Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/mSaF20uxMfDS3XhLkMEHz-mcDiA.roa
File: mSaF20uxMfDS3XhLkMEHz-mcDiA.roa (raw, json)
Hash identifier: f5s0Ozgg3o7Bk+IBMLDPC4KeGPAatQ8WO7fKD86e+NY=
Subject key identifier: 99:26:85:DB:4B:B1:31:F0:D2:DD:78:4B:90:C1:07:CF:E9:9C:0E:20
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B0260FBF8FBAED4FBD6ED8A58D2EE
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/mSaF20uxMfDS3XhLkMEHz-mcDiA.roa
Signing time: Sun 01 Jan 2023 13:35:04 +0000
ROA not before: Sun 01 Jan 2023 13:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30862
IP address blocks: 194.6.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:02:60:fb:f8:fb:ae:d4:fb:d6:ed:8a:58:d2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=992685db4bb131f0d2dd784b90c107cfe99c0e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7b:57:c8:59:55:93:33:7d:58:d7:c2:47:03:
e0:c6:3e:47:d9:fb:2b:30:27:15:fa:f7:5b:c0:45:
fb:37:ef:c7:1f:3b:39:05:3b:66:59:19:3f:42:f0:
ae:04:10:4c:9d:a7:1c:95:f4:52:ac:28:45:53:07:
76:04:d1:f4:51:7d:d4:9c:54:c4:6a:ea:20:bf:4a:
37:50:b4:2b:5d:81:51:04:fa:f6:cf:bf:f1:d0:f9:
c3:68:48:9a:fe:62:5f:6c:a2:10:a5:bd:00:b9:dc:
58:9a:d9:6b:25:f9:a6:41:5e:7c:e2:2b:a1:fb:3e:
d2:25:71:26:32:aa:7e:db:bf:a3:9b:fd:c2:90:84:
b6:c3:d6:30:5c:34:f1:9d:c8:c5:0d:10:73:f0:19:
4e:fe:3c:45:1b:e7:cd:ca:ad:2d:7a:11:89:4b:cb:
7e:57:21:0f:a3:6d:5f:75:c8:39:e4:a3:41:15:64:
10:70:7f:e8:75:ff:3e:82:80:0a:00:bb:ea:46:9f:
c8:9f:1b:c3:4a:56:58:94:0e:b9:5f:70:46:b5:03:
72:f7:6e:a3:62:a9:21:99:6f:aa:25:9d:98:87:58:
35:35:97:15:b5:52:39:6e:06:28:b1:e7:00:5b:ae:
5d:92:60:fa:28:83:23:fb:ba:5e:b0:db:3e:b1:b6:
81:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:26:85:DB:4B:B1:31:F0:D2:DD:78:4B:90:C1:07:CF:E9:9C:0E:20
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/mSaF20uxMfDS3XhLkMEHz-mcDiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.178.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:29:6e:b0:86:13:21:f8:56:a1:6f:95:f1:27:cc:99:49:b3:
ac:d5:20:cd:94:be:ff:af:17:84:e8:10:b4:62:f0:eb:6e:4e:
65:01:f8:62:78:96:be:0f:52:d7:15:e6:2b:1f:10:52:5f:03:
6e:d8:68:2e:07:78:69:a6:1c:07:ad:30:80:fd:16:32:d9:a9:
f3:a8:75:7e:f8:da:70:51:0b:3d:40:00:23:e7:ee:90:71:41:
27:52:bf:06:b3:d3:80:75:53:00:52:b5:93:66:e4:5e:19:aa:
79:af:eb:a3:88:cd:4a:91:f5:9c:5e:24:a4:36:81:12:fb:e8:
05:84:79:8e:4a:3b:7d:4f:64:da:cd:bd:70:2e:db:91:b4:74:
cb:b2:d2:b0:5d:90:dd:b1:64:3f:48:09:ec:b3:69:4c:47:3a:
0a:0c:7a:18:1a:ee:e3:87:9a:1e:7a:08:f4:68:c1:b8:c9:8a:
8a:10:1a:e4:4f:31:ab:00:98:92:76:81:8b:0b:d5:55:a1:c0:
58:b2:1c:2e:3b:95:b5:f2:81:b5:59:6d:33:f1:a5:bb:aa:14:
bc:d1:8c:15:89:08:e5:58:de:6d:04:62:64:59:40:67:03:b9:
9f:a9:94:a5:4f:c0:05:d1:7b:8d:7b:d9:63:c4:73:c0:a2:64:
f1:ca:b1:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiwJg+/j7rtT71u2KWNLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTI2ODVkYjRiYjEzMWYwZDJkZDc4NGI5MGMxMDdjZmU5OWMwZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHtXyFlVkzN9WNfCRwPgxj5H2fsr
MCcV+vdbwEX7N+/HHzs5BTtmWRk/QvCuBBBMnacclfRSrChFUwd2BNH0UX3UnFTE
auogv0o3ULQrXYFRBPr2z7/x0PnDaEia/mJfbKIQpb0AudxYmtlrJfmmQV584iuh
+z7SJXEmMqp+27+jm/3CkIS2w9YwXDTxncjFDRBz8BlO/jxFG+fNyq0tehGJS8t+
VyEPo21fdcg55KNBFWQQcH/odf8+goAKALvqRp/InxvDSlZYlA65X3BGtQNy926j
YqkhmW+qJZ2Yh1g1NZcVtVI5bgYosecAW65dkmD6KIMj+7pesNs+sbaBPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkmhdtLsTHw0t14S5DBB8/pnA4gMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvbVNhRjIwdXhNZkRTM1hoTGtNRUh6LW1jRGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgayMA0G
CSqGSIb3DQEBCwUAA4IBAQBaKW6whhMh+Fahb5XxJ8yZSbOs1SDNlL7/rxeE6BC0
YvDrbk5lAfhieJa+D1LXFeYrHxBSXwNu2GguB3hpphwHrTCA/RYy2anzqHV++Npw
UQs9QAAj5+6QcUEnUr8Gs9OAdVMAUrWTZuReGap5r+ujiM1KkfWcXiSkNoES++gF
hHmOSjt9T2Tazb1wLtuRtHTLstKwXZDdsWQ/SAnss2lMRzoKDHoYGu7jh5oeegj0
aMG4yYqKEBrkTzGrAJiSdoGLC9VVocBYshwuO5W18oG1WW0z8aW7qhS80YwViQjl
WN5tBGJkWUBnA7mfqZSlT8AF0XuNe9ljxHPAomTxyrHa
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:31 2025 by rpki-client