Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/mSdKruX_1pMYhB1alDfONEPkw1s.roa
File: mSdKruX_1pMYhB1alDfONEPkw1s.roa (raw, json)
Hash identifier: G2JULZe10UdiI4dlYipN6DXzzFMb/O3cFG+FP72/BMc=
Subject key identifier: 99:27:4A:AE:E5:FF:D6:93:18:84:1D:5A:94:37:CE:34:43:E4:C3:5B
Certificate issuer: /CN=709d69957d333432accac810231e289388e302e2
Certificate serial: 01856D4AA326F5D3C5EDE17807F446877115
Authority key identifier: 70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/mSdKruX_1pMYhB1alDfONEPkw1s.roa
Signing time: Sun 01 Jan 2023 12:24:46 +0000
ROA not before: Sun 01 Jan 2023 12:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13287
IP address blocks: 178.255.226.0/24 maxlen: 24
178.255.225.0/24 maxlen: 24
178.255.224.0/24 maxlen: 24
178.255.230.0/24 maxlen: 24
178.255.229.0/24 maxlen: 24
178.255.228.0/24 maxlen: 24
178.255.231.0/24 maxlen: 24
178.255.227.0/24 maxlen: 24
2a00:a220::/33 maxlen: 33
2a00:a220:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:a3:26:f5:d3:c5:ed:e1:78:07:f4:46:87:71:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709d69957d333432accac810231e289388e302e2
Validity
Not Before: Jan 1 12:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99274aaee5ffd69318841d5a9437ce3443e4c35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:96:1d:d3:ea:ba:57:c3:76:9a:20:bb:45:7c:
a1:8f:33:35:68:e7:fa:6a:22:60:10:ce:75:12:d7:
04:1a:ed:40:8e:e6:49:f3:1c:74:7d:d6:74:e3:d9:
ef:e2:c0:26:07:87:66:ec:ec:6c:2b:4d:ec:a3:dd:
c1:5e:b0:17:a8:b2:52:80:df:87:36:0d:e5:c2:55:
96:c0:a6:e9:db:50:27:86:ef:8d:8a:d0:e2:82:81:
d7:52:b2:7b:67:99:b2:c5:60:e0:9e:14:a6:e3:c6:
55:0d:6e:f7:65:bb:8d:c4:e7:af:8e:23:7c:d4:49:
23:57:2e:f7:5f:e3:24:d4:8c:23:95:39:b2:86:3d:
f6:25:fd:f6:11:7f:6b:65:f8:4c:e5:1e:eb:a6:37:
5b:f0:55:44:47:27:7d:08:ca:e0:1a:09:10:4b:57:
09:82:82:b9:57:b6:32:76:01:3d:a1:ed:57:08:6d:
4e:4b:6a:16:42:28:3c:9d:2c:da:dc:76:0e:bf:63:
63:d3:50:e3:c8:a4:00:6f:af:ec:85:b9:44:fd:cf:
0d:26:f9:0c:8d:1e:b0:46:8f:5f:e2:d4:1e:75:39:
02:2f:8b:09:5b:31:8f:05:06:d4:17:5c:b7:82:20:
b8:50:32:c3:cc:18:44:f9:e8:db:b9:f2:53:0f:3a:
af:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:27:4A:AE:E5:FF:D6:93:18:84:1D:5A:94:37:CE:34:43:E4:C3:5B
X509v3 Authority Key Identifier:
keyid:70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/mSdKruX_1pMYhB1alDfONEPkw1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/cJ1plX0zNDKsysgQIx4ok4jjAuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.224.0/21
IPv6:
2a00:a220::/32
Signature Algorithm: sha256WithRSAEncryption
61:80:a5:72:88:7d:51:90:8c:d0:77:34:48:98:6b:a6:bf:9f:
b5:b6:f3:75:72:62:ef:bb:48:28:de:29:e5:19:19:e0:12:e3:
f3:92:cc:e1:6b:0d:ac:de:93:1b:87:ba:7f:a6:ef:69:84:9a:
f1:45:54:6d:a1:9c:a8:c8:f6:c9:ac:ee:76:15:c3:61:6f:1f:
5c:a1:73:eb:46:10:d2:7a:34:d9:ba:62:ae:f1:e8:93:1d:b0:
bf:41:70:53:36:15:57:0c:6e:82:96:4e:63:f1:3a:3f:0a:a5:
82:c3:84:ba:06:ed:25:3f:be:41:17:89:78:36:48:ee:9b:fb:
46:d3:e4:0d:09:8f:ab:de:9f:6d:13:be:6e:10:cb:ea:fe:22:
cf:76:ee:f3:d4:50:96:4a:36:a3:7d:67:e8:9e:68:81:19:9a:
09:a2:fd:84:fc:b0:f0:18:f2:ff:9e:62:1f:46:ce:48:2e:5b:
82:85:e1:c7:1b:2c:4c:d0:30:d4:25:a4:61:a5:71:cc:34:5b:
fb:8c:37:74:f9:38:78:62:b9:ea:c6:58:95:ac:bc:40:3e:82:
ed:4f:11:f7:08:49:17:69:74:db:59:84:56:a9:97:9d:1b:ce:
48:95:50:a6:61:bd:e7:46:23:d4:7a:a7:dd:24:7f:ab:59:97:
9a:17:b8:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtSqMm9dPF7eF4B/RGh3EVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWQ2OTk1N2QzMzM0MzJhY2NhYzgxMDIzMWUyODkzODhl
MzAyZTIwHhcNMjMwMTAxMTIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTI3NGFhZWU1ZmZkNjkzMTg4NDFkNWE5NDM3Y2UzNDQzZTRjMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZYd0+q6V8N2miC7RXyhjzM1aOf6
aiJgEM51EtcEGu1AjuZJ8xx0fdZ049nv4sAmB4dm7OxsK03so93BXrAXqLJSgN+H
Ng3lwlWWwKbp21Anhu+NitDigoHXUrJ7Z5myxWDgnhSm48ZVDW73ZbuNxOevjiN8
1EkjVy73X+Mk1IwjlTmyhj32Jf32EX9rZfhM5R7rpjdb8FVERyd9CMrgGgkQS1cJ
goK5V7YydgE9oe1XCG1OS2oWQig8nSza3HYOv2Nj01DjyKQAb6/shblE/c8NJvkM
jR6wRo9f4tQedTkCL4sJWzGPBQbUF1y3giC4UDLDzBhE+ejbufJTDzqvTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJknSq7l/9aTGIQdWpQ3zjRD5MNbMB8GA1UdIwQY
MBaAFHCdaZV9MzQyrMrIECMeKJOI4wLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQt
MDhhNjg2MzJhNjNhLzEvbVNkS3J1WF8xcE1ZaEIxYWxEZk9ORVBrdzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQtMDhhNjg2MzJhNjNh
LzEvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsv/gMA0E
AgACMAcDBQAqAKIgMA0GCSqGSIb3DQEBCwUAA4IBAQBhgKVyiH1RkIzQdzRImGum
v5+1tvN1cmLvu0go3inlGRngEuPzkszhaw2s3pMbh7p/pu9phJrxRVRtoZyoyPbJ
rO52FcNhbx9coXPrRhDSejTZumKu8eiTHbC/QXBTNhVXDG6Clk5j8To/CqWCw4S6
Bu0lP75BF4l4Nkjum/tG0+QNCY+r3p9tE75uEMvq/iLPdu7z1FCWSjajfWfonmiB
GZoJov2E/LDwGPL/nmIfRs5ILluCheHHGyxM0DDUJaRhpXHMNFv7jDd0+Th4Yrnq
xliVrLxAPoLtTxH3CEkXaXTbWYRWqZedG85IlVCmYb3nRiPUeqfdJH+rWZeaF7g9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:58 2025 by rpki-client