Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mgEnNvfaJfebbEdOWVHWpp9Qfjg.roa
File: mgEnNvfaJfebbEdOWVHWpp9Qfjg.roa (raw, json)
Hash identifier: LOuMNdjIHIvv704TbsvFZtRS4VELKCY2qUo0Row/gw4=
Subject key identifier: 9A:01:27:36:F7:DA:25:F7:9B:6C:47:4E:59:51:D6:A6:9F:50:7E:38
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018C46A5F369A02F1E3776F80C3E6C226AC1
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mgEnNvfaJfebbEdOWVHWpp9Qfjg.roa
Signing time: Thu 07 Dec 2023 23:38:50 +0000
ROA not before: Thu 07 Dec 2023 23:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 95.164.176.0/20 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.160.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:46:a5:f3:69:a0:2f:1e:37:76:f8:0c:3e:6c:22:6a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 7 23:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a012736f7da25f79b6c474e5951d6a69f507e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:68:20:b2:79:92:fc:6e:ea:31:11:7d:93:60:
6b:d2:34:5d:78:ee:7a:fb:39:f1:f9:dc:c9:2b:58:
01:7c:fe:8e:e0:a5:b4:b0:a2:e1:aa:7f:a0:40:5c:
d1:0d:24:ac:a0:b9:16:c2:1f:81:df:68:88:6d:c0:
56:2d:f3:ad:b6:99:11:1a:82:e7:55:36:83:be:94:
fc:87:21:97:de:f5:ec:1b:f1:ee:04:07:6c:ec:cb:
b2:83:cf:ef:95:7c:02:be:2d:62:f5:7f:e9:6d:e4:
38:6e:e9:0b:5f:07:3b:10:ff:1b:a0:09:53:41:d1:
1d:6d:87:2a:81:b6:df:43:50:37:99:c3:b4:df:15:
cd:4e:f4:7f:80:16:fc:42:75:33:40:f7:d9:4b:fb:
6a:ae:02:ec:94:aa:e7:64:4d:6f:c1:c2:3f:a4:e4:
1a:e0:28:6d:5a:56:9c:56:f6:de:ea:5d:75:16:aa:
eb:5f:18:d3:14:7c:8f:5d:92:04:7d:1a:b1:0a:53:
cf:57:e2:0c:a6:d8:40:0d:af:ef:c8:80:31:1a:62:
ba:13:4f:9c:72:a9:f5:19:6f:fd:76:46:ce:64:d5:
ec:16:17:df:07:75:d3:ce:71:80:f9:bf:81:8f:a7:
dd:1b:54:b2:1b:65:ef:39:39:e2:74:6a:13:a3:6c:
d1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:01:27:36:F7:DA:25:F7:9B:6C:47:4E:59:51:D6:A6:9F:50:7E:38
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mgEnNvfaJfebbEdOWVHWpp9Qfjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.128.0-94.131.160.255
94.131.165.0/24
94.131.170.0/24
94.131.172.0/24
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
09:95:b9:6a:17:14:ed:25:e0:bf:78:7a:e0:d0:ad:02:93:46:
90:8c:f8:c2:97:50:7b:91:9c:a5:e7:fe:b7:85:df:3b:27:fe:
a4:84:74:89:ae:c3:75:07:33:5d:4c:1f:42:3e:5b:b0:9c:ac:
f2:d9:97:ac:dc:9a:55:bb:82:79:ba:99:d1:cf:90:e8:82:c8:
a6:f6:a1:dd:a3:dd:21:78:55:dc:05:8d:d3:e5:5e:46:4b:a4:
8c:4c:4b:77:c3:c3:c3:08:2a:65:28:7e:78:9f:73:3d:a0:92:
f3:df:cf:56:4c:be:7c:67:96:4e:d2:64:df:d5:46:02:de:0f:
ee:34:af:1c:9c:4c:29:50:6b:b1:bd:44:70:15:d7:5e:30:ac:
97:19:db:3f:10:d0:a7:fb:35:57:2c:46:e1:a5:b0:96:c9:5e:
62:b6:ec:58:2f:9a:13:2d:3e:25:9c:fa:16:e5:b8:10:4d:02:
a3:8d:8c:58:6e:4b:96:9e:af:8f:97:7e:6f:f1:99:5d:50:0e:
92:ef:f8:6f:a0:5f:16:b7:16:8e:0d:83:d8:32:db:3f:10:10:
b9:c4:d2:0a:f0:03:dc:66:c3:19:76:d2:f8:ef:f5:bf:19:09:
a6:0d:0e:bc:3a:4a:c2:4f:17:73:de:ac:fa:c4:46:51:c0:d7:
96:d1:8d:67
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYxGpfNpoC8eN3b4DD5sImrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMjA3MjMzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAxMjczNmY3ZGEyNWY3OWI2YzQ3NGU1OTUxZDZhNjlmNTA3ZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGggsnmS/G7qMRF9k2Br0jRdeO56
+znx+dzJK1gBfP6O4KW0sKLhqn+gQFzRDSSsoLkWwh+B32iIbcBWLfOttpkRGoLn
VTaDvpT8hyGX3vXsG/HuBAds7Muyg8/vlXwCvi1i9X/pbeQ4bukLXwc7EP8boAlT
QdEdbYcqgbbfQ1A3mcO03xXNTvR/gBb8QnUzQPfZS/tqrgLslKrnZE1vwcI/pOQa
4ChtWlacVvbe6l11FqrrXxjTFHyPXZIEfRqxClPPV+IMpthADa/vyIAxGmK6E0+c
cqn1GW/9dkbOZNXsFhffB3XTznGA+b+Bj6fdG1SyG2XvOTnidGoTo2zRxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJoBJzb32iX3m2xHTllR1qafUH44MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbWdFbk52ZmFKZmViYkVkT1dWSFdwcDlRZmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdeg4AD
BABeg6ADBABeg6UDBABeg6oDBABeg6wDBARfpLAwDQYJKoZIhvcNAQELBQADggEB
AAmVuWoXFO0l4L94euDQrQKTRpCM+MKXUHuRnKXn/reF3zsn/qSEdImuw3UHM11M
H0I+W7CcrPLZl6zcmlW7gnm6mdHPkOiCyKb2od2j3SF4VdwFjdPlXkZLpIxMS3fD
w8MIKmUofnifcz2gkvPfz1ZMvnxnlk7SZN/VRgLeD+40rxycTClQa7G9RHAV114w
rJcZ2z8Q0Kf7NVcsRuGlsJbJXmK27FgvmhMtPiWc+hbluBBNAqONjFhuS5aer4+X
fm/xmV1QDpLv+G+gXxa3Fo4Ng9gy2z8QELnE0grwA9xmwxl20vjv9b8ZCaYNDrw6
SsJPF3PerPrERlHA15bRjWc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:12 2025 by rpki-client