Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/MSYIEg0pRA4FrBNh9I8_7iptCeI.roa
File: MSYIEg0pRA4FrBNh9I8_7iptCeI.roa (raw, json)
Hash identifier: 39/Pgi1Ahrn1UXVYkKkfIhvOA95MLTpmup5m5Y0MNFw=
Subject key identifier: 31:26:08:12:0D:29:44:0E:05:AC:13:61:F4:8F:3F:EE:2A:6D:09:E2
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA71914B8757CD4BA5300822E623A2
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/MSYIEg0pRA4FrBNh9I8_7iptCeI.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15694
IP address blocks: 194.145.228.0/24 maxlen: 24
195.167.150.0/24 maxlen: 24
195.167.158.0/24 maxlen: 24
195.167.155.0/24 maxlen: 24
206.252.224.0/19 maxlen: 19
217.17.32.0/20 maxlen: 20
206.252.250.0/24 maxlen: 24
212.91.4.0/22 maxlen: 22
217.149.240.0/20 maxlen: 20
212.91.10.0/24 maxlen: 24
212.91.11.0/24 maxlen: 24
212.91.16.0/20 maxlen: 20
212.91.14.0/24 maxlen: 24
212.91.13.0/24 maxlen: 24
212.91.12.0/24 maxlen: 24
77.79.210.0/24 maxlen: 24
77.79.221.0/24 maxlen: 24
195.167.144.0/20 maxlen: 20
85.232.224.0/19 maxlen: 19
46.229.144.0/20 maxlen: 20
213.189.32.0/19 maxlen: 19
213.189.42.0/24 maxlen: 24
213.189.50.0/24 maxlen: 24
85.232.254.0/24 maxlen: 24
77.79.192.0/18 maxlen: 18
2001:1a68:2e::/48 maxlen: 48
2001:1a68:18::/48 maxlen: 48
2001:1a68:0:13::/64 maxlen: 64
2001:1a68::/32 maxlen: 32
2001:1a68:0:1d::/64 maxlen: 64
2001:1a68:0:21::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:71:91:4b:87:57:cd:4b:a5:30:08:22:e6:23:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=312608120d29440e05ac1361f48f3fee2a6d09e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:51:d4:04:7a:ec:38:3c:60:cf:4c:22:b7:
17:94:ec:5f:35:bf:fe:5e:fd:6b:35:96:1d:e2:01:
db:80:e7:93:f6:eb:85:01:4c:7b:30:55:f8:61:00:
3f:80:28:cc:cf:4f:e3:9d:23:ea:35:fe:86:89:84:
a7:14:9a:e8:99:15:77:b1:8b:3d:67:a4:46:7f:13:
64:34:20:2a:b5:35:6a:dd:4c:cf:df:ae:21:cf:9e:
c5:f6:f2:4d:75:b0:f1:b5:16:77:b1:ab:57:67:ed:
80:17:92:45:f1:41:9d:08:d9:d6:92:cc:80:bd:54:
19:30:5e:d1:c0:76:5c:61:41:11:0d:f4:c6:21:cc:
38:55:27:84:45:1b:96:15:54:fa:81:c5:1c:21:c4:
31:7f:ed:c3:70:1b:15:fa:57:5c:9e:b9:44:b0:1f:
a3:7f:51:e4:25:83:fc:bc:75:cf:8e:83:41:4e:a1:
71:f9:f9:46:3a:8c:70:b2:6c:f5:89:bf:7b:e0:66:
ce:74:24:58:4f:e4:bd:2d:87:a7:ad:75:39:da:1b:
dc:d1:bc:7c:9e:65:68:de:2f:41:9c:d9:f3:6a:14:
dd:49:94:59:48:be:88:26:66:af:7e:b0:32:ae:1a:
e0:1c:1f:1d:dd:e3:45:cb:aa:80:b8:62:20:46:e6:
a6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:26:08:12:0D:29:44:0E:05:AC:13:61:F4:8F:3F:EE:2A:6D:09:E2
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/MSYIEg0pRA4FrBNh9I8_7iptCeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.144.0/20
77.79.192.0/18
85.232.224.0/19
194.145.228.0/24
195.167.144.0/20
206.252.224.0/19
212.91.4.0/22
212.91.10.0-212.91.14.255
212.91.16.0/20
213.189.32.0/19
217.17.32.0/20
217.149.240.0/20
IPv6:
2001:1a68::/32
Signature Algorithm: sha256WithRSAEncryption
10:e7:6c:09:3b:49:76:c0:e2:a3:ff:62:db:44:72:e9:15:ec:
62:94:b6:10:c9:9d:d3:7c:00:d6:83:99:0c:6f:74:80:d1:01:
12:8d:59:fd:77:c4:40:d8:54:62:85:39:2a:35:58:a2:2b:e3:
2b:8d:86:95:11:e6:b4:4f:a2:ce:76:cc:60:f4:83:34:6b:75:
6c:d6:f1:a4:05:d1:db:e4:51:e4:7e:03:39:ca:85:e8:08:41:
d1:ae:62:e8:39:43:75:67:32:58:51:0a:79:b9:49:4c:8c:f9:
db:db:7b:25:b8:07:0b:fe:2a:85:a4:29:c2:06:e2:fa:51:df:
61:a9:43:fe:f3:2d:7c:d1:ab:a8:7a:99:ea:b8:62:53:46:3b:
68:42:41:48:79:50:b3:11:e4:7b:cf:67:fb:0a:c9:c7:8e:a8:
cc:c1:a1:fc:6c:a3:fc:6d:82:e9:d4:c8:37:b6:40:58:dc:94:
d9:b3:4e:43:3d:85:36:02:5e:1b:3f:0f:18:57:55:cb:74:29:
4c:d0:48:6c:c9:9d:e9:a1:ac:1e:c0:8e:40:ad:cf:ce:aa:07:
ab:1c:f2:68:d6:e0:c7:de:12:86:4f:39:63:3c:90:a0:29:46:
3f:fc:0f:99:0e:c4:01:3b:13:c3:b4:9b:19:9e:32:13:50:a2:
63:9c:d7:70
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYVyunGRS4dXzUulMAgi5iOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI2MDgxMjBkMjk0NDBlMDVhYzEzNjFmNDhmM2ZlZTJhNmQwOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtNR1AR67Dg8YM9MIrcXlOxfNb/+
Xv1rNZYd4gHbgOeT9uuFAUx7MFX4YQA/gCjMz0/jnSPqNf6GiYSnFJromRV3sYs9
Z6RGfxNkNCAqtTVq3UzP364hz57F9vJNdbDxtRZ3satXZ+2AF5JF8UGdCNnWksyA
vVQZMF7RwHZcYUERDfTGIcw4VSeERRuWFVT6gcUcIcQxf+3DcBsV+ldcnrlEsB+j
f1HkJYP8vHXPjoNBTqFx+flGOoxwsmz1ib974GbOdCRYT+S9LYenrXU52hvc0bx8
nmVo3i9BnNnzahTdSZRZSL6IJmavfrAyrhrgHB8d3eNFy6qAuGIgRuamOQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFDEmCBINKUQOBawTYfSPP+4qbQniMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvTVNZSUVnMHBSQTRGckJOaDlJOF83aXB0Q2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQELuWQAwQG
TU/AAwQFVejgAwQAwpHkAwQEw6eQAwQFzvzgAwQC1FsEMAwDBAHUWwoDBADUWw4D
BATUWxADBAXVvSADBATZESADBATZlfAwDQQCAAIwBwMFACABGmgwDQYJKoZIhvcN
AQELBQADggEBABDnbAk7SXbA4qP/YttEcukV7GKUthDJndN8ANaDmQxvdIDRARKN
Wf13xEDYVGKFOSo1WKIr4yuNhpUR5rRPos52zGD0gzRrdWzW8aQF0dvkUeR+AznK
hegIQdGuYug5Q3VnMlhRCnm5SUyM+dvbeyW4Bwv+KoWkKcIG4vpR32GpQ/7zLXzR
q6h6meq4YlNGO2hCQUh5ULMR5HvPZ/sKyceOqMzBofxso/xtgunUyDe2QFjclNmz
TkM9hTYCXhs/DxhXVct0KUzQSGzJnemhrB7AjkCtz86qB6sc8mjW4MfeEoZPOWM8
kKApRj/8D5kOxAE7E8O0mxmeMhNQomOc13A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:12 2025 by rpki-client