Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/EJbExp7hEcjKMu_kbW1JPorxEWo.roa
File: EJbExp7hEcjKMu_kbW1JPorxEWo.roa (raw, json)
Hash identifier: REC3COk8P+gqFMZKunT8xKOt/rLJcR3sxBCdyvePKB0=
Subject key identifier: 10:96:C4:C6:9E:E1:11:C8:CA:32:EF:E4:6D:6D:49:3E:8A:F1:11:6A
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 01886BCB4A00D74AD0CBB128AA17044D0AEF
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/EJbExp7hEcjKMu_kbW1JPorxEWo.roa
Signing time: Tue 30 May 2023 08:34:24 +0000
ROA not before: Tue 30 May 2023 08:34:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29208
IP address blocks: 213.191.96.0/19 maxlen: 19
212.80.64.0/19 maxlen: 19
88.208.64.0/18 maxlen: 18
88.146.0.0/17 maxlen: 17
195.250.128.0/19 maxlen: 19
89.235.0.0/18 maxlen: 18
212.24.128.0/19 maxlen: 19
62.4.96.0/21 maxlen: 21
62.4.104.0/22 maxlen: 22
195.122.192.0/19 maxlen: 19
83.148.0.0/18 maxlen: 18
109.235.176.0/22 maxlen: 22
95.80.192.0/18 maxlen: 18
213.175.32.0/19 maxlen: 19
194.213.224.0/19 maxlen: 19
213.151.64.0/19 maxlen: 19
185.24.236.0/22 maxlen: 22
195.250.154.0/24 maxlen: 24
46.227.8.0/21 maxlen: 21
62.44.0.0/19 maxlen: 19
82.113.32.0/19 maxlen: 19
82.119.240.0/20 maxlen: 20
151.237.224.0/21 maxlen: 21
212.20.96.0/19 maxlen: 19
82.100.0.0/18 maxlen: 18
195.128.192.0/19 maxlen: 19
85.93.96.0/19 maxlen: 19
212.27.192.0/19 maxlen: 19
62.177.64.0/18 maxlen: 18
2001:4de8::/32 maxlen: 48
2a00:c40::/32 maxlen: 32
2001:1508::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:cb:4a:00:d7:4a:d0:cb:b1:28:aa:17:04:4d:0a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: May 30 08:34:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1096c4c69ee111c8ca32efe46d6d493e8af1116a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:39:98:61:17:33:11:ad:86:e2:a5:6f:13:ac:
ba:04:bf:a4:fa:da:9f:63:dc:31:87:48:bb:8f:f0:
9e:2d:52:60:c2:e2:b6:3d:c0:b2:25:ca:26:6b:5b:
c8:e4:79:1a:3a:41:7c:6a:40:d2:dc:6f:de:5d:ca:
03:54:6c:ac:ec:80:3e:09:ab:a3:ea:b2:ce:4f:9d:
52:79:5b:ff:59:19:74:9e:72:08:94:e4:61:36:79:
53:5c:a2:61:99:64:46:41:6c:d9:78:d4:aa:b8:04:
33:fe:bb:ca:e8:be:93:23:a4:b8:be:f4:0f:17:8c:
95:23:71:4f:ce:74:95:02:4a:e5:56:79:2b:a3:3f:
e7:76:fd:34:34:2e:ee:07:b0:ed:5e:a3:90:55:ac:
56:cc:ab:8a:f6:49:b1:d5:3f:b3:19:a2:9a:a4:6d:
fd:d5:e6:1c:05:91:d3:7e:c7:bd:3a:ab:5e:3c:f8:
93:39:8e:cd:bb:40:81:8b:69:8b:b8:c7:84:79:5c:
6e:db:64:d9:b6:c9:0d:b1:dd:c3:6c:21:b4:9b:6a:
3b:7b:c4:af:ed:e4:9c:77:d6:1c:50:67:a2:13:ab:
85:9c:02:8d:42:0b:2a:ab:10:41:64:ae:2f:d9:5e:
51:b1:84:a5:87:5f:24:78:9b:85:59:3e:7a:ec:f4:
14:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:96:C4:C6:9E:E1:11:C8:CA:32:EF:E4:6D:6D:49:3E:8A:F1:11:6A
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/EJbExp7hEcjKMu_kbW1JPorxEWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.8.0/21
62.4.96.0-62.4.107.255
62.44.0.0/19
62.177.64.0/18
82.100.0.0/18
82.113.32.0/19
82.119.240.0/20
83.148.0.0/18
85.93.96.0/19
88.146.0.0/17
88.208.64.0/18
89.235.0.0/18
95.80.192.0/18
109.235.176.0/22
151.237.224.0/21
185.24.236.0/22
194.213.224.0/19
195.122.192.0/19
195.128.192.0/19
195.250.128.0/19
212.20.96.0/19
212.24.128.0/19
212.27.192.0/19
212.80.64.0/19
213.151.64.0/19
213.175.32.0/19
213.191.96.0/19
IPv6:
2001:1508::/32
2001:4de8::/32
2a00:c40::/32
Signature Algorithm: sha256WithRSAEncryption
cc:02:c0:3a:8d:84:e5:3b:04:c6:f2:85:c6:41:75:1d:e7:27:
d4:73:b5:a2:d8:9a:4f:a7:1c:10:88:e1:4a:8e:2c:e1:b2:fc:
67:83:d7:bf:2b:16:8c:55:e7:11:15:c4:5b:62:43:fe:07:f7:
1b:36:95:8c:3a:75:9b:af:a7:41:b4:25:7d:2f:32:be:10:80:
3e:be:1a:19:43:1e:c4:5c:c3:f0:a8:d9:73:7d:76:1d:2e:d2:
94:5c:82:83:f2:8a:ea:22:02:a1:35:dc:d4:da:ea:87:d0:6e:
64:4e:40:3f:8f:f4:33:03:07:9a:b6:bb:da:ae:dd:b8:db:78:
5c:5c:57:07:6e:7b:d6:a5:20:1f:0d:55:8e:56:99:32:20:27:
91:4a:34:97:bf:fc:af:86:0e:21:e6:c8:0c:bc:6a:e3:e0:c7:
27:c4:84:68:fd:d1:1e:0f:e1:43:c4:4c:00:01:ad:8b:d0:2b:
cc:10:79:f2:37:25:80:18:ef:b5:16:55:df:b2:85:70:1a:09:
8d:a9:98:c4:7d:be:8e:28:59:3f:ca:5c:25:40:99:ee:fb:1b:
47:71:1f:ce:61:3c:dc:94:ba:24:46:42:6c:e9:6c:20:8f:ab:
b8:53:79:74:c4:a1:2a:50:1b:9d:8f:6a:3f:42:03:96:75:a1:
fd:08:5b:29
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYhry0oA10rQy7EoqhcETQrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjMwNTMwMDgzNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDk2YzRjNjllZTExMWM4Y2EzMmVmZTQ2ZDZkNDkzZThhZjExMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDmYYRczEa2G4qVvE6y6BL+k+tqf
Y9wxh0i7j/CeLVJgwuK2PcCyJcoma1vI5HkaOkF8akDS3G/eXcoDVGys7IA+Cauj
6rLOT51SeVv/WRl0nnIIlORhNnlTXKJhmWRGQWzZeNSquAQz/rvK6L6TI6S4vvQP
F4yVI3FPznSVAkrlVnkroz/ndv00NC7uB7DtXqOQVaxWzKuK9kmx1T+zGaKapG39
1eYcBZHTfse9OqtePPiTOY7Nu0CBi2mLuMeEeVxu22TZtskNsd3DbCG0m2o7e8Sv
7eScd9YcUGeiE6uFnAKNQgsqqxBBZK4v2V5RsYSlh18keJuFWT567PQU9wIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFBCWxMae4RHIyjLv5G1tST6K8RFqMB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvRUpiRXhwN2hFY2pLTXVfa2JXMUpQb3J4RVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBsQQCAAEwgaoDBAMu
4wgwDAMEBT4EYAMEAj4EaAMEBT4sAAMEBj6xQAMEBlJkAAMEBVJxIAMEBFJ38AME
BlOUAAMEBVVdYAMEB1iSAAMEBljQQAMEBlnrAAMEBl9QwAMEAm3rsAMEA5ft4AME
ArkY7AMEBcLV4AMEBcN6wAMEBcOAwAMEBcP6gAMEBdQUYAMEBdQYgAMEBdQbwAME
BdRQQAMEBdWXQAMEBdWvIAMEBdW/YDAbBAIAAjAVAwUAIAEVCAMFACABTegDBQAq
AAxAMA0GCSqGSIb3DQEBCwUAA4IBAQDMAsA6jYTlOwTG8oXGQXUd5yfUc7Wi2JpP
pxwQiOFKjizhsvxng9e/KxaMVecRFcRbYkP+B/cbNpWMOnWbr6dBtCV9LzK+EIA+
vhoZQx7EXMPwqNlzfXYdLtKUXIKD8orqIgKhNdzU2uqH0G5kTkA/j/QzAweatrva
rt2423hcXFcHbnvWpSAfDVWOVpkyICeRSjSXv/yvhg4h5sgMvGrj4McnxIRo/dEe
D+FDxEwAAa2L0CvMEHnyNyWAGO+1FlXfsoVwGgmNqZjEfb6OKFk/ylwlQJnu+xtH
cR/OYTzclLokRkJs6Wwgj6u4U3l0xKEqUBudj2o/QgOWdaH9CFsp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:09 2025 by rpki-client