Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/mgsZ7HSEgZR7IHRWt1YTqYcpVH0.roa
File: mgsZ7HSEgZR7IHRWt1YTqYcpVH0.roa (raw, json)
Hash identifier: CGVJzxLpgw1fXSF39+pNwFhpovZJMdlQT9RApCMgu3A=
Subject key identifier: 9A:0B:19:EC:74:84:81:94:7B:20:74:56:B7:56:13:A9:87:29:54:7D
Certificate issuer: /CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Certificate serial: 018B27B2772A1B434E76A6E79908D6364F4D
Authority key identifier: 30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/mgsZ7HSEgZR7IHRWt1YTqYcpVH0.roa
Signing time: Fri 13 Oct 2023 06:21:29 +0000
ROA not before: Fri 13 Oct 2023 06:21:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212148
IP address blocks: 91.212.156.0/24 maxlen: 24
2a07:b280::/29 maxlen: 29
2a07:b280:200::/40 maxlen: 40
2a07:b280:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:b2:77:2a:1b:43:4e:76:a6:e7:99:08:d6:36:4f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Validity
Not Before: Oct 13 06:21:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a0b19ec748481947b207456b75613a98729547d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:24:c2:3c:13:81:81:80:52:5e:b3:80:9f:
dd:60:9f:de:32:9d:73:ee:bc:db:78:ae:cd:a8:76:
bd:34:42:eb:d4:a8:96:9a:30:52:68:77:e1:14:c0:
3d:92:89:64:eb:f3:fa:8f:65:5f:81:88:61:0f:dd:
32:dc:0d:53:2d:96:da:37:7c:c3:be:ba:65:04:64:
2d:35:95:5c:c3:b9:9e:97:fd:6a:4c:f2:3e:99:e5:
04:d6:be:7e:d6:ec:18:b8:91:ec:9d:9f:b4:e8:a8:
f8:52:37:a4:a6:79:13:e1:4a:6e:45:95:d4:fb:86:
d7:08:c2:82:88:c4:dc:5a:2c:97:41:75:de:eb:fb:
bd:40:a0:a9:5c:8d:c3:6b:df:8a:9c:7d:1d:b7:b5:
b8:13:61:d4:b9:14:7b:4e:65:d7:28:d8:a9:9e:66:
43:fb:38:27:96:ee:ad:14:ed:e8:1d:bd:0f:12:71:
2b:e4:72:a5:30:e6:a0:bb:01:14:ab:d6:0a:e4:7b:
50:5d:94:ce:c0:b1:41:8b:0c:c3:b6:cd:80:ea:24:
93:20:37:1d:d4:a5:22:0c:09:15:8a:a1:13:d0:ad:
8b:5f:28:4b:50:08:c4:0f:a3:b8:d5:06:82:17:38:
44:d4:3e:54:0a:4f:a5:54:da:02:91:56:2c:6c:73:
2b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0B:19:EC:74:84:81:94:7B:20:74:56:B7:56:13:A9:87:29:54:7D
X509v3 Authority Key Identifier:
keyid:30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/mgsZ7HSEgZR7IHRWt1YTqYcpVH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.156.0/24
IPv6:
2a07:b280::/29
Signature Algorithm: sha256WithRSAEncryption
a9:7c:c8:cb:48:80:b3:00:0b:a9:5e:45:9c:d1:62:71:2a:a1:
de:88:6a:b8:28:3e:4f:ae:64:46:cd:4f:48:d3:31:ae:31:fe:
bd:e8:4d:4b:7e:17:40:df:2a:59:cf:ea:02:e1:c6:9e:db:40:
25:5b:fa:79:6a:60:01:bf:ea:1a:1c:54:7a:0f:45:33:7d:37:
6d:d2:14:99:cb:91:69:7a:37:4a:f3:11:20:2e:89:25:66:a2:
2a:64:11:56:02:a9:43:f9:66:97:ba:0f:4d:b6:ae:7c:70:68:
48:37:16:86:37:9b:92:43:b5:11:03:48:8f:4d:45:46:2d:0f:
e2:a9:85:79:97:80:12:a5:9b:76:41:34:79:78:56:ef:9b:97:
a0:11:b4:1a:2f:42:d5:03:5d:5e:b5:73:e2:a4:c2:6b:76:a7:
c1:96:2a:82:6f:61:cf:0a:74:3d:ce:a4:c0:a1:af:e6:ea:40:
17:11:e3:a1:f8:c6:fd:fe:5c:14:fa:c0:5c:98:5e:16:04:fe:
e0:b4:12:4f:b2:d8:7b:50:b7:18:7d:33:6e:78:48:9b:06:1f:
37:60:c3:c8:78:30:00:14:e7:d3:a6:b5:b7:70:f6:c8:cc:ed:
8f:5d:81:a6:1b:38:db:b6:05:69:7f:c1:b0:bb:09:4d:99:96:
ac:99:4d:9c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsnsncqG0NOdqbnmQjWNk9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMWE2NDg3MjVlZTI2YTQ2MGNiOWIxY2JjZDljOWM4MzJj
NDQ5YWYwHhcNMjMxMDEzMDYyMTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTBiMTllYzc0ODQ4MTk0N2IyMDc0NTZiNzU2MTNhOTg3Mjk1NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE8kwjwTgYGAUl6zgJ/dYJ/eMp1z
7rzbeK7NqHa9NELr1KiWmjBSaHfhFMA9kolk6/P6j2VfgYhhD90y3A1TLZbaN3zD
vrplBGQtNZVcw7mel/1qTPI+meUE1r5+1uwYuJHsnZ+06Kj4UjekpnkT4UpuRZXU
+4bXCMKCiMTcWiyXQXXe6/u9QKCpXI3Da9+KnH0dt7W4E2HUuRR7TmXXKNipnmZD
+zgnlu6tFO3oHb0PEnEr5HKlMOaguwEUq9YK5HtQXZTOwLFBiwzDts2A6iSTIDcd
1KUiDAkViqET0K2LXyhLUAjED6O41QaCFzhE1D5UCk+lVNoCkVYsbHMrIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJoLGex0hIGUeyB0VrdWE6mHKVR9MB8GA1UdIwQY
MBaAFDAaZIcl7iakYMubHLzZycgyxEmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzIt
YTViMmQwOWUwNWNmLzEvbWdzWjdIU0VnWlI3SUhSV3QxWVRxWWNwVkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzItYTViMmQwOWUwNWNm
LzEvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9ScMA0E
AgACMAcDBQMqB7KAMA0GCSqGSIb3DQEBCwUAA4IBAQCpfMjLSICzAAupXkWc0WJx
KqHeiGq4KD5PrmRGzU9I0zGuMf696E1LfhdA3ypZz+oC4cae20AlW/p5amABv+oa
HFR6D0UzfTdt0hSZy5FpejdK8xEgLoklZqIqZBFWAqlD+WaXug9Ntq58cGhINxaG
N5uSQ7URA0iPTUVGLQ/iqYV5l4ASpZt2QTR5eFbvm5egEbQaL0LVA11etXPipMJr
dqfBliqCb2HPCnQ9zqTAoa/m6kAXEeOh+Mb9/lwU+sBcmF4WBP7gtBJPsth7ULcY
fTNueEibBh83YMPIeDAAFOfTprW3cPbIzO2PXYGmGzjbtgVpf8GwuwlNmZasmU2c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:52 2025 by rpki-client