Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/MPmY5qS05SV2fIwMfEx1ichJywU.roa
File: MPmY5qS05SV2fIwMfEx1ichJywU.roa (raw, json)
Hash identifier: 5oyY0f317tOuPXy5AiWIhchm6O6U1w/yt6UVfwPjv5k=
Subject key identifier: 30:F9:98:E6:A4:B4:E5:25:76:7C:8C:0C:7C:4C:75:89:C8:49:CB:05
Certificate issuer: /CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Certificate serial: 01857039A275AD0C803B21479F51026AC10E
Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/MPmY5qS05SV2fIwMfEx1ichJywU.roa
Signing time: Mon 02 Jan 2023 02:05:03 +0000
ROA not before: Mon 02 Jan 2023 02:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.26.192.0/23 maxlen: 23
131.234.0.0/16 maxlen: 16
192.26.176.0/20 maxlen: 20
192.26.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a2:75:ad:0c:80:3b:21:47:9f:51:02:6a:c1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Validity
Not Before: Jan 2 02:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f998e6a4b4e525767c8c0c7c4c7589c849cb05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:a0:b7:11:6e:dd:c4:ca:e2:36:b4:85:95:
d4:c1:7d:d4:b1:85:d8:9d:a7:e6:91:36:56:a8:75:
ff:e7:9f:e2:dd:3c:20:da:74:54:cb:c0:68:d4:e0:
6d:28:73:62:33:6d:11:53:2b:a3:dd:65:d1:28:94:
a6:0f:b6:36:ad:5a:29:74:c4:7b:26:03:88:8d:4c:
e0:8f:07:a4:d3:06:ca:16:f1:eb:12:1d:16:9d:87:
4f:ad:19:b2:74:2a:82:ee:df:b8:29:8d:cd:f2:eb:
a4:95:d8:33:38:5a:6f:9d:2e:86:99:5b:8a:33:ed:
21:e4:fd:25:a7:71:84:13:df:64:96:ec:01:0c:ca:
fb:34:49:88:f4:83:41:66:5d:c9:90:d6:e8:20:f3:
e4:93:54:88:ee:f1:bb:c4:80:8a:b4:ef:36:5f:06:
10:21:19:b8:2c:91:1c:64:a8:de:1d:c7:69:38:af:
09:8b:e9:b1:91:18:70:e2:5c:0b:68:5e:c0:c2:dd:
eb:26:8b:ff:6e:44:d1:07:0b:b7:56:26:cd:fe:5a:
a9:72:f9:f4:d6:89:20:be:d4:eb:a2:50:92:4d:fb:
07:06:e7:57:6e:4f:a3:f9:7d:e4:70:1a:58:ff:91:
41:96:3d:f3:3b:7b:6e:92:97:a9:3f:c6:17:12:7a:
3c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F9:98:E6:A4:B4:E5:25:76:7C:8C:0C:7C:4C:75:89:C8:49:CB:05
X509v3 Authority Key Identifier:
keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/MPmY5qS05SV2fIwMfEx1ichJywU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.234.0.0/16
192.26.174.0-192.26.193.255
Signature Algorithm: sha256WithRSAEncryption
87:d1:5a:9b:e4:96:92:3a:3d:df:6f:76:cf:04:e6:f6:06:10:
d0:a3:fb:49:74:b7:ed:a2:ef:42:ea:c2:67:d8:b6:e6:f8:bf:
56:14:7c:50:b7:52:e9:c1:4b:06:39:aa:f4:34:f3:06:dd:55:
79:e0:f3:f7:9e:5f:05:49:d0:36:84:e0:89:2b:7a:4c:e7:c6:
3d:99:fd:7b:c5:b0:14:dd:8d:33:c7:a7:7b:63:f5:5b:2d:0e:
d3:0e:1b:58:4e:8a:e2:da:d8:a8:31:43:d2:fa:db:26:70:7e:
c9:28:57:50:7d:a0:79:86:ec:2a:e8:2a:d6:1c:a4:b4:0a:7a:
94:e7:b8:b8:6b:51:76:53:1c:ba:5b:bb:ef:e7:cd:00:e1:9e:
d6:de:3c:18:c6:21:4c:bb:d1:a2:89:0c:91:f5:c5:f2:51:47:
2a:15:66:e3:79:ce:d8:ae:15:c7:c5:5e:ec:49:85:95:75:07:
36:cf:74:40:45:19:8e:36:c4:a9:07:0f:11:42:d3:e8:ba:cf:
f4:f3:84:46:61:c0:46:50:11:c9:3b:f4:50:f4:e2:c8:7b:1c:
fb:37:67:db:a3:ff:c3:25:2e:f9:9f:bd:b6:dc:a4:5e:03:ce:
d3:ab:77:af:15:1c:9b:c8:c4:82:f8:84:de:a5:dc:87:11:42:
39:53:34:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVwOaJ1rQyAOyFHn1ECasEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDRlYWY4ZGIxM2VmNDMzY2Y5ODIyOWQyMzJkMzMwYTVm
NWUyNTYwHhcNMjMwMTAyMDIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY5OThlNmE0YjRlNTI1NzY3YzhjMGM3YzRjNzU4OWM4NDljYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSigtxFu3cTK4ja0hZXUwX3UsYXY
nafmkTZWqHX/55/i3Twg2nRUy8Bo1OBtKHNiM20RUyuj3WXRKJSmD7Y2rVopdMR7
JgOIjUzgjwek0wbKFvHrEh0WnYdPrRmydCqC7t+4KY3N8uukldgzOFpvnS6GmVuK
M+0h5P0lp3GEE99kluwBDMr7NEmI9INBZl3JkNboIPPkk1SI7vG7xICKtO82XwYQ
IRm4LJEcZKjeHcdpOK8Ji+mxkRhw4lwLaF7Awt3rJov/bkTRBwu3VibN/lqpcvn0
1okgvtTrolCSTfsHBudXbk+j+X3kcBpY/5FBlj3zO3tukpepP8YXEno8LwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDD5mOaktOUldnyMDHxMdYnIScsFMB8GA1UdIwQY
MBaAFLIE6vjbE+9DPPmCKdIy0zCl9eJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAt
MjUwMTdlYzk0MDk1LzEvTVBtWTVxUzA1U1YyZkl3TWZFeDFpY2hKeXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAtMjUwMTdlYzk0MDk1
LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAg+owDAME
AcAargMEAcAawDANBgkqhkiG9w0BAQsFAAOCAQEAh9Fam+SWkjo93292zwTm9gYQ
0KP7SXS37aLvQurCZ9i25vi/VhR8ULdS6cFLBjmq9DTzBt1VeeDz955fBUnQNoTg
iSt6TOfGPZn9e8WwFN2NM8ene2P1Wy0O0w4bWE6K4trYqDFD0vrbJnB+yShXUH2g
eYbsKugq1hyktAp6lOe4uGtRdlMculu77+fNAOGe1t48GMYhTLvRookMkfXF8lFH
KhVm43nO2K4Vx8Ve7EmFlXUHNs90QEUZjjbEqQcPEULT6LrP9POERmHARlARyTv0
UPTiyHsc+zdn26P/wyUu+Z+9ttykXgPO06t3rxUcm8jEgviE3qXchxFCOVM08A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:12 2025 by rpki-client