Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/EMBY6jXezC_eFw7fJi9F_0myXfo.roa
File: EMBY6jXezC_eFw7fJi9F_0myXfo.roa (raw, json)
Hash identifier: tyHiGYLPo4ZQLdrfOSTfAoqHG79qS6d0xCij9/H+QP8=
Subject key identifier: 10:C0:58:EA:35:DE:CC:2F:DE:17:0E:DF:26:2F:45:FF:49:B2:5D:FA
Certificate issuer: /CN=6f5762cd53a03e32242046a01a8e1ccac946b6dd
Certificate serial: 01856E2FAC4D457FA31257731F132D81C3DF
Authority key identifier: 6F:57:62:CD:53:A0:3E:32:24:20:46:A0:1A:8E:1C:CA:C9:46:B6:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1dizVOgPjIkIEagGo4cyslGtt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/EMBY6jXezC_eFw7fJi9F_0myXfo.roa
Signing time: Sun 01 Jan 2023 16:34:55 +0000
ROA not before: Sun 01 Jan 2023 16:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202682
IP address blocks: 185.155.128.0/22 maxlen: 24
2a07:9444::/32 maxlen: 48
2a07:9440::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ac:4d:45:7f:a3:12:57:73:1f:13:2d:81:c3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5762cd53a03e32242046a01a8e1ccac946b6dd
Validity
Not Before: Jan 1 16:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10c058ea35decc2fde170edf262f45ff49b25dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a4:e7:a4:b6:d4:2b:d5:7d:f7:e3:79:8a:ed:
6d:11:f6:25:74:44:af:aa:de:49:60:9b:9e:f6:93:
08:dd:dc:50:16:6a:db:b7:24:19:97:cd:e2:36:25:
e7:71:a3:8f:d7:00:1c:73:c9:d1:77:21:f8:9a:e4:
c5:43:78:38:10:7b:cb:7e:38:21:42:2b:de:12:24:
86:89:a4:34:da:b4:c3:62:57:2c:7d:32:12:34:b9:
4c:e0:30:de:20:35:e2:00:ee:a0:8b:a0:73:62:56:
11:b4:e0:33:a5:cc:e6:96:19:e1:8e:1f:02:bf:04:
a3:42:09:f1:1b:1e:91:2b:7a:56:5e:94:eb:6b:2c:
07:37:87:5d:2a:ac:2d:c3:44:ef:9f:f6:c2:2a:ba:
99:32:d8:d2:ff:a8:54:6e:45:c2:d4:20:72:d4:cf:
f1:ca:72:75:35:b2:69:b2:b9:b0:54:c6:0e:dd:e6:
da:e4:5d:fd:86:52:7c:63:80:30:1d:88:b6:f7:4b:
4b:8f:7c:70:ab:a3:45:7d:d6:76:e1:b7:44:26:8b:
99:56:90:79:94:f9:42:8e:49:84:83:fa:c5:8c:97:
07:ae:09:9c:fc:36:24:9e:24:da:b9:4c:12:07:2f:
d7:5a:ae:20:c3:d1:7a:ad:d1:27:d9:ab:64:4d:41:
62:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C0:58:EA:35:DE:CC:2F:DE:17:0E:DF:26:2F:45:FF:49:B2:5D:FA
X509v3 Authority Key Identifier:
keyid:6F:57:62:CD:53:A0:3E:32:24:20:46:A0:1A:8E:1C:CA:C9:46:B6:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1dizVOgPjIkIEagGo4cyslGtt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/EMBY6jXezC_eFw7fJi9F_0myXfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/b1dizVOgPjIkIEagGo4cyslGtt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.128.0/22
IPv6:
2a07:9440::/29
Signature Algorithm: sha256WithRSAEncryption
90:f7:d4:15:de:89:ae:63:d6:0a:03:92:67:aa:bf:50:74:bb:
ed:9c:0f:fc:d6:81:81:ee:60:27:ba:72:4c:98:3c:89:e2:59:
3e:50:56:15:63:4e:1d:93:c8:91:a7:d0:2b:22:f0:6d:4f:dd:
4a:df:43:bd:88:dd:ef:c4:9c:d8:4c:65:e2:bf:32:6f:c5:ab:
3b:d4:b3:58:2c:84:0f:74:4c:88:ca:42:89:64:4a:f4:69:4c:
61:18:b2:66:67:45:e0:9d:cb:40:8a:1e:84:a6:18:cb:87:12:
ca:22:23:0e:20:37:45:91:3d:4a:53:4d:fa:a2:42:d0:e9:65:
d1:fb:ef:99:bf:f7:15:03:b5:d0:f4:92:9f:9a:10:21:d4:cb:
7e:65:af:85:ac:57:1d:5f:2f:c9:1f:97:63:13:65:db:ca:a5:
c1:c6:ea:b7:75:40:95:3e:00:fd:f4:ae:cf:77:5c:05:be:7f:
8c:0e:06:89:b0:18:34:dc:2b:dc:14:a8:f4:e3:f5:31:b5:fd:
7b:0b:a6:49:e0:53:6c:22:1f:7d:13:7b:4e:33:e7:a3:36:ce:
c2:88:6b:38:9a:75:da:f1:69:1c:3c:46:1a:8e:aa:d2:a3:89:
76:45:73:9e:28:9b:51:47:a1:c3:dc:08:12:94:d5:b2:5b:be:
38:0f:0b:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL6xNRX+jEldzHxMtgcPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNTc2MmNkNTNhMDNlMzIyNDIwNDZhMDFhOGUxY2NhYzk0
NmI2ZGQwHhcNMjMwMTAxMTYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGMwNThlYTM1ZGVjYzJmZGUxNzBlZGYyNjJmNDVmZjQ5YjI1ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6TnpLbUK9V99+N5iu1tEfYldESv
qt5JYJue9pMI3dxQFmrbtyQZl83iNiXncaOP1wAcc8nRdyH4muTFQ3g4EHvLfjgh
QiveEiSGiaQ02rTDYlcsfTISNLlM4DDeIDXiAO6gi6BzYlYRtOAzpczmlhnhjh8C
vwSjQgnxGx6RK3pWXpTraywHN4ddKqwtw0Tvn/bCKrqZMtjS/6hUbkXC1CBy1M/x
ynJ1NbJpsrmwVMYO3eba5F39hlJ8Y4AwHYi290tLj3xwq6NFfdZ24bdEJouZVpB5
lPlCjkmEg/rFjJcHrgmc/DYkniTauUwSBy/XWq4gw9F6rdEn2atkTUFiCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBDAWOo13swv3hcO3yYvRf9Jsl36MB8GA1UdIwQY
MBaAFG9XYs1ToD4yJCBGoBqOHMrJRrbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjFkaXpWT2dQaklrSUVhZ0dvNGN5c2xHdHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mNmZkYzMtOWNmYy00N2ZkLWJiYTgt
NzljYmYzOTVkNzI2LzEvRU1CWTZqWGV6Q19lRnc3ZkppOUZfMG15WGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mNmZkYzMtOWNmYy00N2ZkLWJiYTgtNzljYmYzOTVkNzI2
LzEvYjFkaXpWT2dQaklrSUVhZ0dvNGN5c2xHdHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZuAMA0E
AgACMAcDBQMqB5RAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ99QV3omuY9YKA5Jnqr9Q
dLvtnA/81oGB7mAnunJMmDyJ4lk+UFYVY04dk8iRp9ArIvBtT91K30O9iN3vxJzY
TGXivzJvxas71LNYLIQPdEyIykKJZEr0aUxhGLJmZ0XgnctAih6EphjLhxLKIiMO
IDdFkT1KU036okLQ6WXR+++Zv/cVA7XQ9JKfmhAh1Mt+Za+FrFcdXy/JH5djE2Xb
yqXBxuq3dUCVPgD99K7Pd1wFvn+MDgaJsBg03CvcFKj04/Uxtf17C6ZJ4FNsIh99
E3tOM+ejNs7CiGs4mnXa8WkcPEYajqrSo4l2RXOeKJtRR6HD3AgSlNWyW744DwtL
-----END CERTIFICATE-----
Generated at Mon May 12 17:24:38 2025 by rpki-client