Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/McU_IWksWmaTWoqK7gEUrrf5rVI.roa
File: McU_IWksWmaTWoqK7gEUrrf5rVI.roa (raw, json)
Hash identifier: 8qCUY/qZJ4WVd/I/hUsefZ61RBbuMUxl9T/q5u3+k0o=
Subject key identifier: 31:C5:3F:21:69:2C:5A:66:93:5A:8A:8A:EE:01:14:AE:B7:F9:AD:52
Certificate issuer: /CN=5157c87d111c8050fd5c9ac2b06be62323675033
Certificate serial: 018997BAC21A4E3BDD87D876ED43BBCBBA31
Authority key identifier: 51:57:C8:7D:11:1C:80:50:FD:5C:9A:C2:B0:6B:E6:23:23:67:50:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UVfIfREcgFD9XJrCsGvmIyNnUDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/McU_IWksWmaTWoqK7gEUrrf5rVI.roa
Signing time: Thu 27 Jul 2023 14:22:26 +0000
ROA not before: Thu 27 Jul 2023 14:22:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58082
IP address blocks: 109.233.128.0/22 maxlen: 24
109.233.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:ba:c2:1a:4e:3b:dd:87:d8:76:ed:43:bb:cb:ba:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5157c87d111c8050fd5c9ac2b06be62323675033
Validity
Not Before: Jul 27 14:22:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31c53f21692c5a66935a8a8aee0114aeb7f9ad52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2e:10:2c:88:11:92:00:62:4d:92:64:d4:66:
6b:bb:7f:6a:35:da:07:7b:02:f1:c5:87:3f:b9:35:
e3:5c:3e:a7:dd:e9:12:40:64:9e:db:f0:0f:ab:89:
f0:4e:08:2f:0e:bd:ec:b1:42:8a:2b:d9:d3:d3:8d:
f5:67:7f:2d:93:0d:c6:4d:7e:75:51:90:12:dc:02:
97:a5:3c:a3:76:e2:37:2b:63:88:fb:1b:3f:07:3a:
73:40:30:96:1c:83:e4:8d:4c:9a:94:49:c4:9f:87:
58:7d:2c:0b:89:e5:28:8c:78:43:e1:c0:f3:c5:fe:
d9:9f:7d:97:73:ca:ae:6f:df:5a:4b:e7:2a:27:ea:
34:7a:58:c8:78:27:e7:1e:1d:46:b3:a5:a3:4f:3c:
d7:43:f7:62:36:00:f2:0e:b0:ef:5e:3c:ff:78:0d:
7a:8c:a5:0d:dc:ac:fe:7a:bb:18:5a:05:92:cf:8e:
1e:b5:96:b9:a5:0c:97:7e:e2:55:d6:bb:77:02:3d:
ce:86:c0:7f:9f:94:be:10:22:ab:96:8f:c3:4e:72:
31:95:de:71:55:d4:81:46:6b:1c:f6:d6:23:c4:0a:
c0:98:32:9e:d3:42:86:90:d8:6e:64:1e:c7:ee:ab:
f6:de:95:9a:0d:a3:5d:47:dd:d1:2c:8b:ab:ff:e5:
e3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C5:3F:21:69:2C:5A:66:93:5A:8A:8A:EE:01:14:AE:B7:F9:AD:52
X509v3 Authority Key Identifier:
keyid:51:57:C8:7D:11:1C:80:50:FD:5C:9A:C2:B0:6B:E6:23:23:67:50:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UVfIfREcgFD9XJrCsGvmIyNnUDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/McU_IWksWmaTWoqK7gEUrrf5rVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/UVfIfREcgFD9XJrCsGvmIyNnUDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.128.0/21
Signature Algorithm: sha256WithRSAEncryption
d9:7a:0c:24:a8:53:40:93:e0:d6:de:75:28:40:00:5b:00:97:
e6:c1:49:49:b7:9c:5e:ea:69:ed:52:7b:26:b4:90:98:dc:6d:
2b:4a:e7:e0:9e:5f:98:a0:02:71:05:a3:5f:05:86:62:67:c5:
0e:c8:85:79:59:6c:70:1b:9a:a9:6f:84:6f:1d:06:4d:35:99:
15:73:87:b0:36:42:f7:8a:6b:d4:1d:0d:3b:2a:15:42:40:d1:
71:d7:85:8e:a5:c3:98:03:15:7f:2e:83:58:ba:0f:6e:58:55:
ba:a2:c7:98:c9:d0:21:cd:d7:98:de:40:86:29:4a:35:10:b4:
20:0e:a1:57:a4:0c:b0:e7:f6:b0:8f:0f:5a:07:4c:39:a7:bf:
4a:8e:1d:17:9a:88:ad:8a:16:70:44:d8:a6:f1:18:02:74:5d:
94:6f:16:f8:1b:84:17:2a:5c:81:5e:29:60:20:07:ca:93:9d:
8d:e0:0d:8b:c2:84:cf:10:b6:0b:16:28:3e:ef:e0:66:71:ae:
7f:af:f3:06:17:12:ed:0b:79:c7:f6:ea:d6:72:15:b3:be:3f:
68:37:7c:93:00:76:0a:10:e8:97:ef:9e:0d:67:05:79:c7:3e:
35:97:65:91:13:2d:74:42:24:f6:64:3f:41:dc:3a:fd:bf:fa:
f5:40:34:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmXusIaTjvdh9h27UO7y7oxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNTdjODdkMTExYzgwNTBmZDVjOWFjMmIwNmJlNjIzMjM2
NzUwMzMwHhcNMjMwNzI3MTQyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM1M2YyMTY5MmM1YTY2OTM1YThhOGFlZTAxMTRhZWI3ZjlhZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC4QLIgRkgBiTZJk1GZru39qNdoH
ewLxxYc/uTXjXD6n3ekSQGSe2/APq4nwTggvDr3ssUKKK9nT0431Z38tkw3GTX51
UZAS3AKXpTyjduI3K2OI+xs/BzpzQDCWHIPkjUyalEnEn4dYfSwLieUojHhD4cDz
xf7Zn32Xc8qub99aS+cqJ+o0eljIeCfnHh1Gs6WjTzzXQ/diNgDyDrDvXjz/eA16
jKUN3Kz+ersYWgWSz44etZa5pQyXfuJV1rt3Aj3OhsB/n5S+ECKrlo/DTnIxld5x
VdSBRmsc9tYjxArAmDKe00KGkNhuZB7H7qv23pWaDaNdR93RLIur/+Xj1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHFPyFpLFpmk1qKiu4BFK63+a1SMB8GA1UdIwQY
MBaAFFFXyH0RHIBQ/VyawrBr5iMjZ1AzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVZmSWZSRWNnRkQ5WEpyQ3NHdm1JeU5uVURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80ZTdiNWMtMjkwNi00NzhhLThlZjAt
ZDI5NzAxNDg3NTM2LzEvTWNVX0lXa3NXbWFUV29xSzdnRVVycmY1clZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy80ZTdiNWMtMjkwNi00NzhhLThlZjAtZDI5NzAxNDg3NTM2
LzEvVVZmSWZSRWNnRkQ5WEpyQ3NHdm1JeU5uVURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbemAMA0G
CSqGSIb3DQEBCwUAA4IBAQDZegwkqFNAk+DW3nUoQABbAJfmwUlJt5xe6mntUnsm
tJCY3G0rSufgnl+YoAJxBaNfBYZiZ8UOyIV5WWxwG5qpb4RvHQZNNZkVc4ewNkL3
imvUHQ07KhVCQNFx14WOpcOYAxV/LoNYug9uWFW6oseYydAhzdeY3kCGKUo1ELQg
DqFXpAyw5/awjw9aB0w5p79Kjh0XmoitihZwRNim8RgCdF2Ubxb4G4QXKlyBXilg
IAfKk52N4A2LwoTPELYLFig+7+Bmca5/r/MGFxLtC3nH9urWchWzvj9oN3yTAHYK
EOiX754NZwV5xz41l2WREy10QiT2ZD9B3Dr9v/r1QDQ4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:35 2025 by rpki-client