Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/M9vUfEX3RT-nMf-BQT-UP8n-m80.roa
File: M9vUfEX3RT-nMf-BQT-UP8n-m80.roa (raw, json)
Hash identifier: DfPF+OFE1acYiHjm2Aj4lpiRyF3E7KVlX0M6ibH1R7M=
Subject key identifier: 33:DB:D4:7C:45:F7:45:3F:A7:31:FF:81:41:3F:94:3F:C9:FE:9B:CD
Certificate issuer: /CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Certificate serial: 0183E535CC4473B14DAC0FFC8C971918F93F
Authority key identifier: 01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/M9vUfEX3RT-nMf-BQT-UP8n-m80.roa
Signing time: Mon 17 Oct 2022 09:10:51 +0000
ROA not before: Mon 17 Oct 2022 09:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208128
IP address blocks: 193.108.111.0/24 maxlen: 24
193.108.110.0/24 maxlen: 24
193.108.110.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:35:cc:44:73:b1:4d:ac:0f:fc:8c:97:19:18:f9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Validity
Not Before: Oct 17 09:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33dbd47c45f7453fa731ff81413f943fc9fe9bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:48:1f:80:93:b3:41:5d:ab:bb:b3:7a:1c:
e4:45:3d:db:78:cd:7e:48:5a:1a:63:2f:3a:f8:4a:
98:b6:2c:7c:f8:d6:6f:59:10:e1:14:eb:14:ee:c4:
85:43:98:5e:5f:a2:06:83:92:ac:a3:0f:ca:98:e2:
d6:3e:77:d0:70:30:55:a8:4b:8c:73:84:be:61:c3:
d2:2e:8d:9e:ce:c4:8f:a9:b0:a8:da:d4:36:ca:a6:
00:c0:3c:a5:ba:0a:51:0b:dd:82:cd:e8:ea:00:75:
92:7f:7d:cc:a9:4b:18:d5:a6:95:ab:85:a5:4b:18:
7c:fb:1f:5f:1c:d0:ff:df:72:0a:bd:c5:7c:e2:5f:
08:74:8d:e6:ae:4d:e1:4d:65:41:c4:c8:0f:c3:e8:
64:7b:e0:e0:7e:70:a1:ce:56:94:e5:16:8f:95:ba:
d8:0b:db:2e:42:90:8a:be:5b:eb:c1:72:03:6a:7b:
6e:e1:51:24:82:f8:2e:04:38:3b:ae:ea:c9:d1:62:
1a:0d:86:98:2e:bf:64:ae:47:a4:c7:1b:b7:24:49:
d2:95:73:eb:f5:b2:17:8a:65:f0:c1:dc:27:f0:6f:
97:03:f0:ff:8e:a8:48:3f:3f:cd:2a:77:71:63:21:
2b:c0:79:d0:62:9a:35:9a:16:b3:48:8d:ab:32:0a:
c9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DB:D4:7C:45:F7:45:3F:A7:31:FF:81:41:3F:94:3F:C9:FE:9B:CD
X509v3 Authority Key Identifier:
keyid:01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/M9vUfEX3RT-nMf-BQT-UP8n-m80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/AcS3hNgWbovQ9H1yD95frsFkWzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.110.0/23
Signature Algorithm: sha256WithRSAEncryption
38:55:17:02:4f:44:8c:92:2b:41:42:a6:91:d3:67:84:fb:46:
49:42:2a:37:d5:b7:20:04:be:a2:cc:bd:de:b2:19:10:2e:ed:
b9:6a:23:c8:10:06:44:ce:70:f8:64:31:b4:61:89:33:87:c3:
32:ad:bc:3a:91:fc:02:41:8b:91:e8:66:fb:2b:15:bd:12:2b:
18:ab:bf:7c:ae:bb:57:be:63:2e:be:c0:b6:51:84:e9:e5:7a:
bc:72:db:c4:52:e0:e7:a5:de:07:d8:09:a5:3a:8e:76:3e:cb:
c2:44:88:c7:e3:32:84:0a:05:02:e9:20:e2:9d:17:ba:a2:eb:
6c:38:79:98:80:b4:0e:57:91:0f:39:8c:6a:6a:86:41:ae:65:
e5:8b:3a:00:80:e9:d0:9a:c2:86:ba:61:7d:3d:ff:03:5e:79:
dd:d3:a0:3b:c9:9e:8e:14:90:0a:f3:ae:9d:e4:2c:35:2f:6a:
fe:31:33:00:ca:75:7b:57:53:f1:f4:df:06:d4:a3:ca:75:e3:
2b:43:57:0f:09:33:4b:89:9c:b8:95:02:4c:d8:63:29:a1:07:
19:87:16:5c:42:59:5d:e9:6b:40:ac:4b:88:d2:fb:74:d4:16:
be:3a:73:85:69:30:55:26:41:50:d9:bd:30:0f:2c:0e:fc:2d:
7a:95:bc:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPlNcxEc7FNrA/8jJcZGPk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzRiNzg0ZDgxNjZlOGJkMGY0N2Q3MjBmZGU1ZmFlYzE2
NDViMzQwHhcNMjIxMDE3MDkxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RiZDQ3YzQ1Zjc0NTNmYTczMWZmODE0MTNmOTQzZmM5ZmU5YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm51IH4CTs0Fdq7uzehzkRT3beM1+
SFoaYy86+EqYtix8+NZvWRDhFOsU7sSFQ5heX6IGg5Ksow/KmOLWPnfQcDBVqEuM
c4S+YcPSLo2ezsSPqbCo2tQ2yqYAwDylugpRC92CzejqAHWSf33MqUsY1aaVq4Wl
Sxh8+x9fHND/33IKvcV84l8IdI3mrk3hTWVBxMgPw+hke+DgfnChzlaU5RaPlbrY
C9suQpCKvlvrwXIDantu4VEkgvguBDg7rurJ0WIaDYaYLr9krkekxxu3JEnSlXPr
9bIXimXwwdwn8G+XA/D/jqhIPz/NKndxYyErwHnQYpo1mhazSI2rMgrJhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPb1HxF90U/pzH/gUE/lD/J/pvNMB8GA1UdIwQY
MBaAFAHEt4TYFm6L0PR9cg/eX67BZFs0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNTM2hOZ1dib3ZROUgxeUQ5NWZyc0ZrV3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mMmI4NDAtMmM4NS00NjViLThiOTMt
NWI1YmViMTA1MTNiLzEvTTl2VWZFWDNSVC1uTWYtQlFULVVQOG4tbTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mMmI4NDAtMmM4NS00NjViLThiOTMtNWI1YmViMTA1MTNi
LzEvQWNTM2hOZ1dib3ZROUgxeUQ5NWZyc0ZrV3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWxuMA0G
CSqGSIb3DQEBCwUAA4IBAQA4VRcCT0SMkitBQqaR02eE+0ZJQio31bcgBL6izL3e
shkQLu25aiPIEAZEznD4ZDG0YYkzh8Myrbw6kfwCQYuR6Gb7KxW9EisYq798rrtX
vmMuvsC2UYTp5Xq8ctvEUuDnpd4H2AmlOo52PsvCRIjH4zKECgUC6SDinRe6outs
OHmYgLQOV5EPOYxqaoZBrmXlizoAgOnQmsKGumF9Pf8DXnnd06A7yZ6OFJAK866d
5Cw1L2r+MTMAynV7V1Px9N8G1KPKdeMrQ1cPCTNLiZy4lQJM2GMpoQcZhxZcQlld
6WtArEuI0vt01Ba+OnOFaTBVJkFQ2b0wDywO/C16lbxd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:55 2025 by rpki-client