Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/MYwVWQuZjmcmn6ybYH_9IzY4I-8.roa
File: MYwVWQuZjmcmn6ybYH_9IzY4I-8.roa (raw, json)
Hash identifier: mZkIwRfmdtyAOUUAMKCH1ddve5B8LgLzyakG00Hiask=
Subject key identifier: 31:8C:15:59:0B:99:8E:67:26:9F:AC:9B:60:7F:FD:23:36:38:23:EF
Certificate issuer: /CN=debe517e7475e17c069643910fd6f77b317b8538
Certificate serial: 0188AA55D5EF413516CDDA676AE3E9609F52
Authority key identifier: DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/MYwVWQuZjmcmn6ybYH_9IzY4I-8.roa
Signing time: Sun 11 Jun 2023 12:02:11 +0000
ROA not before: Sun 11 Jun 2023 12:02:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208023
IP address blocks: 193.194.131.0/24 maxlen: 24
193.194.130.0/24 maxlen: 24
193.194.142.0/24 maxlen: 24
193.194.143.0/24 maxlen: 24
2a0f:9d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:aa:55:d5:ef:41:35:16:cd:da:67:6a:e3:e9:60:9f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=debe517e7475e17c069643910fd6f77b317b8538
Validity
Not Before: Jun 11 12:02:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=318c15590b998e67269fac9b607ffd23363823ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:da:b2:ae:3f:7e:82:76:01:20:6a:e7:7e:0c:
10:7d:c8:14:8a:c6:10:25:6c:2a:5b:39:81:21:01:
bf:b6:88:d0:99:1f:ae:f8:95:64:be:84:52:11:61:
46:23:35:91:69:6d:9f:7d:6b:f7:b0:32:6f:71:7e:
77:b3:a6:60:ff:71:dc:52:1e:5b:59:ee:39:c4:5c:
dc:fe:d3:db:f3:84:31:6a:dd:05:cc:21:7b:4e:29:
68:1a:81:aa:ef:14:fc:3c:e7:8f:63:21:91:a1:6b:
64:58:82:99:e7:3b:2a:3e:89:de:e1:ce:3d:f0:e2:
45:35:a3:40:26:5e:0a:23:ef:3b:0b:d6:4a:fb:b3:
61:52:39:93:9e:98:e6:cb:5e:ca:19:4f:54:7e:83:
cc:08:6a:38:11:5e:ed:66:c8:0a:0c:e4:de:e2:6e:
80:f9:01:6b:fb:d9:5e:b0:0d:60:2b:31:a2:2c:65:
31:5c:21:ce:39:e6:be:43:9b:0e:a6:62:fd:42:d2:
8c:83:be:75:7e:05:47:0c:fa:d0:f3:c0:c9:6c:b1:
63:1e:68:ee:69:39:aa:7c:a7:9e:85:84:bd:55:51:
43:a8:27:97:d0:ee:41:59:82:4b:bc:ae:97:8b:80:
42:84:bc:e4:95:c1:ad:88:24:f0:ac:1c:fd:d6:00:
01:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8C:15:59:0B:99:8E:67:26:9F:AC:9B:60:7F:FD:23:36:38:23:EF
X509v3 Authority Key Identifier:
keyid:DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/MYwVWQuZjmcmn6ybYH_9IzY4I-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.130.0/23
193.194.142.0/23
IPv6:
2a0f:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
07:63:a2:99:9e:18:5e:2d:d5:1d:82:66:da:ec:e5:45:68:71:
78:82:c9:fa:81:65:9f:a4:6f:ba:e6:a5:de:15:1f:5b:94:76:
08:e2:5b:dd:db:4d:50:01:62:4a:9f:f3:b8:38:75:28:fd:a3:
e9:09:f4:74:b5:32:93:31:a3:9f:b5:47:8f:54:69:00:9b:e5:
8c:85:66:84:02:c7:e6:ed:65:09:0c:36:82:c6:5a:6d:fd:0b:
f3:42:89:c4:ef:f1:23:8d:86:0d:89:94:24:c5:1f:3d:cb:7d:
4e:28:d7:89:74:04:fd:2e:2d:db:5d:36:7f:75:78:d5:76:bc:
5b:df:35:0e:5c:63:66:ae:15:e1:33:6b:a3:9a:38:c0:af:cf:
46:1c:96:49:e8:b3:37:83:bd:0f:af:e9:a7:5d:4b:f9:66:0a:
a4:8b:1e:ca:7d:54:40:7a:2b:e0:65:1e:5c:e0:92:26:a8:8a:
d3:70:2d:9e:24:e0:42:2b:76:82:64:90:c2:28:c7:08:55:24:
1a:ea:bd:d0:89:03:4c:49:3d:27:71:46:c7:9e:f6:46:9e:65:
d1:a6:04:f1:b4:de:1e:0a:0c:2e:41:61:0e:ef:a8:a7:2a:9d:
aa:00:db:7b:7a:8e:6e:87:e9:42:72:ec:66:1f:36:eb:32:89:
a5:6e:46:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYiqVdXvQTUWzdpnauPpYJ9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmU1MTdlNzQ3NWUxN2MwNjk2NDM5MTBmZDZmNzdiMzE3
Yjg1MzgwHhcNMjMwNjExMTIwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMThjMTU1OTBiOTk4ZTY3MjY5ZmFjOWI2MDdmZmQyMzM2MzgyM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9qyrj9+gnYBIGrnfgwQfcgUisYQ
JWwqWzmBIQG/tojQmR+u+JVkvoRSEWFGIzWRaW2ffWv3sDJvcX53s6Zg/3HcUh5b
We45xFzc/tPb84Qxat0FzCF7TiloGoGq7xT8POePYyGRoWtkWIKZ5zsqPone4c49
8OJFNaNAJl4KI+87C9ZK+7NhUjmTnpjmy17KGU9UfoPMCGo4EV7tZsgKDOTe4m6A
+QFr+9lesA1gKzGiLGUxXCHOOea+Q5sOpmL9QtKMg751fgVHDPrQ88DJbLFjHmju
aTmqfKeehYS9VVFDqCeX0O5BWYJLvK6Xi4BChLzklcGtiCTwrBz91gABxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDGMFVkLmY5nJp+sm2B//SM2OCPvMB8GA1UdIwQY
MBaAFN6+UX50deF8BpZDkQ/W93sxe4U4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAt
ODlmNWM0ZjMyOTcwLzEvTVl3VldRdVpqbWNtbjZ5YllIXzlJelk0SS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAtODlmNWM0ZjMyOTcw
LzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwcKCAwQB
wcKOMA0EAgACMAcDBQMqD51AMA0GCSqGSIb3DQEBCwUAA4IBAQAHY6KZnhheLdUd
gmba7OVFaHF4gsn6gWWfpG+65qXeFR9blHYI4lvd201QAWJKn/O4OHUo/aPpCfR0
tTKTMaOftUePVGkAm+WMhWaEAsfm7WUJDDaCxlpt/QvzQonE7/EjjYYNiZQkxR89
y31OKNeJdAT9Li3bXTZ/dXjVdrxb3zUOXGNmrhXhM2ujmjjAr89GHJZJ6LM3g70P
r+mnXUv5Zgqkix7KfVRAeivgZR5c4JImqIrTcC2eJOBCK3aCZJDCKMcIVSQa6r3Q
iQNMST0ncUbHnvZGnmXRpgTxtN4eCgwuQWEO76inKp2qANt7eo5uh+lCcuxmHzbr
Momlbkav
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:24 2025 by rpki-client