
67:14:78:e2:2a:4a:de:33:26:87:5f:d7:74:0e:96:29:be:95:
0b:bf:13:ef:ee:c4:8a:f2:bc:21:3c:60:56:b6:03:db:44:8d:
0f:95:16:04:57:46:41:0f:22:49:d6:e4:99:47:03:a4:9c:f4:
24:71:b5:ca:b8:1e:9c:17:ad:9e:fe:8d:49:0d:ba:f7:8b:d9:
59:8f:0e:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvy7QUBhnFm4JzC7DsKwr4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjI4ZDkyMzhlMjNkNmJmNGM3MzU5OTVjOWUyZGVhMDA1
MGYwMGMwHhcNMjMxMTIxMTcyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQyYWNmOWJiOTczMjI5YjVkYTM2NWU5YzdjMTZkMThlMDY2M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwmGZRq0hhUDwykvrDymAX3K5u6B
NCETSpNFA2RL8cnpwNVkXjY1DvapOCz+yuPQRslrFPVjSORFhf2ZjsC/jBvZ/7tr
DxTIgWTcHCust6IeGCUCbpCUk3pGHZNGrCG2zbU+4jWneBF2tRmZvd9xw2nFW03v
OVg0SXn6axxoN1ijCvunPS05SAom1QDPFKh1eDoUeW/yov4EBWj7I6XM3+Sm43D6
1cGVOgHZTP5Ed7CETFgTtCiokwZgNIPlOKCCbl8xfP1J13kAWnWmZAO7b0opfTlB
KK3hRdckNp1PlMMLSuxJC17HHLKJLhPGw/9RbgtDZJNIy/w8ZPE2PoAJfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJCrPm7lzIptdo2Xpx8FtGOBmO6MB8GA1UdIwQY
MBaAFDBijZI44j1r9Mc1mVyeLeoAUPAMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdLTmtqamlQV3YweHpXWlhKNHQ2Z0JROEF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80MGU1N2UtYzYyNy00YjliLTk1Nzct
NTk2ZmE4YzBhNTdhLzEvRWtLcy1idVhNaW0xMmpaZW5Id1cwWTRHWTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80MGU1N2UtYzYyNy00YjliLTk1NzctNTk2ZmE4YzBhNTdh
LzEvTUdLTmtqamlQV3YweHpXWlhKNHQ2Z0JROEF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYcuMA0G
CSqGSIb3DQEBCwUAA4IBAQAgEa3cqaRlUmJ9s9SJzurxFTrcKSbUTpWDy4vUCBWt
yJtDlkqUmvd0i8B6W9CDCmsHKY5JZT86EeJym/pgxhL4UFYEPuauw3EmKcN+vOu4
OqXkFXV1Ok0YXP92eExFOlfL4aPnDCpJLsb3EOfn+uUp9suk3sPANP1CPeVcqX7u
9txCr6DOqaqyaQdufg6CDKqFhf5hAlBUxu23Ez3Wsnja0EkLePy3SH9reAQ9gMxY
v2Vx4MdnFHjiKkreMyaHX9d0DpYpvpULvxPv7sSK8rwhPGBWtgPbRI0PlRYEV0ZB
DyJJ1uSZRwOknPQkcbXKuB6cF62e/o1JDbr3i9lZjw7k
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:49:04 2025 by rpki-client