Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/EF07GZTfjQmdyI9sE0reYpJTrO8.roa
File: EF07GZTfjQmdyI9sE0reYpJTrO8.roa (raw, json)
Hash identifier: Q074gqayZNn1hl0casp8r2gMXZUcz9XA6GfLIW+Lfg8=
Subject key identifier: 10:5D:3B:19:94:DF:8D:09:9D:C8:8F:6C:13:4A:DE:62:92:53:AC:EF
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 018645132A0DB61B1E85C51BEFCAB3CF3D89
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/EF07GZTfjQmdyI9sE0reYpJTrO8.roa
Signing time: Sun 12 Feb 2023 10:02:09 +0000
ROA not before: Sun 12 Feb 2023 10:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208006
IP address blocks: 130.185.123.0/24 maxlen: 24
130.185.122.0/24 maxlen: 24
185.235.40.0/22 maxlen: 24
130.185.120.0/22 maxlen: 24
185.215.232.0/22 maxlen: 24
185.215.235.0/24 maxlen: 24
185.215.234.0/24 maxlen: 24
185.204.168.0/22 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:13:2a:0d:b6:1b:1e:85:c5:1b:ef:ca:b3:cf:3d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Feb 12 10:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=105d3b1994df8d099dc88f6c134ade629253acef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d7:ab:8b:f0:5a:bd:dc:44:6a:e6:5c:69:f1:
b3:fe:90:f2:1e:b9:6b:d5:00:74:82:09:ab:a8:a6:
9e:ca:dc:35:9c:28:37:27:43:5d:7a:30:7e:61:3f:
19:d5:5f:e0:c9:3d:2c:b0:3f:5d:48:a6:8f:3c:fe:
00:ae:77:09:e6:c3:a7:b9:82:33:7a:be:4f:de:33:
be:05:c3:24:ed:6e:4f:09:02:a8:a1:02:ff:7d:6d:
9c:93:af:88:1e:69:fb:f3:ad:ca:d0:34:eb:f4:b8:
ed:27:f9:20:16:93:17:eb:ba:6a:69:3b:07:01:06:
4d:e1:32:8c:d0:84:4e:19:79:28:04:56:bc:5d:78:
19:98:09:81:64:bb:d5:8e:72:e0:b7:09:ff:8b:3a:
02:4b:ff:0b:7e:d9:e2:5e:d3:0a:81:50:57:99:3b:
48:b2:c8:90:89:61:c8:53:3c:ce:37:9e:a0:c9:53:
2a:e6:ad:d3:4e:0c:10:51:71:bc:71:43:d9:8b:9c:
0f:5f:eb:98:c1:4d:82:d4:73:56:c6:4a:94:54:1a:
30:fa:eb:3e:8d:54:54:8c:39:cd:40:78:29:94:51:
92:05:12:6d:4b:77:15:f9:62:73:ab:58:d0:09:39:
d9:a4:e9:04:40:05:4b:24:37:ca:ab:91:e6:1f:fb:
a5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:5D:3B:19:94:DF:8D:09:9D:C8:8F:6C:13:4A:DE:62:92:53:AC:EF
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/EF07GZTfjQmdyI9sE0reYpJTrO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.215.232.0/22
185.235.40.0/22
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
d9:1d:57:6e:b3:fe:11:6a:41:b5:0a:0d:40:a1:80:4b:1d:56:
3d:36:2f:e2:95:98:16:2c:64:85:f7:48:d8:1c:85:af:4c:88:
b7:b3:41:eb:c3:0f:5e:2f:6d:70:1a:09:6c:ae:2e:c0:99:ff:
2a:90:05:5c:0c:01:43:7e:56:3d:36:38:eb:63:c8:16:9f:74:
a4:8a:91:19:7e:15:f7:5e:fc:55:42:7c:71:a1:75:45:50:21:
01:15:11:18:8e:9d:f7:0a:97:81:cf:f5:cf:9e:0d:6d:58:91:
a3:6e:fa:d9:5e:27:e9:fb:61:7e:e6:f8:de:77:ca:00:3a:ee:
a5:c0:4d:1d:c8:72:68:05:c4:f6:53:67:2b:29:de:b6:b2:d8:
30:d0:b0:fd:3d:b5:d9:dd:07:f2:d8:da:28:58:95:e8:f5:ad:
49:aa:fa:01:2e:6e:17:13:4e:a8:dd:65:2f:a1:78:b5:75:73:
1b:36:fb:96:06:c9:80:a5:33:b6:d1:a2:07:c2:6c:00:db:30:
ed:6d:17:63:74:7f:72:b5:e9:f9:42:43:77:d9:01:b6:4f:86:
4c:b9:f9:35:02:bf:0b:df:db:68:47:d3:33:60:9d:c1:13:d0:
11:95:6c:2d:5e:94:53:cf:e5:39:af:1d:18:3c:62:ec:b1:b6:
28:6c:59:ae
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYZFEyoNthsehcUb78qzzz2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMjEyMTAwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDVkM2IxOTk0ZGY4ZDA5OWRjODhmNmMxMzRhZGU2MjkyNTNhY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAideri/BavdxEauZcafGz/pDyHrlr
1QB0ggmrqKaeytw1nCg3J0NdejB+YT8Z1V/gyT0ssD9dSKaPPP4ArncJ5sOnuYIz
er5P3jO+BcMk7W5PCQKooQL/fW2ck6+IHmn7863K0DTr9LjtJ/kgFpMX67pqaTsH
AQZN4TKM0IROGXkoBFa8XXgZmAmBZLvVjnLgtwn/izoCS/8LftniXtMKgVBXmTtI
ssiQiWHIUzzON56gyVMq5q3TTgwQUXG8cUPZi5wPX+uYwU2C1HNWxkqUVBow+us+
jVRUjDnNQHgplFGSBRJtS3cV+WJzq1jQCTnZpOkEQAVLJDfKq5HmH/ulgQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBBdOxmU340JnciPbBNK3mKSU6zvMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvRUYwN0daVGZqUW1keUk5c0UwcmVZcEpUck84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCgrl4AwQC
ucyoAwQCudfoAwQCuesoMA8EAgACMAkDBwIqDUrAAAAwDQYJKoZIhvcNAQELBQAD
ggEBANkdV26z/hFqQbUKDUChgEsdVj02L+KVmBYsZIX3SNgcha9MiLezQevDD14v
bXAaCWyuLsCZ/yqQBVwMAUN+Vj02OOtjyBafdKSKkRl+Ffde/FVCfHGhdUVQIQEV
ERiOnfcKl4HP9c+eDW1YkaNu+tleJ+n7YX7m+N53ygA67qXATR3IcmgFxPZTZysp
3ray2DDQsP09tdndB/LY2ihYlej1rUmq+gEubhcTTqjdZS+heLV1cxs2+5YGyYCl
M7bRogfCbADbMO1tF2N0f3K16flCQ3fZAbZPhky5+TUCvwvf22hH0zNgncET0BGV
bC1elFPP5TmvHRg8YuyxtihsWa4=
-----END CERTIFICATE-----
Generated at Tue May 13 11:32:28 2025 by rpki-client