Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/MbzUO3OoJcht88MMNncYJbRg4Jo.roa
File: MbzUO3OoJcht88MMNncYJbRg4Jo.roa (raw, json)
Hash identifier: Z1AgmD+8OyeQYr1KtGoo4jkGCWVOsPPUgGhyWyyKmzU=
Subject key identifier: 31:BC:D4:3B:73:A8:25:C8:6D:F3:C3:0C:36:77:18:25:B4:60:E0:9A
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018819ED02805742D05522A8AC19C612A608
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/MbzUO3OoJcht88MMNncYJbRg4Jo.roa
Signing time: Sun 14 May 2023 11:02:23 +0000
ROA not before: Sun 14 May 2023 11:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.40.0/21 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:19:ed:02:80:57:42:d0:55:22:a8:ac:19:c6:12:a6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 11:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31bcd43b73a825c86df3c30c36771825b460e09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:81:a6:25:99:b1:b7:37:01:05:4a:bb:0f:66:
2d:5d:c4:c8:82:ff:d6:ad:11:4c:5a:5a:61:43:cf:
50:65:a9:57:79:fb:5a:2d:81:e1:3c:44:a1:91:74:
69:d1:85:4f:39:af:b4:8d:ac:e8:d8:6c:ce:9d:b5:
61:aa:58:08:5a:ef:83:7e:4f:ba:68:2e:4a:b5:bb:
e9:df:ad:9e:d2:9d:b3:14:11:83:1c:cd:90:b1:50:
dd:4e:8d:8e:b3:fa:95:8d:4e:b1:cd:f0:77:a0:cb:
16:f7:75:18:ec:71:5d:e1:b0:3b:4a:cc:7d:7d:bd:
d9:14:44:97:43:4f:7a:ac:99:e2:6f:8a:5c:14:23:
10:95:5a:16:4c:4d:39:e3:2d:1a:d2:1e:47:02:81:
1b:ec:3f:87:a9:8d:d5:0f:f0:af:1c:0a:1f:be:3d:
07:6d:58:85:b0:4e:b6:ee:1a:3b:21:74:26:b3:bf:
0a:e9:fe:fb:50:4d:1a:a5:35:bd:df:fe:d6:91:52:
4d:90:ea:2a:c1:25:a4:a4:04:be:9d:bd:5c:36:73:
f9:db:d4:46:0b:d5:f5:c1:50:3e:fc:33:3c:37:90:
70:e7:dc:13:01:0d:e8:06:15:74:dc:85:87:44:90:
ee:65:33:23:83:51:b5:9c:43:f2:db:51:03:a3:60:
f8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BC:D4:3B:73:A8:25:C8:6D:F3:C3:0C:36:77:18:25:B4:60:E0:9A
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/MbzUO3OoJcht88MMNncYJbRg4Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:b3:dd:56:5e:15:1c:20:91:10:59:a7:dc:fd:f3:14:df:e2:
9d:f0:65:68:d2:3c:61:dc:cb:cd:45:37:f9:f1:78:36:33:f1:
cb:50:e9:40:f9:03:00:40:77:6b:7f:e2:7a:58:32:02:b5:5d:
03:a6:31:bb:e7:ec:ec:0a:d2:f3:6e:17:e1:c5:be:8c:33:8b:
b9:bd:32:38:cf:4a:0b:c1:09:07:3f:ad:a4:e3:ba:4f:6c:9c:
da:30:69:d5:aa:52:c3:77:ca:e0:1f:45:f6:18:20:82:dd:36:
9b:37:6a:a7:07:8a:79:74:12:fb:c2:5b:1b:b7:1d:df:53:59:
29:53:12:73:a5:f5:fa:98:5e:b9:a2:e0:df:0d:3f:64:f1:76:
6d:9e:c3:b6:a0:ca:7d:09:70:44:22:78:8d:1a:d7:af:b1:2a:
09:1e:f4:71:ab:3b:1d:58:f5:1f:fb:89:61:09:0f:13:28:03:
4e:ea:24:9e:f5:ae:9f:fb:8d:70:3a:a8:90:e2:7c:05:6b:7a:
79:45:28:69:69:ca:97:ee:2f:ed:53:ed:21:68:6e:f7:e6:e3:
f7:99:72:7e:07:86:ef:c5:59:67:09:07:22:2a:7d:87:cd:8e:
b4:d9:b8:7c:f3:23:cb:76:43:82:87:da:78:9e:c6:40:e8:d8:
df:6e:11:c4
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYgZ7QKAV0LQVSKorBnGEqYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTEwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWJjZDQzYjczYTgyNWM4NmRmM2MzMGMzNjc3MTgyNWI0NjBlMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYGmJZmxtzcBBUq7D2YtXcTIgv/W
rRFMWlphQ89QZalXeftaLYHhPEShkXRp0YVPOa+0jazo2GzOnbVhqlgIWu+Dfk+6
aC5Ktbvp362e0p2zFBGDHM2QsVDdTo2Os/qVjU6xzfB3oMsW93UY7HFd4bA7Ssx9
fb3ZFESXQ096rJnib4pcFCMQlVoWTE054y0a0h5HAoEb7D+HqY3VD/CvHAofvj0H
bViFsE627ho7IXQms78K6f77UE0apTW93/7WkVJNkOoqwSWkpAS+nb1cNnP529RG
C9X1wVA+/DM8N5Bw59wTAQ3oBhV03IWHRJDuZTMjg1G1nEPy21EDo2D4YwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFDG81DtzqCXIbfPDDDZ3GCW0YOCaMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvTWJ6VU8zT29KY2h0ODhNTU5uY1lKYlJnNEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQDArwoAwQC
ArxIAwQDArygAwQBArywAwQGArzAAwQDAr0wAwQCAr1AAwQEAr1QAwQEAr2gAwQA
TicoAwQATicrMAwDBAFOJy4DBAJOJzAwDAMEAE4nNQMEAk4nOAMEAU4nPjANBgkq
hkiG9w0BAQsFAAOCAQEAo7PdVl4VHCCREFmn3P3zFN/infBlaNI8YdzLzUU3+fF4
NjPxy1DpQPkDAEB3a3/ielgyArVdA6Yxu+fs7ArS824X4cW+jDOLub0yOM9KC8EJ
Bz+tpOO6T2yc2jBp1apSw3fK4B9F9hgggt02mzdqpweKeXQS+8JbG7cd31NZKVMS
c6X1+pheuaLg3w0/ZPF2bZ7DtqDKfQlwRCJ4jRrXr7EqCR70cas7HVj1H/uJYQkP
EygDTuoknvWun/uNcDqokOJ8BWt6eUUoaWnKl+4v7VPtIWhu9+bj95lyfgeG78VZ
ZwkHIip9h82OtNm4fPMjy3ZDgofaeJ7GQOjY324RxA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:36 2025 by rpki-client