Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/dML9AwhAQ4BrFrO4sVowBOQuH9g.roa
File: dML9AwhAQ4BrFrO4sVowBOQuH9g.roa (raw, json)
Hash identifier: OYnEcWKENDtDQeH5X3wpOjwVyRski5QS9kyufzVsRiU=
Subject key identifier: 74:C2:FD:03:08:40:43:80:6B:16:B3:B8:B1:5A:30:04:E4:2E:1F:D8
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 018BFB9757F13744AA2E0AD6389195768330
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/dML9AwhAQ4BrFrO4sVowBOQuH9g.roa
Signing time: Thu 23 Nov 2023 09:51:21 +0000
ROA not before: Thu 23 Nov 2023 09:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41114
IP address blocks: 31.11.40.0/21 maxlen: 24
45.151.16.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
185.42.112.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
77.83.228.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
153.92.104.0/21 maxlen: 21
2a0a:7980::/32 maxlen: 32
2a01:60e0::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 48
2a09:4380::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a00:7aa0::/32 maxlen: 32
2a0f:d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:97:57:f1:37:44:aa:2e:0a:d6:38:91:95:76:83:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Nov 23 09:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74c2fd03084043806b16b3b8b15a3004e42e1fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:54:6b:e4:80:e9:96:f2:96:2b:80:8c:88:32:
1c:41:ce:24:7b:64:0c:4d:21:ab:a7:c6:20:3b:45:
48:ba:e4:18:f8:b5:d9:e2:cc:45:55:ec:60:8d:ac:
1f:3a:17:33:aa:56:29:f7:81:3a:fb:72:bb:e2:d9:
e9:55:b1:a9:de:08:92:c7:ef:2a:03:53:26:dc:97:
82:85:12:f3:9f:d9:9d:72:95:70:44:8e:ce:23:a7:
9f:53:42:d5:e4:da:61:d5:ef:17:64:e8:49:b9:f5:
cf:b1:17:4a:33:27:2c:4a:78:32:ce:f4:ec:ab:e2:
7c:ea:58:d1:a3:9d:9a:75:41:60:06:c7:3b:ed:82:
92:4c:ee:ad:b9:6e:36:dc:f2:7a:09:0e:f9:3b:2a:
a3:60:7c:5c:b5:4b:e2:53:ee:b8:e5:db:ba:9b:78:
aa:a6:18:d8:b0:d4:99:29:82:02:ae:79:24:f4:af:
a9:fc:21:45:85:99:fa:71:9b:17:2d:92:33:d8:2a:
b5:55:50:00:4e:79:f3:e0:5d:c2:1c:37:f3:76:58:
a3:bc:01:71:3e:2e:6d:66:5c:61:36:ad:26:c6:a1:
ff:0f:8c:39:9b:1e:ab:84:c4:85:58:14:78:61:6e:
e9:37:83:5e:a9:9a:d2:67:c9:f1:74:d4:d6:37:73:
ad:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C2:FD:03:08:40:43:80:6B:16:B3:B8:B1:5A:30:04:E4:2E:1F:D8
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/dML9AwhAQ4BrFrO4sVowBOQuH9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.40.0/21
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
77.83.228.0/22
147.78.164.0/22
153.92.104.0/21
185.42.112.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a01:60e0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:cd:93:39:a7:c2:91:9f:af:5d:b8:14:cf:ca:d9:1a:29:25:
a5:5d:cd:7b:d7:5f:c3:1b:ab:ea:3e:58:76:be:01:83:72:9b:
6e:55:95:20:d9:67:f9:dc:a7:95:f2:b7:7d:d5:bf:fd:83:40:
d6:40:45:53:78:8d:75:04:5f:59:4f:e2:61:de:37:c4:46:68:
dc:90:78:a3:e0:e3:c9:11:f2:06:ab:b6:cc:55:01:81:6c:6c:
99:f9:7f:a4:d0:ce:16:5e:d0:cb:1e:44:06:dc:b4:01:a2:cc:
07:93:9c:c3:c7:d1:fa:e8:ee:53:23:f5:22:31:a9:3a:3c:08:
8f:35:9b:34:b9:75:78:c6:22:74:12:e7:ea:3b:4d:e4:a3:75:
35:d4:5c:df:97:e4:13:e2:38:c7:07:a3:56:0e:c2:36:b6:66:
e4:5d:49:c7:c3:7a:e4:f9:1b:8f:fa:78:a4:6f:d9:c7:0a:19:
40:70:b5:f6:1d:04:bd:61:f7:8d:b8:35:4c:46:e5:96:5a:a0:
86:dd:f4:ac:e4:d8:b5:dd:72:cf:e9:fd:d0:e0:16:0f:cc:a6:
6b:60:a5:f6:63:23:ee:71:13:2d:fe:ea:c6:d3:21:74:b7:4c:
e8:f2:1e:c2:be:ad:7a:16:89:cf:c4:30:e5:32:c6:b9:ec:31:
ef:47:31:e2
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYv7l1fxN0SqLgrWOJGVdoMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjMxMTIzMDk1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGMyZmQwMzA4NDA0MzgwNmIxNmIzYjhiMTVhMzAwNGU0MmUxZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFRr5IDplvKWK4CMiDIcQc4ke2QM
TSGrp8YgO0VIuuQY+LXZ4sxFVexgjawfOhczqlYp94E6+3K74tnpVbGp3giSx+8q
A1Mm3JeChRLzn9mdcpVwRI7OI6efU0LV5Nph1e8XZOhJufXPsRdKMycsSngyzvTs
q+J86ljRo52adUFgBsc77YKSTO6tuW423PJ6CQ75OyqjYHxctUviU+645du6m3iq
phjYsNSZKYICrnkk9K+p/CFFhZn6cZsXLZIz2Cq1VVAATnnz4F3CHDfzdlijvAFx
Pi5tZlxhNq0mxqH/D4w5mx6rhMSFWBR4YW7pN4NeqZrSZ8nxdNTWN3OtNQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFHTC/QMIQEOAaxazuLFaMATkLh/YMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvZE1MOUF3aEFRNEJyRnJPNHNWb3dCT1F1SDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBIBAIAATBCAwQDHwso
AwQCLZcQAwQCLZ34AwQCPsCMAwQCTVPkAwQCk06kAwQDmVxoAwQCuSpwAwQCuWJA
AwQCwZRQAwQC1eJIMDcEAgACMDEDBQAqAHqgAwUAKgFg4AMFACoJJsADBQAqCUOA
AwUAKgp5gAMFACoN5sADBQAqDw0AMA0GCSqGSIb3DQEBCwUAA4IBAQALzZM5p8KR
n69duBTPytkaKSWlXc1711/DG6vqPlh2vgGDcptuVZUg2Wf53KeV8rd91b/9g0DW
QEVTeI11BF9ZT+Jh3jfERmjckHij4OPJEfIGq7bMVQGBbGyZ+X+k0M4WXtDLHkQG
3LQBoswHk5zDx9H66O5TI/UiMak6PAiPNZs0uXV4xiJ0EufqO03ko3U11Fzfl+QT
4jjHB6NWDsI2tmbkXUnHw3rk+RuP+nikb9nHChlAcLX2HQS9YfeNuDVMRuWWWqCG
3fSs5Ni13XLP6f3Q4BYPzKZrYKX2YyPucRMt/urG0yF0t0zo8h7Cvq16FonPxDDl
Msa57DHvRzHi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:18 2025 by rpki-client