Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/mcL5ZjaftgK_cTietx22JTdCMjw.roa
File: mcL5ZjaftgK_cTietx22JTdCMjw.roa (raw, json)
Hash identifier: OwCR4jgDD52vQA/XHGurADOlNw39t9JUlNfPD0ejtF8=
Subject key identifier: 99:C2:F9:66:36:9F:B6:02:BF:71:38:9E:B7:1D:B6:25:37:42:32:3C
Certificate issuer: /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial: 01857102BCE278DCA77E31E2B49EE1CCF3CE
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/mcL5ZjaftgK_cTietx22JTdCMjw.roa
Signing time: Mon 02 Jan 2023 05:44:42 +0000
ROA not before: Mon 02 Jan 2023 05:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49685
IP address blocks: 194.59.136.0/24 maxlen: 24
194.59.138.0/24 maxlen: 24
2a07:cb80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:bc:e2:78:dc:a7:7e:31:e2:b4:9e:e1:cc:f3:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
Validity
Not Before: Jan 2 05:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99c2f966369fb602bf71389eb71db6253742323c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:01:de:18:5e:0d:2c:48:0c:d3:23:28:4c:c2:
6d:c5:7c:f4:e1:f0:82:a2:9e:87:95:1e:fa:ff:2f:
9a:a7:c5:b2:24:2d:80:87:c9:ae:13:98:9b:47:93:
da:cd:70:d6:ca:ed:4e:c0:7f:34:f6:b0:52:be:56:
69:ab:9a:d2:2a:59:a0:fe:74:24:54:dd:0d:02:36:
a0:0e:cc:10:7e:63:f1:35:f2:f8:48:07:af:ab:c9:
dc:36:78:64:5d:ba:81:33:43:e8:4c:f2:f5:fe:d0:
d3:54:40:8a:99:e2:2f:0f:e0:c9:44:99:0e:9d:53:
ea:65:05:83:e9:8b:3e:41:fb:0d:d2:42:bd:1c:66:
49:b8:0c:a7:33:ca:d8:26:89:f9:7f:d2:45:b4:03:
3e:ce:8e:6b:d8:5e:10:80:9e:e9:56:01:b5:33:b8:
44:c0:42:e1:e8:2b:16:f9:cf:43:8c:9c:40:27:eb:
7a:e8:26:c1:09:98:2f:d1:ca:9d:6f:de:c1:2d:b7:
76:14:38:4a:00:1a:73:e1:ff:44:f3:45:d6:b9:b4:
04:4b:df:1e:81:01:8f:cb:65:d8:6f:6b:c7:bb:67:
b5:2e:be:9f:05:3d:10:22:6a:fc:53:18:d5:f1:e6:
6b:bd:f8:e7:c1:7d:f1:af:f6:f0:5f:ad:df:1d:35:
d4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C2:F9:66:36:9F:B6:02:BF:71:38:9E:B7:1D:B6:25:37:42:32:3C
X509v3 Authority Key Identifier:
keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/mcL5ZjaftgK_cTietx22JTdCMjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.136.0/24
194.59.138.0/24
IPv6:
2a07:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
75:71:ad:9c:4a:c8:58:0f:2b:12:a8:97:ca:0b:6d:d6:ce:0d:
50:93:16:b1:59:cd:35:cd:a5:3f:5e:81:57:46:ea:16:aa:62:
8b:2e:b4:e0:39:8e:11:6e:85:a4:bb:c1:1d:1d:10:4a:49:1e:
96:47:45:b9:69:69:9e:57:2a:bd:80:2c:de:6a:95:80:e7:30:
ca:79:46:8f:c9:52:ea:2c:1b:fa:bf:bd:c1:a4:35:41:bd:41:
1f:db:9e:86:cb:df:f0:c9:71:70:9c:a8:62:60:d9:ad:e5:af:
2a:4e:03:23:4f:5a:98:fe:20:3a:2a:44:e8:7b:e5:72:f0:d0:
2b:a3:dc:20:38:67:04:83:7a:34:67:e2:ae:d3:51:1a:27:6b:
07:a1:9d:d1:9f:e3:e5:f7:ca:28:44:0e:59:e4:80:09:ef:fc:
8f:1c:ae:82:66:0f:70:c4:da:9b:49:19:2f:52:5f:52:33:d6:
f6:a0:68:cc:b3:36:5c:18:7a:22:b7:a1:e2:e7:d1:06:55:5d:
51:40:71:b3:94:2d:b1:02:09:7b:fd:55:8f:5b:03:fb:0f:df:
dd:59:dd:c4:07:ce:a1:f0:0b:11:b1:01:eb:ba:54:dd:08:43:
85:2e:75:d1:03:d1:a3:5e:fe:34:d7:14:29:a8:9b:e6:c4:69:
12:a0:64:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxArzieNynfjHitJ7hzPPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzkxMmEwNDExYmIwMTc0NTA3MDkyZDBjYTM1YTkxYWQ3
OTkwNWMwHhcNMjMwMTAyMDU0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWMyZjk2NjM2OWZiNjAyYmY3MTM4OWViNzFkYjYyNTM3NDIzMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwHeGF4NLEgM0yMoTMJtxXz04fCC
op6HlR76/y+ap8WyJC2Ah8muE5ibR5PazXDWyu1OwH809rBSvlZpq5rSKlmg/nQk
VN0NAjagDswQfmPxNfL4SAevq8ncNnhkXbqBM0PoTPL1/tDTVECKmeIvD+DJRJkO
nVPqZQWD6Ys+QfsN0kK9HGZJuAynM8rYJon5f9JFtAM+zo5r2F4QgJ7pVgG1M7hE
wELh6CsW+c9DjJxAJ+t66CbBCZgv0cqdb97BLbd2FDhKABpz4f9E80XWubQES98e
gQGPy2XYb2vHu2e1Lr6fBT0QImr8UxjV8eZrvfjnwX3xr/bwX63fHTXUpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJnC+WY2n7YCv3E4nrcdtiU3QjI8MB8GA1UdIwQY
MBaAFFPJEqBBG7AXRQcJLQyjWpGteZBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAt
ZTIxYzQzNmI2MmVmLzEvbWNMNVpqYWZ0Z0tfY1RpZXR4MjJKVGRDTWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAtZTIxYzQzNmI2MmVm
LzEvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwjuIAwQA
wjuKMA0EAgACMAcDBQAqB8uAMA0GCSqGSIb3DQEBCwUAA4IBAQB1ca2cSshYDysS
qJfKC23Wzg1QkxaxWc01zaU/XoFXRuoWqmKLLrTgOY4RboWku8EdHRBKSR6WR0W5
aWmeVyq9gCzeapWA5zDKeUaPyVLqLBv6v73BpDVBvUEf256Gy9/wyXFwnKhiYNmt
5a8qTgMjT1qY/iA6KkToe+Vy8NAro9wgOGcEg3o0Z+Ku01EaJ2sHoZ3Rn+Pl98oo
RA5Z5IAJ7/yPHK6CZg9wxNqbSRkvUl9SM9b2oGjMszZcGHoit6Hi59EGVV1RQHGz
lC2xAgl7/VWPWwP7D9/dWd3EB86h8AsRsQHrulTdCEOFLnXRA9GjXv401xQpqJvm
xGkSoGR0
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:06 2025 by rpki-client