Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/mryz0LpPDOhtYI5mIrJ8lKqswHg.roa
File: mryz0LpPDOhtYI5mIrJ8lKqswHg.roa (raw, json)
Hash identifier: gQWI+F8A+EwBvpdd7aXHxepKY2qdoAGGzWxOfI4apoI=
Subject key identifier: 9A:BC:B3:D0:BA:4F:0C:E8:6D:60:8E:66:22:B2:7C:94:AA:AC:C0:78
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 01BBB938
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/mryz0LpPDOhtYI5mIrJ8lKqswHg.roa
Signing time: Sat 01 Jan 2022 09:55:05 +0000
ROA not before: Sat 01 Jan 2022 09:55:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 45.157.72.0/23 maxlen: 23
194.5.0.0/22 maxlen: 22
141.98.240.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29079864 (0x1bbb938)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 1 09:55:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9abcb3d0ba4f0ce86d608e6622b27c94aaacc078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b7:58:85:ff:b4:ac:e1:9e:63:2f:ed:c5:43:
22:35:ce:4e:60:8d:1a:b7:c5:d6:d7:89:5d:7f:ce:
ae:03:a3:d3:9f:d0:aa:ad:8f:e6:9d:62:92:31:26:
31:5f:fe:67:67:fe:72:69:01:cb:6c:9c:bb:56:5a:
66:bb:b6:85:8b:b2:2b:83:e3:13:04:10:1f:6f:97:
98:94:aa:2e:ad:6c:b2:13:56:5e:36:39:d1:f2:6f:
35:75:01:4d:bc:cb:87:b9:41:a6:55:59:6f:42:5a:
67:64:ea:6b:60:b1:e4:94:b9:0b:da:c5:2c:63:aa:
f9:c4:9b:be:cb:f6:67:7b:cc:06:e5:f5:be:c2:6f:
ff:cc:f8:d7:04:af:40:86:ea:a5:4c:ce:c3:37:5b:
8c:43:93:59:20:37:f1:90:9f:11:0b:88:fe:fd:5c:
bb:b1:65:58:fe:93:ff:7e:0c:a8:4a:b1:21:a6:48:
6c:0e:84:9a:79:3f:c9:4c:48:23:23:6a:38:77:21:
6e:45:e9:cb:b5:66:30:84:8f:e5:3d:10:9e:f6:58:
aa:13:66:02:ff:9b:9e:55:1d:29:51:37:7b:af:a0:
8e:d7:c2:79:d8:8a:8a:7e:db:9f:59:f5:de:4a:5c:
ca:a7:d2:dc:6e:67:40:89:e3:c1:ad:71:fe:70:1f:
4b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BC:B3:D0:BA:4F:0C:E8:6D:60:8E:66:22:B2:7C:94:AA:AC:C0:78
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/mryz0LpPDOhtYI5mIrJ8lKqswHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.72.0/23
141.98.240.0/23
193.31.72.0/23
194.5.0.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:10:cc:82:18:5d:8f:f4:7a:23:3e:ee:e0:4e:03:47:00:20:
a2:8d:84:a0:f6:37:b2:a4:63:46:4d:5d:5c:b0:5e:8a:31:4d:
19:59:d1:a9:90:ce:dd:15:05:dc:8a:50:c6:80:02:cb:4f:5c:
29:c2:e9:e3:34:b4:1a:73:f4:e0:ca:1c:e9:c5:2d:9f:48:90:
2a:bb:0e:e7:e8:04:9b:b4:45:af:51:ea:0c:bd:e4:50:58:0a:
5a:62:6d:42:63:cd:02:a4:4f:65:3c:06:9b:18:75:f5:28:09:
07:02:08:00:1e:ee:fd:52:d8:0f:d1:1c:ae:09:ab:79:7b:7c:
01:80:c2:8b:04:68:26:0b:f9:54:19:bd:3e:72:2a:8f:6a:a7:
b5:de:7e:d0:7b:9b:08:29:4e:29:38:95:93:d0:9d:a3:d0:1a:
94:89:1a:14:aa:1c:55:58:78:31:22:6c:f5:11:87:fb:7a:7f:
b7:80:10:6f:d8:58:42:81:b0:69:76:88:f6:4b:33:81:31:3a:
83:a6:98:93:4b:10:cb:b2:27:40:b6:d0:b4:72:7c:98:61:a0:
1f:6f:5c:14:d6:99:5b:a5:dc:d9:d0:d3:09:e3:34:0a:71:63:
33:94:dd:ad:1b:eb:41:39:24:48:51:53:0d:30:87:4b:9e:8f:
b3:0e:d5:51
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAbu5ODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDEw
MTA5NTUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFiY2IzZDBiYTRm
MGNlODZkNjA4ZTY2MjJiMjdjOTRhYWFjYzA3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe3WIX/tKzhnmMv7cVDIjXOTmCNGrfF1teJXX/OrgOj05/Q
qq2P5p1ikjEmMV/+Z2f+cmkBy2ycu1ZaZru2hYuyK4PjEwQQH2+XmJSqLq1sshNW
XjY50fJvNXUBTbzLh7lBplVZb0JaZ2Tqa2Cx5JS5C9rFLGOq+cSbvsv2Z3vMBuX1
vsJv/8z41wSvQIbqpUzOwzdbjEOTWSA38ZCfEQuI/v1cu7FlWP6T/34MqEqxIaZI
bA6Emnk/yUxIIyNqOHchbkXpy7VmMISP5T0QnvZYqhNmAv+bnlUdKVE3e6+gjtfC
ediKin7bn1n13kpcyqfS3G5nQInjwa1x/nAfS5ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSavLPQuk8M6G1gjmYisnyUqqzAeDAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
L21yeXowTHBQRE9odFlJNW1Jcko4bEtxc3dIZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAS2dSAMEAY1i8AMEAcEfSAMEAsIF
ADANBgkqhkiG9w0BAQsFAAOCAQEAqhDMghhdj/R6Iz7u4E4DRwAgoo2EoPY3sqRj
Rk1dXLBeijFNGVnRqZDO3RUF3IpQxoACy09cKcLp4zS0GnP04Moc6cUtn0iQKrsO
5+gEm7RFr1HqDL3kUFgKWmJtQmPNAqRPZTwGmxh19SgJBwIIAB7u/VLYD9Ecrgmr
eXt8AYDCiwRoJgv5VBm9PnIqj2qntd5+0HubCClOKTiVk9Cdo9AalIkaFKocVVh4
MSJs9RGH+3p/t4AQb9hYQoGwaXaI9kszgTE6g6aYk0sQy7InQLbQtHJ8mGGgH29c
FNaZW6Xc2dDTCeM0CnFjM5TdrRvrQTkkSFFTDTCHS56Psw7VUQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:56 2025 by rpki-client