Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/mqsR0uxG214rTedwd1F8kEmAOOs.roa
File: mqsR0uxG214rTedwd1F8kEmAOOs.roa (raw, json)
Hash identifier: FXSArM3gzCs+e4JsIBbQiRdiauNLsER1teeQPf6fAxg=
Subject key identifier: 9A:AB:11:D2:EC:46:DB:5E:2B:4D:E7:70:77:51:7C:90:49:80:38:EB
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: AE72EE
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/mqsR0uxG214rTedwd1F8kEmAOOs.roa
Signing time: Sat 01 Jan 2022 02:57:03 +0000
ROA not before: Sat 01 Jan 2022 02:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57256
IP address blocks: 185.156.214.0/24 maxlen: 24
185.156.215.0/24 maxlen: 24
185.4.252.0/24 maxlen: 24
185.4.255.0/24 maxlen: 24
185.156.213.0/24 maxlen: 24
185.156.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11432686 (0xae72ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Jan 1 02:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9aab11d2ec46db5e2b4de77077517c90498038eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:82:ff:1d:53:c2:07:2e:1a:bd:cc:e2:dc:26:
65:3a:65:d6:d9:d8:ca:77:19:7c:5d:2f:cd:a1:1e:
f9:2a:35:9a:04:08:01:ae:3c:e6:21:22:8b:8b:59:
86:a8:96:7d:76:f2:50:5a:44:5b:3a:c7:4e:97:83:
00:f6:e6:ce:de:71:4b:c5:ce:71:c8:eb:43:6d:e6:
00:58:d5:02:73:74:2c:62:ca:f7:a9:25:ae:77:f6:
be:4e:70:7b:08:96:3f:66:9e:f2:b3:a9:ac:e1:19:
2b:a5:93:fe:31:18:c1:e0:9b:49:22:c3:6d:ef:18:
3b:02:b4:56:52:7d:fb:04:69:30:d6:a3:68:d7:86:
41:21:7d:2b:fd:73:ee:03:0c:7e:77:46:a1:55:49:
d1:90:0b:a5:45:e0:fa:79:41:83:8f:b5:84:ea:a7:
4d:d6:5c:d0:b7:ca:7b:33:ee:6c:8d:be:f5:f6:fc:
ce:6b:ca:f6:6d:c1:94:48:08:e4:4c:70:36:a9:76:
2f:48:03:52:4d:03:95:7c:27:87:20:74:e7:3e:e5:
9f:7d:e6:e9:80:6f:e6:0c:b3:85:1c:60:d7:f6:fe:
d0:42:3d:44:eb:e4:b3:cc:3e:5e:c1:b3:ff:3d:06:
b7:6c:9e:a0:8a:76:20:92:6e:68:40:38:cd:97:39:
94:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AB:11:D2:EC:46:DB:5E:2B:4D:E7:70:77:51:7C:90:49:80:38:EB
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/mqsR0uxG214rTedwd1F8kEmAOOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.252.0/24
185.4.255.0/24
185.156.212.0/22
Signature Algorithm: sha256WithRSAEncryption
74:4b:7b:dc:7e:07:bb:8a:1a:59:43:90:1c:32:fd:1d:e1:df:
34:df:dc:41:c1:25:a4:88:5c:cb:b4:ab:99:43:5a:c2:da:15:
19:aa:fb:5d:1b:20:d8:ad:91:ca:2a:d5:13:7a:5c:36:36:16:
e8:bf:ff:5b:d8:09:b0:f6:09:b9:c8:1b:dd:ce:d9:ef:33:c1:
2d:31:4f:3f:8e:03:de:ab:ce:2e:9d:d6:ac:33:ed:d0:f3:bd:
fd:d6:eb:73:a4:14:f2:56:f8:89:55:0c:6a:16:07:4a:88:2d:
cf:68:d4:93:a3:7f:43:a4:28:2d:fc:53:78:f1:98:0e:b4:6d:
0a:fd:d1:84:72:7a:ab:d8:35:7e:6f:af:05:37:7b:82:7d:2b:
87:b9:86:fb:93:bc:2e:5e:ab:d6:b9:62:cd:93:9a:75:2b:40:
72:21:7e:da:8b:b1:0f:a3:a3:35:ec:7d:1b:3d:e9:12:3c:0d:
5c:d2:00:3e:4a:29:d4:23:00:7b:00:4e:e6:94:e6:15:a9:d1:
c9:32:3f:fa:1d:e3:4e:ca:e2:f4:fd:b9:c2:12:d3:bc:82:c5:
bd:80:42:1d:29:ab:8f:f0:02:8e:f6:70:b6:1d:83:0a:83:a4:
6f:1a:fa:9a:5d:23:23:40:bf:53:16:00:b0:e2:1b:9d:f5:15:
7e:d0:4d:56
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAK5y7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjEwMjQzZjk4NjM2ZmFhMGZiNmM1YWU2YmFkOWIwYWJhZDIzNDM4MB4XDTIyMDEw
MTAyNTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFhYjExZDJlYzQ2
ZGI1ZTJiNGRlNzcwNzc1MTdjOTA0OTgwMzhlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeC/x1TwgcuGr3M4twmZTpl1tnYyncZfF0vzaEe+So1mgQI
Aa485iEii4tZhqiWfXbyUFpEWzrHTpeDAPbmzt5xS8XOccjrQ23mAFjVAnN0LGLK
96klrnf2vk5wewiWP2ae8rOprOEZK6WT/jEYweCbSSLDbe8YOwK0VlJ9+wRpMNaj
aNeGQSF9K/1z7gMMfndGoVVJ0ZALpUXg+nlBg4+1hOqnTdZc0LfKezPubI2+9fb8
zmvK9m3BlEgI5ExwNql2L0gDUk0DlXwnhyB05z7ln33m6YBv5gyzhRxg1/b+0EI9
ROvks8w+XsGz/z0Gt2yeoIp2IJJuaEA4zZc5lMMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSaqxHS7EbbXitN53B3UXyQSYA46zAfBgNVHSMEGDAWgBTLECQ/mGNvqg+2
xa5rrZsKutI0ODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l4QWtQNWhqYjZvUHRzV3VhNjJiQ3JyU05EZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvZjhlYjljLTViOTktNGNlZi05M2YwLTQ4ZjE1MWI1MjMxZi8x
L21xc1IwdXhHMjE0clRlZHdkMUY4a0VtQU9Pcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
ZjhlYjljLTViOTktNGNlZi05M2YwLTQ4ZjE1MWI1MjMxZi8xL3l4QWtQNWhqYjZv
UHRzV3VhNjJiQ3JyU05EZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALkE/AMEALkE/wMEArmc1DANBgkq
hkiG9w0BAQsFAAOCAQEAdEt73H4Hu4oaWUOQHDL9HeHfNN/cQcElpIhcy7SrmUNa
wtoVGar7XRsg2K2RyirVE3pcNjYW6L//W9gJsPYJucgb3c7Z7zPBLTFPP44D3qvO
Lp3WrDPt0PO9/dbrc6QU8lb4iVUMahYHSogtz2jUk6N/Q6QoLfxTePGYDrRtCv3R
hHJ6q9g1fm+vBTd7gn0rh7mG+5O8Ll6r1rlizZOadStAciF+2ouxD6OjNex9Gz3p
EjwNXNIAPkop1CMAewBO5pTmFanRyTI/+h3jTsri9P25whLTvILFvYBCHSmrj/AC
jvZwth2DCoOkbxr6ml0jI0C/UxYAsOIbnfUVftBNVg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:31:57 2025 by rpki-client