Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/MPFcLmnGa7q3OriBQ8gmFBjGEhQ.roa
File: MPFcLmnGa7q3OriBQ8gmFBjGEhQ.roa (raw, json)
Hash identifier: vjcXGoSDiUY9WiLcUw92o1u3ZcjQCT7m2ImkBY2hK1s=
Subject key identifier: 30:F1:5C:2E:69:C6:6B:BA:B7:3A:B8:81:43:C8:26:14:18:C6:12:14
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 018A1746196141A3DE84C445DA61A6F06AFC
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/MPFcLmnGa7q3OriBQ8gmFBjGEhQ.roa
Signing time: Mon 21 Aug 2023 08:46:24 +0000
ROA not before: Mon 21 Aug 2023 08:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 212.24.176.0/24 maxlen: 24
91.82.105.0/24 maxlen: 24
213.253.215.0/24 maxlen: 24
81.0.120.0/24 maxlen: 24
195.184.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:46:19:61:41:a3:de:84:c4:45:da:61:a6:f0:6a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Aug 21 08:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f15c2e69c66bbab73ab88143c8261418c61214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d4:53:63:09:f2:16:1d:3a:d3:b6:df:64:d3:
54:65:1f:ee:03:d0:4e:53:d8:5e:9b:cd:9a:65:7c:
36:5f:b6:0e:55:34:17:c1:c1:10:ac:19:23:7b:05:
83:79:e2:08:6b:a6:53:c6:e5:b3:28:4a:c4:e1:e4:
63:35:90:17:4f:17:ec:a2:b0:b7:d7:3a:54:6d:4f:
49:f7:f7:1e:fa:5b:b0:e1:66:10:6d:a7:6d:3e:4a:
47:c3:7f:49:f5:92:20:3e:12:32:71:74:c2:f3:b3:
d4:19:ee:96:05:2a:44:17:5c:ef:27:66:d2:79:1b:
46:d7:20:98:1a:30:fd:1e:e5:b8:40:fa:09:d9:5b:
43:38:6c:12:16:ce:7e:69:e8:80:87:5e:5a:df:94:
3e:5b:a6:f4:fa:b4:d4:ed:30:d5:c2:c2:0d:c9:5f:
c0:f1:7b:7e:90:1a:bf:a3:13:21:ce:73:12:fe:a4:
97:fd:9f:ac:4c:09:86:3d:e0:c3:f5:1c:27:88:79:
e3:1e:b6:68:72:6e:0b:80:c8:44:fd:a4:17:c5:39:
29:0d:2b:d4:61:e1:31:03:56:09:39:7b:69:0b:21:
49:50:75:73:2e:65:88:1e:aa:46:a6:cf:42:6c:39:
3d:92:aa:bd:19:e5:5c:11:23:fd:4a:df:15:d1:99:
65:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F1:5C:2E:69:C6:6B:BA:B7:3A:B8:81:43:C8:26:14:18:C6:12:14
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/MPFcLmnGa7q3OriBQ8gmFBjGEhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.0.120.0/24
91.82.105.0/24
195.184.27.0/24
212.24.176.0/24
213.253.215.0/24
Signature Algorithm: sha256WithRSAEncryption
04:a2:fe:f1:0f:9e:6a:59:15:7c:6c:19:92:be:6c:ce:e4:e3:
98:67:52:48:9a:35:c1:8b:b9:75:97:f6:cc:e8:5f:45:54:d9:
ab:82:e0:53:6d:6b:34:8c:a3:ee:75:12:e0:9a:9a:e6:f2:ab:
89:6c:d9:7d:58:95:bb:b8:f3:95:09:95:aa:b8:02:99:53:68:
27:ac:07:7f:e9:47:1e:87:20:28:f9:03:b7:4e:42:7c:fd:62:
bc:be:03:db:5d:d7:5f:53:33:d0:14:44:4e:5c:28:e4:ae:a7:
31:33:68:08:9a:2e:79:f5:72:de:f2:38:47:58:60:83:6a:ae:
e9:61:1e:6d:3b:56:77:4a:ac:bf:c7:df:07:90:68:45:b3:37:
32:d2:c5:e4:e8:58:09:9e:1d:d0:14:be:d2:c9:6f:7f:a1:25:
d7:3e:1e:25:af:d3:7f:44:c4:56:d0:d4:21:eb:dc:39:5e:f3:
07:92:9d:18:c7:08:1b:53:33:b6:18:a3:ab:2e:36:1d:82:8f:
e4:47:44:cd:26:64:74:de:24:0e:22:9b:c0:5a:95:b6:f3:c0:
f5:95:75:f3:ba:d9:ff:ad:a8:83:44:61:ed:34:fa:26:ab:e0:
89:8a:52:61:3c:7d:ca:2c:da:ef:d6:85:ee:af:71:1d:77:21:
13:75:cb:44
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoXRhlhQaPehMRF2mGm8Gr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjMwODIxMDg0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGYxNWMyZTY5YzY2YmJhYjczYWI4ODE0M2M4MjYxNDE4YzYxMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9RTYwnyFh0607bfZNNUZR/uA9BO
U9hem82aZXw2X7YOVTQXwcEQrBkjewWDeeIIa6ZTxuWzKErE4eRjNZAXTxfsorC3
1zpUbU9J9/ce+luw4WYQbadtPkpHw39J9ZIgPhIycXTC87PUGe6WBSpEF1zvJ2bS
eRtG1yCYGjD9HuW4QPoJ2VtDOGwSFs5+aeiAh15a35Q+W6b0+rTU7TDVwsINyV/A
8Xt+kBq/oxMhznMS/qSX/Z+sTAmGPeDD9RwniHnjHrZocm4LgMhE/aQXxTkpDSvU
YeExA1YJOXtpCyFJUHVzLmWIHqpGps9CbDk9kqq9GeVcESP9St8V0ZllzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDDxXC5pxmu6tzq4gUPIJhQYxhIUMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvTVBGY0xtbkdhN3EzT3JpQlE4Z21GQmpHRWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUQB4AwQA
W1JpAwQAw7gbAwQA1BiwAwQA1f3XMA0GCSqGSIb3DQEBCwUAA4IBAQAEov7xD55q
WRV8bBmSvmzO5OOYZ1JImjXBi7l1l/bM6F9FVNmrguBTbWs0jKPudRLgmprm8quJ
bNl9WJW7uPOVCZWquAKZU2gnrAd/6UcehyAo+QO3TkJ8/WK8vgPbXddfUzPQFERO
XCjkrqcxM2gImi559XLe8jhHWGCDaq7pYR5tO1Z3Sqy/x98HkGhFszcy0sXk6FgJ
nh3QFL7SyW9/oSXXPh4lr9N/RMRW0NQh69w5XvMHkp0YxwgbUzO2GKOrLjYdgo/k
R0TNJmR03iQOIpvAWpW288D1lXXzutn/raiDRGHtNPomq+CJilJhPH3KLNrv1oXu
r3EddyETdctE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:55 2025 by rpki-client