Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/618399-c53b-4cf2-930e-63eebe0325ec/1/MCM9bhPIjSKETDhDKfYtmlRHBAY.roa
File: MCM9bhPIjSKETDhDKfYtmlRHBAY.roa (raw, json)
Hash identifier: f/ElfkVgal+eZqP5to90bydTFNhOVqIWmE4NOGugSVQ=
Subject key identifier: 30:23:3D:6E:13:C8:8D:22:84:4C:38:43:29:F6:2D:9A:54:47:04:06
Certificate issuer: /CN=19fb56adc9071d5e9fda2b669438b92bf863e58f
Certificate serial: 018805BCA6A8976F5FB317965F1750509913
Authority key identifier: 19:FB:56:AD:C9:07:1D:5E:9F:DA:2B:66:94:38:B9:2B:F8:63:E5:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GftWrckHHV6f2itmlDi5K_hj5Y8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/618399-c53b-4cf2-930e-63eebe0325ec/1/MCM9bhPIjSKETDhDKfYtmlRHBAY.roa
Signing time: Wed 10 May 2023 12:57:09 +0000
ROA not before: Wed 10 May 2023 12:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33988
IP address blocks: 194.150.190.0/23 maxlen: 24
2001:67c:14c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:bc:a6:a8:97:6f:5f:b3:17:96:5f:17:50:50:99:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19fb56adc9071d5e9fda2b669438b92bf863e58f
Validity
Not Before: May 10 12:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30233d6e13c88d22844c384329f62d9a54470406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:be:7e:74:cb:cc:8d:79:32:bd:3e:f0:d2:83:
b3:20:05:2b:35:df:43:36:aa:ec:1a:36:11:33:09:
71:e0:3e:96:ba:82:48:fd:93:c1:46:2e:28:05:77:
91:39:a8:3e:5e:d8:53:31:cc:7b:9b:a4:c0:0a:6f:
cb:8d:53:46:66:c6:3b:9c:46:13:96:01:bf:0d:7e:
cc:f2:1d:5d:f0:0b:f7:74:6e:87:ff:00:85:4d:c9:
ea:f3:ec:aa:b3:56:5c:56:98:d1:70:fe:05:cc:6d:
81:60:eb:b2:dd:b8:71:44:70:4d:f3:5f:80:b6:c7:
5c:89:4b:a9:9a:44:f7:1b:62:92:37:6e:39:86:7b:
a1:1d:c1:0c:0d:21:59:09:f0:b9:e4:11:8d:64:1c:
b5:39:bb:d9:7f:cd:19:65:ce:3b:c1:99:7f:6b:91:
85:0a:77:23:28:e3:da:5b:7a:aa:c2:51:a9:24:9c:
a0:a5:0d:3d:a1:38:e2:4a:4e:44:1d:10:3e:19:3e:
f0:ff:2b:7a:b8:78:9e:cb:20:6c:fc:15:0a:42:9f:
59:57:7e:34:a8:c2:df:a3:8f:17:6a:37:08:c7:eb:
83:c2:d6:f6:c4:8e:6d:70:44:66:dd:5f:59:d7:63:
0e:6a:dd:e8:44:b2:78:8f:af:cc:e4:18:18:df:a6:
ec:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:23:3D:6E:13:C8:8D:22:84:4C:38:43:29:F6:2D:9A:54:47:04:06
X509v3 Authority Key Identifier:
keyid:19:FB:56:AD:C9:07:1D:5E:9F:DA:2B:66:94:38:B9:2B:F8:63:E5:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GftWrckHHV6f2itmlDi5K_hj5Y8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/618399-c53b-4cf2-930e-63eebe0325ec/1/MCM9bhPIjSKETDhDKfYtmlRHBAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/618399-c53b-4cf2-930e-63eebe0325ec/1/GftWrckHHV6f2itmlDi5K_hj5Y8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.190.0/23
IPv6:
2001:67c:14c::/48
Signature Algorithm: sha256WithRSAEncryption
9c:e2:3c:8d:13:22:a4:e7:3f:50:94:9e:fa:bc:c1:ac:61:ae:
c5:80:6e:66:e8:36:22:c7:79:fe:77:4e:75:21:d4:f0:ae:87:
4e:dd:ec:87:79:f9:3b:88:39:6d:48:ec:fc:d5:8e:e6:dd:85:
cc:b4:8d:a7:d7:61:ad:85:71:69:c9:68:28:4f:fa:a3:9e:04:
f3:c8:cc:fc:c8:43:09:a8:80:da:1e:be:bc:a8:5e:f2:50:c7:
51:a5:f9:7b:06:ee:1a:4a:f7:7d:8b:99:e7:16:19:1e:c4:6e:
01:41:e9:85:3d:2a:97:ab:8a:b5:81:ed:09:a0:bc:48:be:e1:
14:66:b2:9d:43:ef:ba:3a:1b:12:a5:f6:d8:c7:21:88:86:98:
07:56:61:fb:5b:2b:75:a3:31:67:8d:bc:77:13:e6:4c:d7:a5:
08:81:9a:c2:8f:2b:45:b3:ee:a9:2c:84:73:79:a5:c6:d7:33:
ca:4f:ad:b4:b8:4d:86:bd:1a:b0:db:2a:22:7b:99:4f:ae:ff:
d4:15:1e:b0:34:ca:71:c7:41:1d:c2:e8:8d:95:8c:c8:81:08:
84:67:6f:67:cd:55:60:0e:2e:32:85:c5:70:11:15:50:40:ff:
9c:ee:e3:4f:88:e0:7b:ae:28:bb:03:73:05:b4:dc:fa:c8:13:
22:3f:e2:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgFvKaol29fsxeWXxdQUJkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmI1NmFkYzkwNzFkNWU5ZmRhMmI2Njk0MzhiOTJiZjg2
M2U1OGYwHhcNMjMwNTEwMTI1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDIzM2Q2ZTEzYzg4ZDIyODQ0YzM4NDMyOWY2MmQ5YTU0NDcwNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu75+dMvMjXkyvT7w0oOzIAUrNd9D
NqrsGjYRMwlx4D6WuoJI/ZPBRi4oBXeROag+XthTMcx7m6TACm/LjVNGZsY7nEYT
lgG/DX7M8h1d8Av3dG6H/wCFTcnq8+yqs1ZcVpjRcP4FzG2BYOuy3bhxRHBN81+A
tsdciUupmkT3G2KSN245hnuhHcEMDSFZCfC55BGNZBy1ObvZf80ZZc47wZl/a5GF
CncjKOPaW3qqwlGpJJygpQ09oTjiSk5EHRA+GT7w/yt6uHieyyBs/BUKQp9ZV340
qMLfo48XajcIx+uDwtb2xI5tcERm3V9Z12MOat3oRLJ4j6/M5BgY36bs2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDAjPW4TyI0ihEw4Qyn2LZpURwQGMB8GA1UdIwQY
MBaAFBn7Vq3JBx1en9orZpQ4uSv4Y+WPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2Z0V3Jja0hIVjZmMml0bWxEaTVLX2hqNVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82MTgzOTktYzUzYi00Y2YyLTkzMGUt
NjNlZWJlMDMyNWVjLzEvTUNNOWJoUElqU0tFVERoREtmWXRtbFJIQkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82MTgzOTktYzUzYi00Y2YyLTkzMGUtNjNlZWJlMDMyNWVj
LzEvR2Z0V3Jja0hIVjZmMml0bWxEaTVLX2hqNVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwpa+MA8E
AgACMAkDBwAgAQZ8AUwwDQYJKoZIhvcNAQELBQADggEBAJziPI0TIqTnP1CUnvq8
waxhrsWAbmboNiLHef53TnUh1PCuh07d7Id5+TuIOW1I7PzVjubdhcy0jafXYa2F
cWnJaChP+qOeBPPIzPzIQwmogNoevryoXvJQx1Gl+XsG7hpK932LmecWGR7EbgFB
6YU9KperirWB7QmgvEi+4RRmsp1D77o6GxKl9tjHIYiGmAdWYftbK3WjMWeNvHcT
5kzXpQiBmsKPK0Wz7qkshHN5pcbXM8pPrbS4TYa9GrDbKiJ7mU+u/9QVHrA0ynHH
QR3C6I2VjMiBCIRnb2fNVWAOLjKFxXARFVBA/5zu40+I4HuuKLsDcwW03PrIEyI/
4qI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:41 2025 by rpki-client