Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MCZMJb8kM5Ke6fzxv5OSAhrXYOg.roa
File: MCZMJb8kM5Ke6fzxv5OSAhrXYOg.roa (raw, json)
Hash identifier: aN/xkWXPhYUtaN8086ncSpfsbKQqFu20Na70bPmtNJU=
Subject key identifier: 30:26:4C:25:BF:24:33:92:9E:E9:FC:F1:BF:93:92:02:1A:D7:60:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018453A8EDE125ABF4C2FBA909AE5F25E9F1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MCZMJb8kM5Ke6fzxv5OSAhrXYOg.roa
Signing time: Mon 07 Nov 2022 19:54:50 +0000
ROA not before: Mon 07 Nov 2022 19:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 18450
IP address blocks: 194.87.213.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:53:a8:ed:e1:25:ab:f4:c2:fb:a9:09:ae:5f:25:e9:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 7 19:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30264c25bf2433929ee9fcf1bf9392021ad760e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:85:9b:c6:b7:9f:a6:82:19:4d:2d:e6:e5:11:
11:6b:bf:ca:9e:2a:92:7f:5b:86:2a:61:88:44:58:
a2:b5:14:a8:c0:86:93:80:d9:49:62:b6:59:bf:42:
98:9c:60:6f:2d:00:59:fe:d8:52:91:5e:90:9b:68:
80:9a:74:0f:75:40:9e:51:dd:c6:fd:79:c7:17:87:
31:16:7e:cf:9a:27:42:f7:a1:f4:cf:27:59:3e:92:
9a:2e:30:84:89:14:bc:a0:8a:1d:aa:d7:14:4c:dc:
de:2e:37:9e:9e:26:1f:75:56:dc:93:75:0e:de:61:
b8:99:b9:59:33:00:56:d7:fc:ac:b1:2f:9c:24:63:
89:1e:31:c8:9e:96:7b:34:8b:dc:2b:11:b3:bf:93:
71:f5:ea:b3:df:ed:3c:66:54:28:e8:99:96:df:ae:
b6:eb:0d:59:b8:31:66:22:b8:55:94:e7:a5:90:2d:
01:02:d0:97:e1:bf:36:f0:6b:03:48:d3:ad:95:93:
02:6e:bd:b9:87:74:37:7a:e1:81:85:91:10:3c:3e:
fe:f8:9b:a0:66:ae:57:ce:c1:8f:a5:4d:b1:37:0d:
15:2a:4f:12:32:a6:e4:30:56:ca:98:1a:9e:c4:48:
41:ac:fd:36:c3:e9:eb:42:32:7f:a3:75:c1:8f:35:
18:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:26:4C:25:BF:24:33:92:9E:E9:FC:F1:BF:93:92:02:1A:D7:60:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MCZMJb8kM5Ke6fzxv5OSAhrXYOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
194.87.213.0/24
Signature Algorithm: sha256WithRSAEncryption
41:14:3d:9b:91:bf:d5:c1:e8:4f:4a:50:ec:77:bc:23:39:a3:
8f:db:33:f7:32:67:ad:4b:e6:e1:d3:31:2b:2f:53:33:dd:35:
3d:d4:66:3d:7e:07:c7:06:c8:ca:85:8f:1b:19:91:b8:d2:75:
3f:93:a0:55:bb:bd:ca:23:69:09:76:13:d0:02:a0:1f:22:ef:
25:4a:0f:b5:1f:d0:a7:8d:c3:4c:3a:28:d9:4a:d2:ec:64:0a:
c2:c2:3e:aa:1e:d2:36:73:d4:0c:7d:46:34:f5:39:0b:cb:b1:
35:3b:03:d4:ef:d9:4d:21:09:19:ab:6e:04:4f:89:cd:7e:1e:
fc:a6:cd:b5:40:3b:ff:cf:37:de:2c:8a:ee:8a:43:92:7d:79:
08:d1:8b:3f:73:ba:17:ce:1a:23:6c:38:05:3a:2f:ae:b2:76:
f1:c4:70:3e:6d:82:ed:d1:78:36:ac:24:a2:12:dd:df:42:7b:
32:6f:f5:49:84:c7:64:79:ae:58:d3:df:25:fb:1c:e8:fd:7f:
5f:2e:03:73:71:18:b5:36:90:93:5b:f1:7b:b2:9c:35:c8:1a:
cd:ab:63:9d:f3:b9:11:eb:7b:43:f0:47:66:24:06:47:77:1b:
1d:90:a2:36:2e:fd:e0:3c:5e:d0:90:55:22:e4:9b:73:fc:37:
5d:36:23:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRTqO3hJav0wvupCa5fJenxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA3MTk1NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI2NGMyNWJmMjQzMzkyOWVlOWZjZjFiZjkzOTIwMjFhZDc2MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIWbxrefpoIZTS3m5RERa7/KniqS
f1uGKmGIRFiitRSowIaTgNlJYrZZv0KYnGBvLQBZ/thSkV6Qm2iAmnQPdUCeUd3G
/XnHF4cxFn7PmidC96H0zydZPpKaLjCEiRS8oIodqtcUTNzeLjeeniYfdVbck3UO
3mG4mblZMwBW1/yssS+cJGOJHjHInpZ7NIvcKxGzv5Nx9eqz3+08ZlQo6JmW3662
6w1ZuDFmIrhVlOelkC0BAtCX4b828GsDSNOtlZMCbr25h3Q3euGBhZEQPD7++Jug
Zq5XzsGPpU2xNw0VKk8SMqbkMFbKmBqexEhBrP02w+nrQjJ/o3XBjzUYoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAmTCW/JDOSnun88b+TkgIa12DoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUNaTUpiOGtNNUtlNmZ6eHY1T1NBaHJYWU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXwRAwQA
wlfVMA0GCSqGSIb3DQEBCwUAA4IBAQBBFD2bkb/VwehPSlDsd7wjOaOP2zP3Mmet
S+bh0zErL1Mz3TU91GY9fgfHBsjKhY8bGZG40nU/k6BVu73KI2kJdhPQAqAfIu8l
Sg+1H9CnjcNMOijZStLsZArCwj6qHtI2c9QMfUY09TkLy7E1OwPU79lNIQkZq24E
T4nNfh78ps21QDv/zzfeLIruikOSfXkI0Ys/c7oXzhojbDgFOi+usnbxxHA+bYLt
0Xg2rCSiEt3fQnsyb/VJhMdkea5Y098l+xzo/X9fLgNzcRi1NpCTW/F7spw1yBrN
q2Od87kR63tD8EdmJAZHdxsdkKI2Lv3gPF7QkFUi5Jtz/DddNiNs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org