Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/36d642-5643-454f-b5c0-990777c357e3/1/mZqfjBpjxqmUm6_7eifUbUN1yKY.roa
File: mZqfjBpjxqmUm6_7eifUbUN1yKY.roa (raw, json)
Hash identifier: uHsp63vYcqYaq+IiNyvmcHAxgGraazFEWN4VT8sDs4o=
Subject key identifier: 99:9A:9F:8C:1A:63:C6:A9:94:9B:AF:FB:7A:27:D4:6D:43:75:C8:A6
Certificate issuer: /CN=ef7cca8aa3f178b999a46e5ff4fa7daf9f9f2e6f
Certificate serial: 07716483
Authority key identifier: EF:7C:CA:8A:A3:F1:78:B9:99:A4:6E:5F:F4:FA:7D:AF:9F:9F:2E:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73zKiqPxeLmZpG5f9Pp9r5-fLm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/36d642-5643-454f-b5c0-990777c357e3/1/mZqfjBpjxqmUm6_7eifUbUN1yKY.roa
Signing time: Sat 01 Jan 2022 09:55:33 +0000
ROA not before: Sat 01 Jan 2022 09:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 89.251.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124871811 (0x7716483)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7cca8aa3f178b999a46e5ff4fa7daf9f9f2e6f
Validity
Not Before: Jan 1 09:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=999a9f8c1a63c6a9949baffb7a27d46d4375c8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:40:74:e5:26:b6:e9:f8:02:e4:9e:b4:c7:02:
16:dd:a2:aa:a3:5d:6b:0c:2f:76:14:8b:0d:08:f2:
b4:65:cc:b0:19:14:fd:f0:b0:29:69:0e:1b:05:80:
bb:6e:2e:bf:29:f6:57:28:d3:85:f2:b1:85:4b:5f:
6d:ec:19:a8:2f:d7:66:ee:66:c2:d2:88:48:fe:8d:
22:26:e5:54:c2:65:ab:a2:dd:28:cc:dd:9e:24:0b:
4c:7b:de:6c:90:20:d9:1d:fb:a6:16:15:68:b2:ef:
4d:47:76:e4:66:ae:57:7e:4b:a4:de:b8:d6:5f:08:
fa:2b:a6:4c:a1:9c:5b:24:d0:13:00:51:12:3f:90:
8c:80:f4:af:b4:f0:6f:0d:9c:90:5d:77:ba:f6:bb:
3d:f4:70:7d:4a:be:91:a0:00:42:11:4c:d7:43:b8:
d4:3f:40:74:97:e4:87:6a:47:68:fc:20:f6:d9:d9:
c2:f5:51:2d:ed:06:91:df:9e:08:16:df:f1:be:3c:
75:8b:8d:bb:f5:41:dc:43:ea:84:eb:98:e6:12:fe:
51:de:85:b2:ce:e3:8f:4a:2d:5d:c8:f1:28:c9:db:
f0:b1:5c:e9:0b:12:6b:78:47:54:33:87:d9:5f:aa:
7c:c5:88:ed:63:ef:2f:f9:48:09:3f:6a:48:26:4c:
d1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9A:9F:8C:1A:63:C6:A9:94:9B:AF:FB:7A:27:D4:6D:43:75:C8:A6
X509v3 Authority Key Identifier:
keyid:EF:7C:CA:8A:A3:F1:78:B9:99:A4:6E:5F:F4:FA:7D:AF:9F:9F:2E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73zKiqPxeLmZpG5f9Pp9r5-fLm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/36d642-5643-454f-b5c0-990777c357e3/1/mZqfjBpjxqmUm6_7eifUbUN1yKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/36d642-5643-454f-b5c0-990777c357e3/1/73zKiqPxeLmZpG5f9Pp9r5-fLm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:da:93:48:2f:cb:78:0a:54:1a:02:5f:04:8a:31:9a:4e:b2:
9f:26:05:bc:0e:2f:80:e3:bf:ce:b7:0a:09:4a:4b:bb:95:8b:
d7:3c:7c:15:97:dc:ad:eb:4e:e8:42:66:5c:e7:b6:0b:eb:7f:
6e:e6:1c:bb:cc:d9:b7:b6:44:a9:76:8b:fb:a1:15:56:ad:ac:
4a:89:9d:6c:e6:5d:c3:33:27:66:46:ae:21:3a:04:d1:38:f3:
94:d5:7f:d4:63:89:48:56:86:30:76:3e:91:8a:2f:81:d2:d3:
38:c7:33:8a:78:b5:87:ab:58:a8:93:3a:27:13:08:a0:1f:29:
07:4f:a9:db:3d:d8:e4:c7:ea:f3:ba:1f:1d:c9:b5:2c:60:a2:
7c:0e:1c:1e:5c:df:f2:74:4d:cb:6e:71:9e:02:0e:a8:23:b1:
9d:53:c8:d5:c8:3f:4f:bc:50:c5:30:4f:c2:f5:eb:73:d8:65:
70:b8:81:3a:07:92:bb:da:17:e5:52:c4:ec:0c:69:33:b0:f3:
cc:63:6c:50:55:0d:95:fc:0e:72:3f:44:a9:fa:02:70:78:36:
72:ca:0b:fb:a8:01:ec:63:7f:94:d2:32:3f:cf:be:66:ff:b6:
6e:19:c4:6f:28:f0:a8:15:da:d5:81:b4:00:ce:96:cc:de:ce:
fd:ba:4d:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB3FkgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjdjY2E4YWEzZjE3OGI5OTlhNDZlNWZmNGZhN2RhZjlmOWYyZTZmMB4XDTIyMDEw
MTA5NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk5YTlmOGMxYTYz
YzZhOTk0OWJhZmZiN2EyN2Q0NmQ0Mzc1YzhhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtAdOUmtun4AuSetMcCFt2iqqNdawwvdhSLDQjytGXMsBkU
/fCwKWkOGwWAu24uvyn2VyjThfKxhUtfbewZqC/XZu5mwtKISP6NIiblVMJlq6Ld
KMzdniQLTHvebJAg2R37phYVaLLvTUd25GauV35LpN641l8I+iumTKGcWyTQEwBR
Ej+QjID0r7Twbw2ckF13uva7PfRwfUq+kaAAQhFM10O41D9AdJfkh2pHaPwg9tnZ
wvVRLe0Gkd+eCBbf8b48dYuNu/VB3EPqhOuY5hL+Ud6Fss7jj0otXcjxKMnb8LFc
6QsSa3hHVDOH2V+qfMWI7WPvL/lICT9qSCZM0ZECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZmp+MGmPGqZSbr/t6J9RtQ3XIpjAfBgNVHSMEGDAWgBTvfMqKo/F4uZmk
bl/0+n2vn58ubzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzczektpcVB4ZUxtWnBHNWY5UHA5cjUtZkxtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvMzZkNjQyLTU2NDMtNDU0Zi1iNWMwLTk5MDc3N2MzNTdlMy8x
L21acWZqQnBqeHFtVW02XzdlaWZVYlVOMXlLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
MzZkNjQyLTU2NDMtNDU0Zi1iNWMwLTk5MDc3N2MzNTdlMy8xLzczektpcVB4ZUxt
WnBHNWY5UHA5cjUtZkxtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFn7DDANBgkqhkiG9w0BAQsFAAOC
AQEAT9qTSC/LeApUGgJfBIoxmk6ynyYFvA4vgOO/zrcKCUpLu5WL1zx8FZfcretO
6EJmXOe2C+t/buYcu8zZt7ZEqXaL+6EVVq2sSomdbOZdwzMnZkauIToE0TjzlNV/
1GOJSFaGMHY+kYovgdLTOMczini1h6tYqJM6JxMIoB8pB0+p2z3Y5Mfq87ofHcm1
LGCifA4cHlzf8nRNy25xngIOqCOxnVPI1cg/T7xQxTBPwvXrc9hlcLiBOgeSu9oX
5VLE7AxpM7DzzGNsUFUNlfwOcj9EqfoCcHg2csoL+6gB7GN/lNIyP8++Zv+2bhnE
byjwqBXa1YG0AM6WzN7O/bpNkg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:47 2025 by rpki-client