Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/mPauGbxEqP026yQUDg_qVnA7DX0.roa
File: mPauGbxEqP026yQUDg_qVnA7DX0.roa (raw, json)
Hash identifier: 4PeFil33oBypCo9/ohJyXGxQ3E+u6/yyMy+rhIPG+eQ=
Subject key identifier: 98:F6:AE:19:BC:44:A8:FD:36:EB:24:14:0E:0F:EA:56:70:3B:0D:7D
Certificate issuer: /CN=931e3c8de0add9da95cf44d89f50bfde7ae19a57
Certificate serial: 383A8D64
Authority key identifier: 93:1E:3C:8D:E0:AD:D9:DA:95:CF:44:D8:9F:50:BF:DE:7A:E1:9A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kx48jeCt2dqVz0TYn1C_3nrhmlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/mPauGbxEqP026yQUDg_qVnA7DX0.roa
Signing time: Sat 01 Jan 2022 13:03:35 +0000
ROA not before: Sat 01 Jan 2022 13:03:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49983
IP address blocks: 109.71.96.0/21 maxlen: 21
185.19.168.0/22 maxlen: 22
91.212.196.0/24 maxlen: 24
2a00:17e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943361380 (0x383a8d64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=931e3c8de0add9da95cf44d89f50bfde7ae19a57
Validity
Not Before: Jan 1 13:03:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98f6ae19bc44a8fd36eb24140e0fea56703b0d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fc:81:dd:70:a6:6f:94:a6:b4:56:65:f3:9c:
e0:1c:a3:8f:69:fc:58:58:fb:7b:72:55:6a:48:4a:
87:4f:ef:20:a0:dc:77:d4:ae:52:78:93:12:34:5d:
ab:01:08:3b:e6:28:cc:86:b0:b4:ec:aa:13:fa:75:
df:bc:29:6b:c7:d9:a3:88:ef:a5:cc:2d:f3:4f:ca:
78:c8:4c:98:ba:ed:9c:12:48:43:0b:f5:70:b2:42:
9c:1b:34:cb:c4:96:a3:1f:6c:f4:cb:03:28:1b:28:
9a:79:1a:c7:ad:ce:e9:f0:35:b0:7e:54:eb:90:a0:
af:be:1c:d7:2f:c9:ff:07:b9:6d:5c:29:38:8c:e0:
b5:ab:7f:88:48:5a:30:36:ec:ae:5d:80:ab:d1:d1:
4b:11:04:59:ea:6e:b0:41:14:b1:67:3b:64:61:2b:
8c:02:d0:93:d5:89:6f:e4:9b:48:38:42:4f:1f:d0:
2f:b7:ff:01:e1:c2:8d:64:3f:a1:b8:3e:86:f9:c6:
27:47:2d:a0:74:a2:b6:37:a8:5a:73:ac:69:46:ff:
f5:96:0f:24:9b:47:b1:ee:bd:46:52:dc:c4:f4:7e:
62:7e:d7:26:04:a9:c6:fc:ca:03:e2:cc:57:f1:f0:
14:15:4e:24:31:fb:d7:23:c1:8f:c4:79:1c:f5:e2:
93:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F6:AE:19:BC:44:A8:FD:36:EB:24:14:0E:0F:EA:56:70:3B:0D:7D
X509v3 Authority Key Identifier:
keyid:93:1E:3C:8D:E0:AD:D9:DA:95:CF:44:D8:9F:50:BF:DE:7A:E1:9A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kx48jeCt2dqVz0TYn1C_3nrhmlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/mPauGbxEqP026yQUDg_qVnA7DX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/kx48jeCt2dqVz0TYn1C_3nrhmlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.196.0/24
109.71.96.0/21
185.19.168.0/22
IPv6:
2a00:17e0::/32
Signature Algorithm: sha256WithRSAEncryption
62:dd:8b:ad:02:19:52:9b:67:21:2a:f3:51:db:63:46:45:21:
b1:6d:fa:c4:97:77:1d:d8:45:de:66:a0:ea:78:eb:cd:cb:47:
b6:ee:9b:18:62:25:10:58:23:14:8a:ff:f6:4c:e7:b0:42:5b:
0c:28:8b:a4:72:45:2e:ce:41:82:1a:9e:93:6e:65:3a:45:04:
1a:3a:6d:28:f2:d5:32:12:e8:61:51:ab:9d:37:5e:69:4c:27:
b0:fe:a7:53:5c:b9:5d:0f:93:b9:71:61:75:15:2e:37:1e:23:
61:2b:ea:56:25:cf:a7:dd:1d:c6:0f:0b:8e:b5:15:24:af:4f:
ae:e3:7f:43:dc:13:80:4a:7a:67:ac:ea:40:da:7f:70:d2:4f:
4c:00:6b:2b:5b:a1:d0:a3:eb:f6:82:8c:aa:27:1b:15:4f:cc:
c7:65:a4:e5:51:d9:65:b7:b2:f5:91:e2:4b:8b:ff:b4:28:1d:
33:df:b2:fc:e7:b9:46:d1:91:fa:25:bd:6e:92:a7:20:c4:84:
b9:81:23:43:1d:11:e1:e4:72:69:8a:1a:bf:21:9d:cb:92:62:
41:f0:4c:a9:7d:78:f4:88:58:d2:84:b3:34:81:3a:3d:42:7d:
c4:dc:56:7a:4d:f8:6f:8c:8f:5d:18:b2:c8:31:49:12:80:89:
74:d1:af:7a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEODqNZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzFlM2M4ZGUwYWRkOWRhOTVjZjQ0ZDg5ZjUwYmZkZTdhZTE5YTU3MB4XDTIyMDEw
MTEzMDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThmNmFlMTliYzQ0
YThmZDM2ZWIyNDE0MGUwZmVhNTY3MDNiMGQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOP8gd1wpm+UprRWZfOc4Byjj2n8WFj7e3JVakhKh0/vIKDc
d9SuUniTEjRdqwEIO+YozIawtOyqE/p137wpa8fZo4jvpcwt80/KeMhMmLrtnBJI
Qwv1cLJCnBs0y8SWox9s9MsDKBsomnkax63O6fA1sH5U65Cgr74c1y/J/we5bVwp
OIzgtat/iEhaMDbsrl2Aq9HRSxEEWepusEEUsWc7ZGErjALQk9WJb+SbSDhCTx/Q
L7f/AeHCjWQ/obg+hvnGJ0ctoHSitjeoWnOsaUb/9ZYPJJtHse69RlLcxPR+Yn7X
JgSpxvzKA+LMV/HwFBVOJDH71yPBj8R5HPXik2MCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSY9q4ZvESo/TbrJBQOD+pWcDsNfTAfBgNVHSMEGDAWgBSTHjyN4K3Z2pXP
RNifUL/eeuGaVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t4NDhqZUN0MmRxVnowVFluMUNfM25yaG1sYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvODUyY2ZkLWQ1OTItNGMyZC05NGNmLWI5Y2E3NTU1YzJjNS8x
L21QYXVHYnhFcVAwMjZ5UVVEZ19xVm5BN0RYMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
ODUyY2ZkLWQ1OTItNGMyZC05NGNmLWI5Y2E3NTU1YzJjNS8xL2t4NDhqZUN0MmRx
VnowVFluMUNfM25yaG1sYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFvUxAMEA21HYAMEArkTqDANBAIA
AjAHAwUAKgAX4DANBgkqhkiG9w0BAQsFAAOCAQEAYt2LrQIZUptnISrzUdtjRkUh
sW36xJd3HdhF3mag6njrzctHtu6bGGIlEFgjFIr/9kznsEJbDCiLpHJFLs5Bghqe
k25lOkUEGjptKPLVMhLoYVGrnTdeaUwnsP6nU1y5XQ+TuXFhdRUuNx4jYSvqViXP
p90dxg8LjrUVJK9PruN/Q9wTgEp6Z6zqQNp/cNJPTABrK1uh0KPr9oKMqicbFU/M
x2Wk5VHZZbey9ZHiS4v/tCgdM9+y/Oe5RtGR+iW9bpKnIMSEuYEjQx0R4eRyaYoa
vyGdy5JiQfBMqX149IhY0oSzNIE6PUJ9xNxWek34b4yPXRiyyDFJEoCJdNGveg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:16 2025 by rpki-client