Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/MwcwPIU86wgH3bIwAXm-XUCG79A.roa
File: MwcwPIU86wgH3bIwAXm-XUCG79A.roa (raw, json)
Hash identifier: SqOC+VYxBT0lrdwRZhwtMwIGCQ7mKLi1qDz01Z59WRk=
Subject key identifier: 33:07:30:3C:85:3C:EB:08:07:DD:B2:30:01:79:BE:5D:40:86:EF:D0
Certificate issuer: /CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Certificate serial: 01856C25AD2E6F074DFB466B7381044B8C34
Authority key identifier: 2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/MwcwPIU86wgH3bIwAXm-XUCG79A.roa
Signing time: Sun 01 Jan 2023 07:04:46 +0000
ROA not before: Sun 01 Jan 2023 07:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44002
IP address blocks: 185.4.200.0/24 maxlen: 24
185.4.201.0/24 maxlen: 24
185.4.202.0/24 maxlen: 24
185.4.203.0/24 maxlen: 24
185.4.200.0/22 maxlen: 22
79.98.79.0/24 maxlen: 24
79.98.76.0/24 maxlen: 24
79.98.77.0/24 maxlen: 24
79.98.78.0/24 maxlen: 24
79.98.72.0/24 maxlen: 24
79.98.73.0/24 maxlen: 24
79.98.74.0/24 maxlen: 24
79.98.75.0/24 maxlen: 24
79.98.72.0/21 maxlen: 21
2a02:970:1028::/48 maxlen: 48
2a02:970:1061::/48 maxlen: 48
2a02:970:1c01::/48 maxlen: 48
2a02:970:1::/48 maxlen: 48
2a02:970:1017::/48 maxlen: 48
2a02:970:1052::/48 maxlen: 48
2a02:970:1192::/48 maxlen: 48
2a02:970:1185::/48 maxlen: 48
2a02:970:1245::/48 maxlen: 48
2a02:970::/32 maxlen: 48
2a02:970:1176::/48 maxlen: 48
2a02:970:1019::/48 maxlen: 48
2a02:970:440::/43 maxlen: 43
2a02:970:470::/48 maxlen: 48
2a02:970:450::/48 maxlen: 48
2a02:970:1366::/48 maxlen: 48
2a02:970:1206::/48 maxlen: 48
2a02:970:1006::/48 maxlen: 48
2a02:970:1446::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:ad:2e:6f:07:4d:fb:46:6b:73:81:04:4b:8c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Validity
Not Before: Jan 1 07:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3307303c853ceb0807ddb2300179be5d4086efd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:f1:2d:b3:de:19:57:88:2e:3d:59:2e:1e:
d6:e7:73:76:8d:a3:69:f2:ea:30:a0:62:4a:8e:b3:
df:af:f8:3a:6b:cf:cc:ad:a5:3d:48:f0:00:19:ad:
d9:b6:a6:d1:aa:24:da:6a:2b:7d:94:8e:06:d3:a1:
a1:1b:5d:87:e1:46:e8:82:de:1e:b5:ad:ba:ac:09:
16:d4:90:92:70:e2:21:a9:f2:5a:0e:7c:a1:95:7e:
95:81:41:88:20:8a:a3:be:c2:f1:5c:fd:f6:f2:e2:
96:e4:f5:65:60:b6:e7:fd:7b:b8:c8:65:f7:05:0e:
c2:2c:7f:1e:92:13:4f:aa:06:46:17:31:4e:bf:4e:
bc:22:0f:c5:f3:1c:f8:39:48:ee:82:1f:f0:4d:c6:
e9:51:25:dc:3a:2a:c5:83:a5:b5:ce:50:72:fe:36:
a3:c4:19:40:91:e0:6b:8c:70:f7:8b:2c:ae:38:31:
f7:ab:79:37:d1:39:91:27:cc:04:2c:9a:f3:09:8c:
a8:a5:54:f4:66:48:cb:58:f0:37:be:61:2d:77:02:
ea:be:17:ee:52:97:db:84:16:ce:ab:e8:fd:36:90:
5d:51:4c:8f:15:65:8b:92:3c:04:d1:8b:69:23:01:
79:13:07:ae:4b:bd:37:95:3f:ba:0f:3c:16:b9:5c:
ec:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:07:30:3C:85:3C:EB:08:07:DD:B2:30:01:79:BE:5D:40:86:EF:D0
X509v3 Authority Key Identifier:
keyid:2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/MwcwPIU86wgH3bIwAXm-XUCG79A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/LwNC4NI-9-BrHf9cxu5PoXr4vZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.72.0/21
185.4.200.0/22
IPv6:
2a02:970::/32
Signature Algorithm: sha256WithRSAEncryption
2d:c3:b7:39:ff:fc:d3:45:2d:89:64:c0:91:dc:e5:b2:7d:94:
97:e3:fb:6c:80:f6:8c:fa:ac:6b:ca:37:aa:e4:f6:43:7b:c4:
66:f1:1d:02:8b:d3:1c:e9:40:f6:21:b6:ca:a6:dc:20:d8:ba:
b2:8d:6f:7d:f6:9c:f0:b0:35:47:b8:9e:82:d7:d3:aa:7b:26:
f5:25:40:56:9e:aa:75:d2:e9:53:3d:5f:32:78:b7:95:57:45:
62:18:4c:ba:e3:34:f4:70:2f:47:3b:9c:1d:93:05:5b:da:d3:
9a:80:e8:84:23:53:78:d6:25:68:49:14:db:b6:0e:2c:57:fe:
ee:5e:3d:8a:15:29:7a:36:9a:e7:72:36:a6:05:8b:28:06:6a:
75:af:b5:50:22:44:ee:69:33:55:14:93:9b:82:bb:c8:fd:6d:
6c:6b:b6:a6:7a:b2:9c:df:a7:ac:9b:17:1e:ba:0f:37:a0:a1:
98:4a:95:a2:40:31:d4:a2:4f:11:15:60:0f:41:9f:53:9a:e6:
6c:ee:ce:b7:36:c8:60:0a:1d:87:da:27:b5:0e:23:b1:e3:06:
ac:be:5c:90:c5:e4:5e:c8:27:5b:d6:56:23:9e:b7:89:42:7a:
da:e0:64:f9:12:4d:aa:39:42:36:72:78:13:d3:ab:c8:ec:e8:
1a:51:cd:81
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsJa0ubwdN+0Zrc4EES4w0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMDM0MmUwZDIzZWY3ZTA2YjFkZmY1Y2M2ZWU0ZmExN2Fm
OGJkOTgwHhcNMjMwMTAxMDcwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA3MzAzYzg1M2NlYjA4MDdkZGIyMzAwMTc5YmU1ZDQwODZlZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhjxLbPeGVeILj1ZLh7W53N2jaNp
8uowoGJKjrPfr/g6a8/MraU9SPAAGa3ZtqbRqiTaait9lI4G06GhG12H4Ubogt4e
ta26rAkW1JCScOIhqfJaDnyhlX6VgUGIIIqjvsLxXP328uKW5PVlYLbn/Xu4yGX3
BQ7CLH8ekhNPqgZGFzFOv068Ig/F8xz4OUjugh/wTcbpUSXcOirFg6W1zlBy/jaj
xBlAkeBrjHD3iyyuODH3q3k30TmRJ8wELJrzCYyopVT0ZkjLWPA3vmEtdwLqvhfu
UpfbhBbOq+j9NpBdUUyPFWWLkjwE0YtpIwF5EweuS703lT+6DzwWuVzsPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDMHMDyFPOsIB92yMAF5vl1Ahu/QMB8GA1UdIwQY
MBaAFC8DQuDSPvfgax3/XMbuT6F6+L2YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2Mt
YzkxMGFmOTNlNDI2LzEvTXdjd1BJVTg2d2dIM2JJd0FYbS1YVUNHNzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2MtYzkxMGFmOTNlNDI2
LzEvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2JIAwQC
uQTIMA0EAgACMAcDBQAqAglwMA0GCSqGSIb3DQEBCwUAA4IBAQAtw7c5//zTRS2J
ZMCR3OWyfZSX4/tsgPaM+qxryjeq5PZDe8Rm8R0Ci9Mc6UD2IbbKptwg2LqyjW99
9pzwsDVHuJ6C19Oqeyb1JUBWnqp10ulTPV8yeLeVV0ViGEy64zT0cC9HO5wdkwVb
2tOagOiEI1N41iVoSRTbtg4sV/7uXj2KFSl6NprncjamBYsoBmp1r7VQIkTuaTNV
FJObgrvI/W1sa7amerKc36esmxceug83oKGYSpWiQDHUok8RFWAPQZ9TmuZs7s63
NshgCh2H2ie1DiOx4wasvlyQxeReyCdb1lYjnreJQnra4GT5Ek2qOUI2cngT06vI
7OgaUc2B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:11 2025 by rpki-client