Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/mPz_ZxOaOMvaQrXYgKdKGt0sILo.roa
File: mPz_ZxOaOMvaQrXYgKdKGt0sILo.roa (raw, json)
Hash identifier: 345MtMbwdKqEckE/5/K6gLLy9GtY6A3Tlu5T6p5P+LE=
Subject key identifier: 98:FC:FF:67:13:9A:38:CB:DA:42:B5:D8:80:A7:4A:1A:DD:2C:20:BA
Certificate issuer: /CN=78b1dbe2faf2a6e7dfa574ce55190963015f1c53
Certificate serial: 018B359E1A56A6185F188D682ACE21579EE6
Authority key identifier: 78:B1:DB:E2:FA:F2:A6:E7:DF:A5:74:CE:55:19:09:63:01:5F:1C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eLHb4vrypuffpXTOVRkJYwFfHFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/mPz_ZxOaOMvaQrXYgKdKGt0sILo.roa
Signing time: Sun 15 Oct 2023 23:13:55 +0000
ROA not before: Sun 15 Oct 2023 23:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25355
IP address blocks: 82.144.64.0/24 maxlen: 24
82.144.68.0/24 maxlen: 24
82.144.69.0/24 maxlen: 24
82.144.67.0/24 maxlen: 24
82.144.65.0/24 maxlen: 24
82.144.66.0/24 maxlen: 24
82.144.70.0/24 maxlen: 24
82.144.71.0/24 maxlen: 24
82.144.77.0/24 maxlen: 24
82.144.78.0/24 maxlen: 24
82.144.75.0/24 maxlen: 24
82.144.76.0/24 maxlen: 24
82.144.74.0/24 maxlen: 24
82.144.72.0/24 maxlen: 24
82.144.73.0/24 maxlen: 24
82.144.82.0/24 maxlen: 24
82.144.83.0/24 maxlen: 24
82.144.81.0/24 maxlen: 24
82.144.79.0/24 maxlen: 24
82.144.80.0/24 maxlen: 24
82.144.84.0/24 maxlen: 24
82.144.85.0/24 maxlen: 24
82.144.91.0/24 maxlen: 24
82.144.89.0/24 maxlen: 24
82.144.90.0/24 maxlen: 24
82.144.88.0/24 maxlen: 24
82.144.86.0/24 maxlen: 24
82.144.87.0/24 maxlen: 24
82.144.93.0/24 maxlen: 24
82.144.94.0/24 maxlen: 24
82.144.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:35:9e:1a:56:a6:18:5f:18:8d:68:2a:ce:21:57:9e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78b1dbe2faf2a6e7dfa574ce55190963015f1c53
Validity
Not Before: Oct 15 23:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98fcff67139a38cbda42b5d880a74a1add2c20ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d6:91:cc:82:ac:4d:36:4f:5b:9a:ba:6e:c2:
f1:42:9b:80:a6:1b:16:9e:8e:3f:4f:8f:02:97:68:
f8:b9:38:3e:64:5b:6e:9c:6e:d9:74:ee:40:8e:82:
8b:46:37:50:a8:9b:a8:9c:36:af:32:11:3d:d5:0b:
11:c4:4e:d8:3c:6f:3c:21:f2:7b:a4:fb:34:11:4d:
e5:f8:f2:1d:91:66:49:31:bf:6e:f9:f4:e1:d7:91:
48:28:e3:49:e0:ad:92:4c:cf:4c:69:4a:ec:dc:72:
cf:fe:b1:28:75:f4:3c:c1:5e:f6:2d:31:68:82:33:
aa:d8:5d:44:a4:fa:da:ef:2b:9d:d1:20:f9:f2:e8:
b3:b7:32:95:2a:8d:c4:79:3e:71:de:d8:7c:67:92:
a1:db:6c:05:ed:7b:7b:fd:56:df:15:5c:38:bb:38:
6d:3a:a9:0d:22:f3:dd:a8:15:4b:1d:7e:73:1d:ee:
ac:95:43:72:5a:74:d5:a7:58:38:b2:d1:1f:f7:13:
ee:55:e2:c9:78:b1:71:05:67:8a:92:dc:00:1a:bc:
7d:90:64:2c:1f:46:3e:5b:ea:2b:e1:08:8f:86:18:
77:0b:dc:5c:b4:94:a1:33:bb:da:09:c4:d6:24:f0:
1b:41:b6:81:7a:0b:b9:2c:48:38:f5:0d:b1:f1:0a:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FC:FF:67:13:9A:38:CB:DA:42:B5:D8:80:A7:4A:1A:DD:2C:20:BA
X509v3 Authority Key Identifier:
keyid:78:B1:DB:E2:FA:F2:A6:E7:DF:A5:74:CE:55:19:09:63:01:5F:1C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eLHb4vrypuffpXTOVRkJYwFfHFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/mPz_ZxOaOMvaQrXYgKdKGt0sILo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/eLHb4vrypuffpXTOVRkJYwFfHFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.144.64.0-82.144.94.255
Signature Algorithm: sha256WithRSAEncryption
a0:82:0b:bf:41:a8:eb:0e:fe:68:21:c2:2c:cf:90:b3:ac:76:
e8:c4:fd:a2:0c:88:c5:de:d5:20:99:e6:85:4a:95:aa:e1:a1:
fd:1c:db:b2:d2:a1:fc:0f:28:82:a6:7c:00:82:a8:d7:de:5b:
0c:a7:ab:f9:74:01:83:e7:e2:58:dc:28:3f:65:45:5b:95:b9:
fe:c7:87:29:f5:23:53:2b:29:57:97:cc:44:68:7f:7b:78:92:
07:47:bf:eb:f6:13:a8:09:4e:ae:92:ca:5b:e9:05:53:e5:c0:
9c:79:e7:66:16:f7:a5:38:45:4d:bd:b4:e5:eb:16:11:e2:27:
5c:7c:a1:fc:da:4c:1c:5d:a5:36:c8:40:f2:11:27:51:90:9a:
47:84:04:65:30:93:cc:5e:82:bd:d3:35:d6:d7:03:ba:44:cf:
b5:5d:66:ce:9c:1f:15:92:d3:7b:98:cf:db:79:31:33:9f:8a:
fb:50:9f:66:a2:a2:4f:4e:dd:cc:28:f2:fe:13:0c:ec:5d:13:
4f:78:8a:11:3a:f8:c6:07:0b:fa:aa:ff:5a:78:e0:9e:3b:cc:
44:76:c8:95:8f:8e:2d:02:c3:6b:d5:c5:6d:a0:82:75:69:89:
fe:2c:0d:91:31:b7:67:45:58:a0:96:ff:e7:52:db:64:66:53:
b8:95:c4:61
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYs1nhpWphhfGI1oKs4hV57mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YjFkYmUyZmFmMmE2ZTdkZmE1NzRjZTU1MTkwOTYzMDE1
ZjFjNTMwHhcNMjMxMDE1MjMxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZjZmY2NzEzOWEzOGNiZGE0MmI1ZDg4MGE3NGExYWRkMmMyMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdaRzIKsTTZPW5q6bsLxQpuAphsW
no4/T48Cl2j4uTg+ZFtunG7ZdO5AjoKLRjdQqJuonDavMhE91QsRxE7YPG88IfJ7
pPs0EU3l+PIdkWZJMb9u+fTh15FIKONJ4K2STM9MaUrs3HLP/rEodfQ8wV72LTFo
gjOq2F1EpPra7yud0SD58uiztzKVKo3EeT5x3th8Z5Kh22wF7Xt7/VbfFVw4uzht
OqkNIvPdqBVLHX5zHe6slUNyWnTVp1g4stEf9xPuVeLJeLFxBWeKktwAGrx9kGQs
H0Y+W+or4QiPhhh3C9xctJShM7vaCcTWJPAbQbaBegu5LEg49Q2x8Qo33QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJj8/2cTmjjL2kK12ICnShrdLCC6MB8GA1UdIwQY
MBaAFHix2+L68qbn36V0zlUZCWMBXxxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUxIYjR2cnlwdWZmcFhUT1ZSa0pZd0ZmSEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jNjY2YmYtYzhkNi00OGFkLTgwNzYt
YzNmZDlhZTgxMDEyLzEvbVB6X1p4T2FPTXZhUXJYWWdLZEtHdDBzSUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jNjY2YmYtYzhkNi00OGFkLTgwNzYtYzNmZDlhZTgxMDEy
LzEvZUxIYjR2cnlwdWZmcFhUT1ZSa0pZd0ZmSEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAZSkEAD
BABSkF4wDQYJKoZIhvcNAQELBQADggEBAKCCC79BqOsO/mghwizPkLOsdujE/aIM
iMXe1SCZ5oVKlarhof0c27LSofwPKIKmfACCqNfeWwynq/l0AYPn4ljcKD9lRVuV
uf7Hhyn1I1MrKVeXzERof3t4kgdHv+v2E6gJTq6SylvpBVPlwJx552YW96U4RU29
tOXrFhHiJ1x8ofzaTBxdpTbIQPIRJ1GQmkeEBGUwk8xegr3TNdbXA7pEz7VdZs6c
HxWS03uYz9t5MTOfivtQn2aiok9O3cwo8v4TDOxdE094ihE6+MYHC/qq/1p44J47
zER2yJWPji0Cw2vVxW2ggnVpif4sDZExt2dFWKCW/+dS22RmU7iVxGE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:34 2025 by rpki-client