Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/EJm1FhCpc2qSsXjkv5W8RSBGiRs.roa
File: EJm1FhCpc2qSsXjkv5W8RSBGiRs.roa (raw, json)
Hash identifier: bWAPqCyETXhAOqFPKzoKQl2BJMUZBy/+6DF8ZQOVhWQ=
Subject key identifier: 10:99:B5:16:10:A9:73:6A:92:B1:78:E4:BF:95:BC:45:20:46:89:1B
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 01880BB8539FD952F886CD23ED05499464CB
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/EJm1FhCpc2qSsXjkv5W8RSBGiRs.roa
Signing time: Thu 11 May 2023 16:50:09 +0000
ROA not before: Thu 11 May 2023 16:50:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13186
IP address blocks: 212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
185.123.120.0/22 maxlen: 24
212.66.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0b:b8:53:9f:d9:52:f8:86:cd:23:ed:05:49:94:64:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: May 11 16:50:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1099b51610a9736a92b178e4bf95bc452046891b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a7:b9:87:e2:cc:96:34:c1:9c:54:ea:1d:4a:
5a:f3:83:1d:54:71:c6:ce:c1:60:97:3a:f0:78:e5:
a0:1a:53:8d:fc:00:9d:bd:90:6e:cd:cc:4c:02:6e:
df:e3:aa:13:23:24:30:56:ab:45:1b:2c:9b:fe:a5:
d9:f0:56:e6:b9:c6:0c:51:c7:d7:2b:23:a9:a7:8a:
34:c5:e8:77:9e:80:40:ca:98:9a:18:86:72:8d:6c:
45:b5:04:47:80:45:66:ad:2a:4a:73:ab:61:1d:a2:
dc:47:8a:38:5d:42:03:bf:e1:e8:33:df:5c:d3:7d:
db:b9:ad:8f:9d:06:e9:26:0a:71:4d:b1:68:b8:32:
7f:39:1d:cf:65:f6:f6:69:d2:8f:69:7e:84:e0:1b:
88:91:6a:be:97:49:b3:35:0c:5e:35:99:98:69:f6:
e3:1e:3b:3a:50:15:fb:68:76:29:17:32:bc:07:e3:
1a:41:c3:78:72:5f:37:38:7f:23:88:fa:45:47:fe:
1e:3b:aa:44:04:96:3d:25:70:65:69:3c:51:f4:7a:
f9:cf:7b:45:be:67:19:ac:ac:68:ee:3f:5d:99:0b:
f7:81:17:51:b6:7e:3a:a3:7d:73:f1:32:38:50:e2:
c1:4a:e0:23:76:98:fd:48:bc:98:5e:c7:6a:95:0e:
94:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:99:B5:16:10:A9:73:6A:92:B1:78:E4:BF:95:BC:45:20:46:89:1B
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/EJm1FhCpc2qSsXjkv5W8RSBGiRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
29:ae:5e:c1:ba:e6:c5:5d:e4:29:c9:33:73:0c:93:b8:9d:a5:
1a:45:65:55:81:46:08:0f:0b:56:90:6e:d5:89:fc:7c:88:04:
03:c2:d9:b4:f2:1c:28:6f:32:c1:ec:bf:5a:cc:e9:92:cd:51:
58:f2:df:0f:80:87:c2:09:d4:e2:db:ef:1b:cc:1b:49:5b:d7:
d5:9d:ef:70:61:c7:65:dc:6e:69:29:8b:bb:db:1e:8c:88:20:
69:85:96:0c:2c:95:cb:f6:5b:a7:be:62:89:9b:ec:6e:fb:c1:
57:22:bd:48:f9:1a:cc:32:b2:42:9e:45:4a:47:ea:64:56:3d:
bc:9f:ec:c7:ca:c8:b4:4e:64:e7:b4:8f:ec:43:59:8c:36:d5:
18:1b:85:15:58:77:d5:c3:c6:7e:44:6f:36:48:96:de:a4:18:
7e:a3:0f:48:5a:82:a4:6d:b0:f0:98:60:19:d7:04:3a:b0:6a:
88:d4:ab:07:b3:e4:2a:1d:38:8a:c1:5d:6b:7a:fa:82:6a:17:
73:67:93:d3:bf:ef:8a:b5:03:28:f5:83:fc:6e:08:bd:e0:d4:
be:bb:f5:d6:a2:91:06:8d:a1:e6:9d:ea:a3:8b:55:e3:2f:65:
94:35:e6:ef:bc:99:cc:b6:44:8d:6f:cb:45:88:51:93:21:69:
7d:83:17:39
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgLuFOf2VL4hs0j7QVJlGTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwNTExMTY1MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDk5YjUxNjEwYTk3MzZhOTJiMTc4ZTRiZjk1YmM0NTIwNDY4OTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqe5h+LMljTBnFTqHUpa84MdVHHG
zsFglzrweOWgGlON/ACdvZBuzcxMAm7f46oTIyQwVqtFGyyb/qXZ8FbmucYMUcfX
KyOpp4o0xeh3noBAypiaGIZyjWxFtQRHgEVmrSpKc6thHaLcR4o4XUIDv+HoM99c
033bua2PnQbpJgpxTbFouDJ/OR3PZfb2adKPaX6E4BuIkWq+l0mzNQxeNZmYafbj
Hjs6UBX7aHYpFzK8B+MaQcN4cl83OH8jiPpFR/4eO6pEBJY9JXBlaTxR9Hr5z3tF
vmcZrKxo7j9dmQv3gRdRtn46o31z8TI4UOLBSuAjdpj9SLyYXsdqlQ6UPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBCZtRYQqXNqkrF45L+VvEUgRokbMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvRUptMUZoQ3BjMnFTc1hqa3Y1VzhSU0JHaVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQAprl7BuubFXeQpyTNz
DJO4naUaRWVVgUYIDwtWkG7Vifx8iAQDwtm08hwobzLB7L9azOmSzVFY8t8PgIfC
CdTi2+8bzBtJW9fVne9wYcdl3G5pKYu72x6MiCBphZYMLJXL9lunvmKJm+xu+8FX
Ir1I+RrMMrJCnkVKR+pkVj28n+zHysi0TmTntI/sQ1mMNtUYG4UVWHfVw8Z+RG82
SJbepBh+ow9IWoKkbbDwmGAZ1wQ6sGqI1KsHs+QqHTiKwV1revqCahdzZ5PTv++K
tQMo9YP8bgi94NS+u/XWopEGjaHmneqji1XjL2WUNebvvJnMtkSNb8tFiFGTIWl9
gxc5
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:23 2025 by rpki-client