Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/MBqJXWEY-CljaTSWJPolsJY47UA.roa
File: MBqJXWEY-CljaTSWJPolsJY47UA.roa (raw, json)
Hash identifier: CdSo5pV2pd4CDpehShe+LL8bZY2iDGLWtDVTpGey0ok=
Subject key identifier: 30:1A:89:5D:61:18:F8:29:63:69:34:96:24:FA:25:B0:96:38:ED:40
Certificate issuer: /CN=b3c935d84316a2cf56a65957b6d79b7af811a707
Certificate serial: 018753CF0B1F73C1532D8815F9004E154775
Authority key identifier: B3:C9:35:D8:43:16:A2:CF:56:A6:59:57:B6:D7:9B:7A:F8:11:A7:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/MBqJXWEY-CljaTSWJPolsJY47UA.roa
Signing time: Wed 05 Apr 2023 23:44:50 +0000
ROA not before: Wed 05 Apr 2023 23:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200612
IP address blocks: 185.200.232.0/22 maxlen: 22
185.200.232.0/23 maxlen: 23
185.200.232.0/24 maxlen: 24
185.200.233.0/24 maxlen: 24
185.200.235.0/24 maxlen: 24
185.200.234.0/23 maxlen: 23
185.200.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:53:cf:0b:1f:73:c1:53:2d:88:15:f9:00:4e:15:47:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c935d84316a2cf56a65957b6d79b7af811a707
Validity
Not Before: Apr 5 23:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=301a895d6118f8296369349624fa25b09638ed40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0a:61:a7:5c:f5:3c:c7:88:af:37:d6:41:bc:
f4:df:03:b1:89:ad:0b:04:73:65:7c:35:b5:21:9c:
c3:ce:10:26:66:27:81:ca:f8:63:f0:e1:b7:9e:92:
45:fe:5a:ef:73:20:83:ff:21:ba:13:ee:3c:3e:6c:
d8:e6:fe:3c:ea:94:5f:40:83:76:5e:c5:ac:c5:9b:
00:0f:ce:d5:69:28:a3:14:c2:0f:53:7a:c8:b0:d0:
fb:bc:94:f9:28:4d:27:26:09:3a:e3:14:66:80:ce:
52:fe:6b:77:ce:0b:90:1d:8b:27:92:af:4c:6f:af:
3e:dd:41:74:4b:26:b8:ef:d8:f9:44:60:7b:97:6b:
53:24:04:71:47:2e:ac:5c:b4:d4:dc:57:02:6b:e3:
4a:5f:ec:46:7c:9c:89:7c:9f:45:b1:58:0b:5a:c6:
e8:76:aa:72:e1:f7:5a:be:7e:ff:fa:4c:93:4f:bf:
a2:e7:0f:79:80:27:21:92:e1:ff:e7:2f:fa:cf:e7:
72:6d:84:fc:54:23:a3:68:cb:a6:c4:6e:b7:e1:04:
8c:bb:a5:b0:62:69:17:19:ea:d4:09:42:f9:83:e4:
b0:44:9f:4e:ec:41:2e:7f:25:7d:f5:cb:50:cc:9f:
14:34:c5:b3:84:e1:24:93:7a:aa:b3:dd:35:20:75:
cc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1A:89:5D:61:18:F8:29:63:69:34:96:24:FA:25:B0:96:38:ED:40
X509v3 Authority Key Identifier:
keyid:B3:C9:35:D8:43:16:A2:CF:56:A6:59:57:B6:D7:9B:7A:F8:11:A7:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/MBqJXWEY-CljaTSWJPolsJY47UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/s8k12EMWos9WpllXttebevgRpwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.232.0/22
Signature Algorithm: sha256WithRSAEncryption
61:18:5e:69:26:ba:ab:fa:ae:a5:b7:c7:dd:a9:72:fc:1f:05:
d7:75:1c:e7:2f:8d:f1:79:b7:04:f3:34:eb:09:c3:14:43:18:
34:0e:65:1f:95:da:ae:db:12:3d:c8:05:68:fc:68:30:72:85:
01:b7:f0:e4:92:11:67:02:01:60:52:74:72:29:53:27:f4:31:
e5:c3:32:9e:23:0d:dd:26:f0:23:c3:64:bd:70:c5:2c:1b:09:
0b:84:06:a5:53:d6:6b:8c:1b:31:68:fa:ad:4a:52:b4:b6:2b:
44:3f:90:5f:b6:85:c8:f7:cf:2a:cd:14:20:4c:40:c7:7e:6c:
46:1a:74:4d:fc:de:40:cc:5b:c2:10:a4:f8:24:b7:03:9c:9f:
09:04:de:aa:f5:dd:23:6b:c1:79:57:9e:f5:b9:43:e1:17:71:
c0:f0:ed:e9:b8:6d:24:e1:d8:87:18:79:48:dc:af:cd:02:8a:
93:7d:3d:ef:d3:30:c4:11:84:b0:24:39:b7:5c:e7:21:2c:63:
92:8b:ad:c9:30:67:42:ce:5a:0d:63:33:11:1d:b8:8c:f3:af:
5b:57:d9:db:bc:49:74:a4:af:8c:c9:8c:1e:51:97:36:70:47:
9c:cf:ea:f3:60:0f:61:fd:87:e2:79:ba:3e:e6:c8:a6:95:a7:
30:56:89:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdTzwsfc8FTLYgV+QBOFUd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzkzNWQ4NDMxNmEyY2Y1NmE2NTk1N2I2ZDc5YjdhZjgx
MWE3MDcwHhcNMjMwNDA1MjM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFhODk1ZDYxMThmODI5NjM2OTM0OTYyNGZhMjViMDk2MzhlZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAphp1z1PMeIrzfWQbz03wOxia0L
BHNlfDW1IZzDzhAmZieByvhj8OG3npJF/lrvcyCD/yG6E+48PmzY5v486pRfQIN2
XsWsxZsAD87VaSijFMIPU3rIsND7vJT5KE0nJgk64xRmgM5S/mt3zguQHYsnkq9M
b68+3UF0Sya479j5RGB7l2tTJARxRy6sXLTU3FcCa+NKX+xGfJyJfJ9FsVgLWsbo
dqpy4fdavn7/+kyTT7+i5w95gCchkuH/5y/6z+dybYT8VCOjaMumxG634QSMu6Ww
YmkXGerUCUL5g+SwRJ9O7EEufyV99ctQzJ8UNMWzhOEkk3qqs901IHXMJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAaiV1hGPgpY2k0liT6JbCWOO1AMB8GA1UdIwQY
MBaAFLPJNdhDFqLPVqZZV7bXm3r4EacHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhrMTJFTVdvczlXcGxsWHR0ZWJldmdScHdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NTc5NjItMDUxYS00NmM1LThhOTMt
MWNjMWE1MzhjM2NlLzEvTUJxSlhXRVktQ2xqYVRTV0pQb2xzSlk0N1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NTc5NjItMDUxYS00NmM1LThhOTMtMWNjMWE1MzhjM2Nl
LzEvczhrMTJFTVdvczlXcGxsWHR0ZWJldmdScHdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjoMA0G
CSqGSIb3DQEBCwUAA4IBAQBhGF5pJrqr+q6lt8fdqXL8HwXXdRznL43xebcE8zTr
CcMUQxg0DmUfldqu2xI9yAVo/GgwcoUBt/DkkhFnAgFgUnRyKVMn9DHlwzKeIw3d
JvAjw2S9cMUsGwkLhAalU9ZrjBsxaPqtSlK0titEP5BftoXI988qzRQgTEDHfmxG
GnRN/N5AzFvCEKT4JLcDnJ8JBN6q9d0ja8F5V571uUPhF3HA8O3puG0k4diHGHlI
3K/NAoqTfT3v0zDEEYSwJDm3XOchLGOSi63JMGdCzloNYzMRHbiM869bV9nbvEl0
pK+MyYweUZc2cEecz+rzYA9h/Yfiebo+5simlacwVolw
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:52:57 2025 by rpki-client