Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/mpSEXtrYNXHWEB6tQ6CicyOHCNw.roa
File: mpSEXtrYNXHWEB6tQ6CicyOHCNw.roa (raw, json)
Hash identifier: 2dach9SI4p8Vfibyf0zhAeNhl4EbNbKMuFDFSxaH1KE=
Subject key identifier: 9A:94:84:5E:DA:D8:35:71:D6:10:1E:AD:43:A0:A2:73:23:87:08:DC
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018A36A07285B8A4EC07381093AFEAF8AB2C
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/mpSEXtrYNXHWEB6tQ6CicyOHCNw.roa
Signing time: Sun 27 Aug 2023 10:53:19 +0000
ROA not before: Sun 27 Aug 2023 10:53:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8342
IP address blocks: 185.66.12.0/22 maxlen: 22
185.126.84.0/23 maxlen: 23
185.126.86.0/23 maxlen: 23
195.158.224.0/23 maxlen: 23
195.190.12.0/24 maxlen: 24
185.80.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:a0:72:85:b8:a4:ec:07:38:10:93:af:ea:f8:ab:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Aug 27 10:53:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a94845edad83571d6101ead43a0a273238708dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:02:1b:9d:15:14:d3:27:54:a2:e7:9e:78:72:
c4:a6:e9:c5:8b:92:6a:d0:98:67:be:b7:c3:d0:ed:
75:41:88:e8:02:30:15:bb:74:f6:3e:1b:c4:c0:06:
bd:a3:3b:d7:cb:33:29:d8:ca:0d:1e:13:06:ba:77:
8e:2b:dd:d1:9a:30:9d:dc:6f:c0:00:c7:98:fa:f2:
38:93:4c:41:25:0c:6f:1f:53:1b:b9:b0:eb:87:24:
8d:de:e6:4a:4f:0d:b3:00:63:54:17:e8:e9:d1:a8:
cd:3a:0e:b3:ba:62:70:68:48:6d:dc:4d:93:87:6f:
b8:a5:d9:91:b4:4f:1d:c6:3a:59:0a:83:32:92:dd:
d4:5e:c7:b8:e9:f5:d9:fd:f9:44:ae:8b:54:1a:2b:
82:7c:76:74:84:eb:6e:d7:bd:17:e8:d8:04:85:ee:
0b:e0:a1:cd:f9:6b:2f:10:ed:84:b7:de:bc:4e:1d:
11:d6:12:75:ef:d1:3d:d7:6b:b9:56:98:34:bc:55:
c7:97:c0:2d:6e:ac:14:f3:c3:8f:de:d0:2a:d8:0a:
37:d7:0d:38:5c:1f:a0:05:f4:9a:9c:52:a7:f1:fa:
c0:36:e9:f3:1a:a7:a9:7f:40:af:e7:5f:3c:07:f5:
54:c9:82:1b:cf:29:50:4f:e0:59:2c:e5:ba:70:04:
30:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:94:84:5E:DA:D8:35:71:D6:10:1E:AD:43:A0:A2:73:23:87:08:DC
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/mpSEXtrYNXHWEB6tQ6CicyOHCNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.12.0/22
185.80.148.0/22
185.126.84.0/22
195.158.224.0/23
195.190.12.0/24
Signature Algorithm: sha256WithRSAEncryption
43:e3:ff:8d:72:36:04:4f:7d:ca:1a:85:78:29:fa:ed:40:fc:
f3:cc:a9:7e:32:3c:a5:15:7c:f6:cb:55:f2:52:b6:f8:64:31:
0c:d4:cb:de:4e:a7:28:57:3d:fb:65:58:4e:24:f7:0c:57:b9:
0c:3f:39:19:7d:b1:8a:ea:ff:04:36:f6:58:81:3a:02:d2:85:
02:16:53:7c:1d:b9:10:0e:56:98:33:bc:cb:5c:78:46:68:2a:
3a:a5:7f:43:4d:0d:5d:ab:fa:51:b3:34:5c:2e:b9:ac:77:de:
9a:fb:40:85:3b:7e:0c:b8:c0:51:09:d4:09:27:22:59:e0:91:
07:7a:af:58:14:e2:91:2c:79:9f:1a:24:1d:09:6c:60:bf:10:
57:41:42:06:ae:f5:c7:c7:f4:b5:9f:ad:cd:0b:f5:fa:0e:77:
e6:1a:7e:ff:8d:dd:e4:52:d2:70:a5:0f:ae:01:56:70:20:41:
dc:b1:1a:ad:1f:02:e2:02:f3:cd:28:6a:6b:19:f2:a7:30:91:
28:4e:06:14:f2:38:95:8c:d8:5d:12:c9:cc:24:e7:3b:1a:4f:
68:8e:3d:3c:6f:4f:ea:41:e1:e6:3e:a8:7e:4b:9a:5e:0f:eb:
07:a4:91:c8:81:48:83:d2:67:38:02:9c:39:91:0c:b7:90:94:
e2:81:c7:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYo2oHKFuKTsBzgQk6/q+KssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwODI3MTA1MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk0ODQ1ZWRhZDgzNTcxZDYxMDFlYWQ0M2EwYTI3MzIzODcwOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgIbnRUU0ydUoueeeHLEpunFi5Jq
0JhnvrfD0O11QYjoAjAVu3T2PhvEwAa9ozvXyzMp2MoNHhMGuneOK93RmjCd3G/A
AMeY+vI4k0xBJQxvH1MbubDrhySN3uZKTw2zAGNUF+jp0ajNOg6zumJwaEht3E2T
h2+4pdmRtE8dxjpZCoMykt3UXse46fXZ/flErotUGiuCfHZ0hOtu170X6NgEhe4L
4KHN+WsvEO2Et968Th0R1hJ179E912u5Vpg0vFXHl8AtbqwU88OP3tAq2Ao31w04
XB+gBfSanFKn8frANunzGqepf0Cv5188B/VUyYIbzylQT+BZLOW6cAQwIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJqUhF7a2DVx1hAerUOgonMjhwjcMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvbXBTRVh0cllOWEhXRUI2dFE2Q2ljeU9IQ053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuUIMAwQC
uVCUAwQCuX5UAwQBw57gAwQAw74MMA0GCSqGSIb3DQEBCwUAA4IBAQBD4/+NcjYE
T33KGoV4KfrtQPzzzKl+MjylFXz2y1XyUrb4ZDEM1MveTqcoVz37ZVhOJPcMV7kM
PzkZfbGK6v8ENvZYgToC0oUCFlN8HbkQDlaYM7zLXHhGaCo6pX9DTQ1dq/pRszRc
Lrmsd96a+0CFO34MuMBRCdQJJyJZ4JEHeq9YFOKRLHmfGiQdCWxgvxBXQUIGrvXH
x/S1n63NC/X6DnfmGn7/jd3kUtJwpQ+uAVZwIEHcsRqtHwLiAvPNKGprGfKnMJEo
TgYU8jiVjNhdEsnMJOc7Gk9ojj08b0/qQeHmPqh+S5peD+sHpJHIgUiD0mc4Apw5
kQy3kJTigcew
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:00:01 2025 by rpki-client