Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/MWyNuVY89z-HdeaczAsfFFdEv1A.roa
File: MWyNuVY89z-HdeaczAsfFFdEv1A.roa (raw, json)
Hash identifier: Ydd3PD4Xdvms9E7STZIbLOg5+nH9SxnVMdOfi1g8xNM=
Subject key identifier: 31:6C:8D:B9:56:3C:F7:3F:87:75:E6:9C:CC:0B:1F:14:57:44:BF:50
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0189BC7125AA01345F149182127BA425EB7D
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/MWyNuVY89z-HdeaczAsfFFdEv1A.roa
Signing time: Thu 03 Aug 2023 17:27:58 +0000
ROA not before: Thu 03 Aug 2023 17:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/22 maxlen: 22
85.239.151.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:71:25:aa:01:34:5f:14:91:82:12:7b:a4:25:eb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Aug 3 17:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=316c8db9563cf73f8775e69ccc0b1f145744bf50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:40:f4:39:a1:0a:f5:d0:c8:e6:2a:9a:c7:f2:
71:b8:ff:c6:d4:f0:3e:49:3d:56:0a:9b:71:ff:e9:
d8:e6:72:29:a6:52:7d:b0:25:05:be:a9:d3:7b:f7:
dc:69:a0:43:6a:c5:d7:7d:c7:a5:07:f0:7b:2a:39:
fd:9f:f2:b1:52:ad:45:29:86:e9:fc:68:09:82:34:
91:01:00:93:81:99:d9:e1:5d:4f:0c:92:34:64:df:
13:b7:b2:f3:8b:38:2f:27:6e:56:c1:43:5e:7e:cd:
04:33:a8:ef:7f:1a:85:50:7e:ce:a1:f7:03:01:e3:
77:e2:c4:a5:9d:06:e4:66:c5:cd:49:2f:b5:18:c9:
fd:cd:a1:f9:14:f3:78:02:d3:c9:93:86:80:39:23:
f7:a1:bf:62:97:44:7e:7a:a2:21:a5:f7:aa:fd:40:
c7:98:9d:68:38:a5:0c:af:8b:1a:1f:b2:58:a8:ef:
74:20:2c:98:1f:3d:20:05:a7:6b:8a:fa:bb:25:6c:
8b:d1:5c:97:8b:6f:dc:16:c1:c0:ff:77:53:9b:fe:
96:76:e5:74:c9:3d:ec:af:56:e7:65:76:e8:be:95:
65:01:40:30:ea:02:94:bc:d7:49:b3:3e:97:83:3d:
06:fc:67:99:99:10:2d:68:bb:58:1e:b9:94:ca:47:
02:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6C:8D:B9:56:3C:F7:3F:87:75:E6:9C:CC:0B:1F:14:57:44:BF:50
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/MWyNuVY89z-HdeaczAsfFFdEv1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/22
85.239.150.0/23
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:4c:27:61:7d:fa:b1:3b:f8:57:26:eb:b3:79:03:b2:ea:c6:
1e:ff:93:46:94:f3:49:25:9e:d3:c4:d8:5b:20:c8:2a:8c:b4:
14:81:45:b2:13:cb:00:d5:5a:df:bc:1e:fd:06:fb:fe:fc:88:
ac:5c:55:2c:8f:59:e7:0b:44:ab:12:8a:1f:37:f3:62:fc:23:
11:70:47:a4:1e:f7:98:d9:8c:33:6c:19:97:04:79:3d:9a:71:
11:2d:35:a7:b4:47:fb:31:fc:b2:67:aa:20:c2:71:86:d8:8a:
01:e4:16:7e:93:5d:4a:20:44:47:5e:a3:e7:6b:dd:fb:60:d5:
f1:a7:9a:92:d2:56:14:69:a4:96:48:7d:a8:3f:5b:c0:a8:5a:
6c:db:c7:e3:d3:83:2a:b5:53:a6:20:82:fd:6a:28:7a:ba:7a:
8e:1b:9f:90:e1:d3:81:42:86:4f:d0:5c:1f:37:47:fd:47:3d:
2d:36:e4:2d:bc:28:28:65:6f:91:e2:59:4f:63:1c:6d:46:e0:
fc:ea:9b:e1:24:a8:81:ec:6e:1b:10:a8:8d:44:8a:33:0e:0e:
0b:5f:c2:7f:e4:8b:cf:30:5b:22:1b:ba:31:4e:85:d3:a8:f4:
28:81:06:5f:8a:f5:5e:f7:2c:71:3b:01:2c:5f:63:5b:39:46:
fe:a4:66:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm8cSWqATRfFJGCEnukJet9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwODAzMTcyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZjOGRiOTU2M2NmNzNmODc3NWU2OWNjYzBiMWYxNDU3NDRiZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUD0OaEK9dDI5iqax/JxuP/G1PA+
ST1WCptx/+nY5nIpplJ9sCUFvqnTe/fcaaBDasXXfcelB/B7Kjn9n/KxUq1FKYbp
/GgJgjSRAQCTgZnZ4V1PDJI0ZN8Tt7LzizgvJ25WwUNefs0EM6jvfxqFUH7OofcD
AeN34sSlnQbkZsXNSS+1GMn9zaH5FPN4AtPJk4aAOSP3ob9il0R+eqIhpfeq/UDH
mJ1oOKUMr4saH7JYqO90ICyYHz0gBadrivq7JWyL0VyXi2/cFsHA/3dTm/6WduV0
yT3sr1bnZXbovpVlAUAw6gKUvNdJsz6Xgz0G/GeZmRAtaLtYHrmUykcCgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDFsjblWPPc/h3XmnMwLHxRXRL9QMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvTVd5TnVWWTg5ei1IZGVhY3pBc2ZGRmRFdjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVe+QAwQB
Ve+WAwQAuV+fMA0GCSqGSIb3DQEBCwUAA4IBAQCjTCdhffqxO/hXJuuzeQOy6sYe
/5NGlPNJJZ7TxNhbIMgqjLQUgUWyE8sA1VrfvB79Bvv+/IisXFUsj1nnC0SrEoof
N/Ni/CMRcEekHveY2YwzbBmXBHk9mnERLTWntEf7MfyyZ6ogwnGG2IoB5BZ+k11K
IERHXqPna937YNXxp5qS0lYUaaSWSH2oP1vAqFps28fj04MqtVOmIIL9aih6unqO
G5+Q4dOBQoZP0FwfN0f9Rz0tNuQtvCgoZW+R4llPYxxtRuD86pvhJKiB7G4bEKiN
RIozDg4LX8J/5IvPMFsiG7oxToXTqPQogQZfivVe9yxxOwEsX2NbOUb+pGbA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:00 2025 by rpki-client