Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mgl1FMS0eryXRtUr47Rz-qUG38M.roa
File: Mgl1FMS0eryXRtUr47Rz-qUG38M.roa (raw, json)
Hash identifier: /rIVr6ZbP3KZtoF4DDfTKNZVNk/rmkQZsmsY+tEWN0Q=
Subject key identifier: 32:09:75:14:C4:B4:7A:BC:97:46:D5:2B:E3:B4:73:FA:A5:06:DF:C3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188D88B2C2A2F6CE6AF338331FC9CFD1700
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mgl1FMS0eryXRtUr47Rz-qUG38M.roa
Signing time: Tue 20 Jun 2023 11:22:59 +0000
ROA not before: Tue 20 Jun 2023 11:22:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 194.87.22.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:8b:2c:2a:2f:6c:e6:af:33:83:31:fc:9c:fd:17:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 20 11:22:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32097514c4b47abc9746d52be3b473faa506dfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c8:d2:46:65:10:6c:9d:80:3f:a9:ca:bc:a7:
a0:11:7b:00:6c:1e:81:f6:54:9a:5c:b7:34:da:3d:
25:22:49:54:ef:c8:c6:61:51:a6:f9:83:3c:e9:d5:
5c:c3:bc:d4:d7:b9:99:aa:fe:01:49:e9:ac:65:ed:
75:d7:5d:72:3d:db:04:25:f6:a4:97:d0:9f:69:65:
63:df:a5:22:d3:e2:06:41:20:f2:37:e7:67:1d:df:
98:d0:fd:8b:0d:64:09:d8:47:2f:18:a6:fe:7e:c1:
78:00:14:1e:12:57:0a:d9:f1:2c:0e:bd:87:10:40:
78:5e:9a:32:7a:4b:35:ab:06:cc:af:8d:df:a9:c9:
5a:26:df:d3:6a:06:3a:19:7d:6c:c5:82:2a:1b:fa:
42:51:61:d9:ac:47:14:26:f8:b0:55:2d:b8:47:89:
07:ab:7a:48:a8:9b:fc:9f:ba:49:cf:1e:0f:27:45:
be:2b:d1:8f:bc:5b:ec:17:42:56:45:e8:f2:b9:fe:
ea:72:2a:95:47:41:52:71:3b:32:cf:fe:5d:ed:55:
4c:59:42:a1:21:e8:a7:e2:af:cb:f9:97:fc:31:6f:
d6:ec:66:39:97:52:ab:be:5f:b8:64:a0:b5:5f:44:
75:22:94:e5:ef:c3:3e:77:cc:33:0a:a4:74:85:9a:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:09:75:14:C4:B4:7A:BC:97:46:D5:2B:E3:B4:73:FA:A5:06:DF:C3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mgl1FMS0eryXRtUr47Rz-qUG38M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
194.87.22.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ae:79:65:31:af:1d:21:e0:5e:d5:c1:dc:52:dd:75:a6:9b:
49:0e:68:dd:87:03:6d:db:17:6c:59:fa:f0:75:eb:18:66:05:
22:c6:7b:8c:bf:4f:cc:10:b9:e9:63:2a:c8:05:b1:c9:89:8b:
d4:95:bf:64:81:b4:3a:4b:2a:20:f4:86:cd:be:ef:df:46:9f:
83:4f:38:be:ce:f0:98:ef:e1:8a:d4:88:53:1b:48:67:1a:48:
1a:c0:4f:cb:c8:04:14:fb:b7:57:c4:47:aa:0d:ba:46:6d:dc:
a8:a9:76:77:5e:c7:33:1d:ba:25:63:17:aa:f3:25:5e:3b:f1:
26:2e:ee:94:b5:d4:fa:d2:58:02:b9:83:6b:90:bf:07:20:e6:
24:04:ae:08:73:e7:a4:34:9a:5e:36:60:14:c1:41:fc:c1:95:
a3:e4:0d:c4:05:ec:d0:03:3e:62:90:33:e3:99:ff:91:47:97:
fc:d8:b0:1d:b2:56:1b:0f:74:a5:16:db:e3:6c:0c:50:c7:86:
b4:7d:45:31:27:24:a0:00:d5:8b:cd:b4:6f:e9:fa:75:a8:66:
f5:6a:ad:ae:d5:75:4b:24:a6:74:ba:b2:88:48:a9:e1:40:99:
b2:c8:a9:2b:06:39:7b:21:2f:98:37:c9:c1:f5:23:a3:75:ad:
68:0d:52:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjYiywqL2zmrzODMfyc/RcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIwMTEyMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjA5NzUxNGM0YjQ3YWJjOTc0NmQ1MmJlM2I0NzNmYWE1MDZkZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8jSRmUQbJ2AP6nKvKegEXsAbB6B
9lSaXLc02j0lIklU78jGYVGm+YM86dVcw7zU17mZqv4BSemsZe11111yPdsEJfak
l9CfaWVj36Ui0+IGQSDyN+dnHd+Y0P2LDWQJ2EcvGKb+fsF4ABQeElcK2fEsDr2H
EEB4Xpoyeks1qwbMr43fqclaJt/TagY6GX1sxYIqG/pCUWHZrEcUJviwVS24R4kH
q3pIqJv8n7pJzx4PJ0W+K9GPvFvsF0JWRejyuf7qciqVR0FScTsyz/5d7VVMWUKh
Iein4q/L+Zf8MW/W7GY5l1Krvl+4ZKC1X0R1IpTl78M+d8wzCqR0hZoq4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDIJdRTEtHq8l0bVK+O0c/qlBt/DMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTWdsMUZNUzBlcnlYUnRVcjQ3UnotcVVHMzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUgLAwQA
wlcWMA0GCSqGSIb3DQEBCwUAA4IBAQAernllMa8dIeBe1cHcUt11pptJDmjdhwNt
2xdsWfrwdesYZgUixnuMv0/MELnpYyrIBbHJiYvUlb9kgbQ6Syog9IbNvu/fRp+D
Tzi+zvCY7+GK1IhTG0hnGkgawE/LyAQU+7dXxEeqDbpGbdyoqXZ3XsczHbolYxeq
8yVeO/EmLu6UtdT60lgCuYNrkL8HIOYkBK4Ic+ekNJpeNmAUwUH8wZWj5A3EBezQ
Az5ikDPjmf+RR5f82LAdslYbD3SlFtvjbAxQx4a0fUUxJySgANWLzbRv6fp1qGb1
aq2u1XVLJKZ0urKISKnhQJmyyKkrBjl7IS+YN8nB9SOjda1oDVLA
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:18:02 2025 by rpki-client