Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/MfjU-IK7xkEUDr1v4ykf-LiDteA.roa
File: MfjU-IK7xkEUDr1v4ykf-LiDteA.roa (raw, json)
Hash identifier: f0puiyd0htbpVMSH2nD8BUCTg59+JnKuu3X2SegvG4A=
Subject key identifier: 31:F8:D4:F8:82:BB:C6:41:14:0E:BD:6F:E3:29:1F:F8:B8:83:B5:E0
Certificate issuer: /CN=412ac83a27ca8723c61b1446c3e678110c650689
Certificate serial: 01856C011E2F3F880719DE9044814E1D575D
Authority key identifier: 41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/MfjU-IK7xkEUDr1v4ykf-LiDteA.roa
Signing time: Sun 01 Jan 2023 06:24:50 +0000
ROA not before: Sun 01 Jan 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24632
IP address blocks: 193.111.112.0/23 maxlen: 23
193.111.108.0/22 maxlen: 22
194.9.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:1e:2f:3f:88:07:19:de:90:44:81:4e:1d:57:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412ac83a27ca8723c61b1446c3e678110c650689
Validity
Not Before: Jan 1 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31f8d4f882bbc641140ebd6fe3291ff8b883b5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a6:f7:64:67:d8:f3:3c:33:19:df:e7:86:15:
8b:e6:6a:aa:0f:f3:61:69:ab:d3:27:38:e4:7a:68:
c1:29:35:59:aa:6b:95:47:83:11:1a:0b:cf:0a:49:
72:dd:d5:cf:62:1f:62:a0:42:24:50:af:b3:7b:b0:
7d:7b:3a:2d:da:65:ba:0b:7d:a5:70:9e:27:91:67:
59:62:7b:7d:c6:fb:8b:eb:0e:a0:a0:dd:e9:93:ca:
c2:df:a1:d5:8d:13:ec:57:73:1e:5f:fc:4a:df:74:
71:d6:2d:ec:07:75:85:e4:1b:3f:2e:4f:4e:b7:9a:
29:ea:ea:d4:44:a0:a4:6f:c0:55:fd:29:aa:77:3c:
fc:e9:df:16:8a:b3:ee:ba:01:52:70:56:c1:bc:9b:
97:87:28:fe:70:92:aa:69:05:e2:b7:1f:6a:47:91:
58:dc:86:c3:fb:2e:b8:3b:b7:e2:b4:2d:43:ee:01:
dc:4f:f9:a1:b5:fb:7c:a8:2d:1d:e4:8c:2f:68:47:
8a:f5:5a:a5:03:e6:86:99:07:b4:97:e1:80:1c:03:
fb:76:4f:77:29:b8:10:d7:e2:3d:50:72:88:52:45:
9c:40:79:45:29:38:92:44:a0:90:d3:a9:5a:ab:7b:
83:e5:00:e1:28:15:e5:99:79:00:32:e3:07:a8:5c:
0c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F8:D4:F8:82:BB:C6:41:14:0E:BD:6F:E3:29:1F:F8:B8:83:B5:E0
X509v3 Authority Key Identifier:
keyid:41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/MfjU-IK7xkEUDr1v4ykf-LiDteA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.108.0-193.111.113.255
194.9.168.0/23
Signature Algorithm: sha256WithRSAEncryption
37:e1:1c:0a:d4:e6:63:ba:42:34:02:c3:8d:af:66:d5:2a:f4:
09:b1:8e:4b:65:5c:35:a7:35:43:ba:85:c0:b4:a6:b1:2a:e1:
4b:78:fb:a1:d8:11:1d:37:08:a1:c4:11:b7:6a:c2:2a:ef:b3:
26:52:8d:e4:0a:80:70:01:e4:a2:63:aa:f0:6b:7a:e1:74:c8:
08:a6:78:9a:54:55:9b:ed:74:f4:b1:b5:ee:79:9c:b2:e3:c0:
2e:5b:19:f6:27:eb:af:7e:d6:75:64:64:07:0e:ab:3a:5b:05:
1b:33:24:f7:3b:bf:83:1e:f7:f2:c1:e0:75:21:9f:34:79:02:
ed:55:5a:af:c6:fe:df:f0:81:3f:d3:db:90:6a:42:ca:33:79:
f8:f4:1a:ef:bc:0a:62:65:d6:6a:12:ae:ec:1a:46:97:be:99:
f1:23:62:3b:36:39:c5:b2:99:d2:ed:0d:22:ec:60:60:e9:2b:
50:43:29:2b:25:2c:1f:7b:67:9e:8e:06:20:80:62:81:07:e6:
0b:f3:77:32:db:08:b8:c7:ec:eb:70:c7:2d:fe:9c:83:19:b3:
80:e9:35:dc:bf:f8:f9:33:7a:a9:c5:f3:80:04:2e:b4:a8:c4:
d3:db:04:2d:00:23:20:f4:49:ec:b3:ef:1e:4b:f7:f9:db:0e:
d2:ad:c7:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsAR4vP4gHGd6QRIFOHVddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmFjODNhMjdjYTg3MjNjNjFiMTQ0NmMzZTY3ODExMGM2
NTA2ODkwHhcNMjMwMTAxMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWY4ZDRmODgyYmJjNjQxMTQwZWJkNmZlMzI5MWZmOGI4ODNiNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kb3ZGfY8zwzGd/nhhWL5mqqD/Nh
aavTJzjkemjBKTVZqmuVR4MRGgvPCkly3dXPYh9ioEIkUK+ze7B9ezot2mW6C32l
cJ4nkWdZYnt9xvuL6w6goN3pk8rC36HVjRPsV3MeX/xK33Rx1i3sB3WF5Bs/Lk9O
t5op6urURKCkb8BV/Smqdzz86d8WirPuugFScFbBvJuXhyj+cJKqaQXitx9qR5FY
3IbD+y64O7fitC1D7gHcT/mhtft8qC0d5IwvaEeK9VqlA+aGmQe0l+GAHAP7dk93
KbgQ1+I9UHKIUkWcQHlFKTiSRKCQ06laq3uD5QDhKBXlmXkAMuMHqFwMFwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDH41PiCu8ZBFA69b+MpH/i4g7XgMB8GA1UdIwQY
MBaAFEEqyDonyocjxhsURsPmeBEMZQaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5Mzct
MWY4NTZjMDkzYWU4LzEvTWZqVS1JSzd4a0VVRHIxdjR5a2YtTGlEdGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5MzctMWY4NTZjMDkzYWU4
LzEvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALBb2wD
BAHBb3ADBAHCCagwDQYJKoZIhvcNAQELBQADggEBADfhHArU5mO6QjQCw42vZtUq
9AmxjktlXDWnNUO6hcC0prEq4Ut4+6HYER03CKHEEbdqwirvsyZSjeQKgHAB5KJj
qvBreuF0yAimeJpUVZvtdPSxte55nLLjwC5bGfYn669+1nVkZAcOqzpbBRszJPc7
v4Me9/LB4HUhnzR5Au1VWq/G/t/wgT/T25BqQsozefj0Gu+8CmJl1moSruwaRpe+
mfEjYjs2OcWymdLtDSLsYGDpK1BDKSslLB97Z56OBiCAYoEH5gvzdzLbCLjH7Otw
xy3+nIMZs4DpNdy/+PkzeqnF84AELrSoxNPbBC0AIyD0Seyz7x5L9/nbDtKtx6A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:29 2025 by rpki-client