Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/MUh7AGPIzSZtjpWuuElhokWy2OY.roa
File: MUh7AGPIzSZtjpWuuElhokWy2OY.roa (raw, json)
Hash identifier: XhQi+nvZBjmiIu26UXDdRscElhazop/IihiHzYvZY28=
Subject key identifier: 31:48:7B:00:63:C8:CD:26:6D:8E:95:AE:B8:49:61:A2:45:B2:D8:E6
Certificate issuer: /CN=e3ce069dfc5b608876d6424a32e783a98a92eff2
Certificate serial: 01856E8B368F01B3213F89AAC70D4F469B8F
Authority key identifier: E3:CE:06:9D:FC:5B:60:88:76:D6:42:4A:32:E7:83:A9:8A:92:EF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/484GnfxbYIh21kJKMueDqYqS7_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/MUh7AGPIzSZtjpWuuElhokWy2OY.roa
Signing time: Sun 01 Jan 2023 18:14:55 +0000
ROA not before: Sun 01 Jan 2023 18:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57130
IP address blocks: 91.230.241.0/24 maxlen: 24
194.9.22.0/24 maxlen: 24
194.9.23.0/24 maxlen: 24
91.230.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:36:8f:01:b3:21:3f:89:aa:c7:0d:4f:46:9b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ce069dfc5b608876d6424a32e783a98a92eff2
Validity
Not Before: Jan 1 18:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31487b0063c8cd266d8e95aeb84961a245b2d8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:15:8c:e8:30:1c:98:1f:39:f3:98:b4:f9:
da:2a:49:b1:8a:fd:60:4a:0b:25:8f:5d:2c:2c:2d:
f3:62:b6:68:17:30:d3:6a:e5:d9:1b:a0:89:76:8a:
f8:6a:47:aa:db:15:96:1c:5a:ac:66:60:ca:10:ac:
f2:10:7e:92:80:3d:f7:73:b7:11:4a:3d:77:ff:69:
08:9e:b6:cb:ad:96:9a:a0:9f:12:b9:16:77:4b:36:
e4:4b:ed:7f:78:21:43:12:de:a5:49:62:30:07:5d:
db:13:3f:4a:90:d0:ce:d5:34:05:4e:b5:94:ce:8e:
eb:d3:4d:7a:09:6f:8b:08:a3:73:2c:37:8c:fb:83:
a3:c2:a5:81:6d:6c:88:72:91:b3:07:16:73:34:05:
c2:68:65:36:fb:1c:85:88:56:90:8d:a4:02:96:60:
f0:28:32:69:88:05:5a:95:ba:99:b0:32:ff:0b:99:
d0:a9:e4:4e:7f:d6:44:7c:9a:ef:a1:c4:64:19:18:
58:78:fc:1e:3b:9a:58:f1:32:c8:d5:67:02:45:87:
a9:0b:c4:d7:40:d3:cc:44:ac:7b:c8:48:f4:ec:96:
d4:e1:9d:ba:20:38:b4:ac:c4:fc:c0:ab:ee:fe:e4:
a2:f8:95:9d:33:3f:84:aa:f3:50:d5:04:19:93:dd:
8a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:48:7B:00:63:C8:CD:26:6D:8E:95:AE:B8:49:61:A2:45:B2:D8:E6
X509v3 Authority Key Identifier:
keyid:E3:CE:06:9D:FC:5B:60:88:76:D6:42:4A:32:E7:83:A9:8A:92:EF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/484GnfxbYIh21kJKMueDqYqS7_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/MUh7AGPIzSZtjpWuuElhokWy2OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/484GnfxbYIh21kJKMueDqYqS7_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.240.0/23
194.9.22.0/23
Signature Algorithm: sha256WithRSAEncryption
59:ff:da:e3:58:5c:cd:63:03:97:e8:c8:dd:b0:34:ce:2d:28:
fc:9a:a5:d7:1e:bf:9a:a0:63:92:83:7f:90:66:f7:e4:c5:55:
6d:71:07:15:40:5a:02:85:32:33:2b:10:0c:40:8e:80:39:35:
aa:83:0a:af:5d:23:9c:3c:3f:c3:b2:2f:df:1f:36:a1:81:2a:
b2:57:4e:30:20:36:da:b8:b4:36:8f:f3:57:e0:23:d3:7e:05:
b4:cb:6d:46:34:18:34:85:f7:e4:ba:bd:77:23:83:7e:48:13:
aa:25:81:b9:94:3e:5f:b6:35:3f:4a:45:c5:3a:c6:3e:c9:20:
72:3b:66:ea:03:0b:f2:55:78:5d:59:2d:fc:d5:2b:72:5d:3f:
5a:66:5c:bb:55:4b:87:d1:76:1b:a0:16:dd:1b:fd:88:7e:c8:
7d:f4:94:a8:02:14:11:f5:22:9f:4c:97:cd:d2:6d:d4:bd:06:
7a:e2:43:10:79:fe:85:26:fa:04:7d:e8:26:66:1f:a6:2d:80:
5a:01:80:75:65:79:3a:a2:a2:47:2b:70:b8:86:c1:6d:6b:2f:
91:3f:18:0c:3d:dc:30:3f:8b:4b:0d:2d:07:fa:e2:ff:0c:66:
e7:b2:71:e9:b5:e5:3b:eb:f5:c9:4c:f1:d6:e7:8f:9e:3c:35:
1e:fb:0e:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuizaPAbMhP4mqxw1PRpuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzY2UwNjlkZmM1YjYwODg3NmQ2NDI0YTMyZTc4M2E5OGE5
MmVmZjIwHhcNMjMwMTAxMTgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQ4N2IwMDYzYzhjZDI2NmQ4ZTk1YWViODQ5NjFhMjQ1YjJkOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBQVjOgwHJgfOfOYtPnaKkmxiv1g
Sgslj10sLC3zYrZoFzDTauXZG6CJdor4akeq2xWWHFqsZmDKEKzyEH6SgD33c7cR
Sj13/2kInrbLrZaaoJ8SuRZ3SzbkS+1/eCFDEt6lSWIwB13bEz9KkNDO1TQFTrWU
zo7r0016CW+LCKNzLDeM+4OjwqWBbWyIcpGzBxZzNAXCaGU2+xyFiFaQjaQClmDw
KDJpiAValbqZsDL/C5nQqeROf9ZEfJrvocRkGRhYePweO5pY8TLI1WcCRYepC8TX
QNPMRKx7yEj07JbU4Z26IDi0rMT8wKvu/uSi+JWdMz+EqvNQ1QQZk92K/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDFIewBjyM0mbY6VrrhJYaJFstjmMB8GA1UdIwQY
MBaAFOPOBp38W2CIdtZCSjLng6mKku/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDg0R25meGJZSWgyMWtKS011ZURxWXFTN19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81NWFlMmQtMzdhMi00ZjY3LTk1MTYt
OTA4MTU0NWY1NjkxLzEvTVVoN0FHUEl6U1p0anBXdXVFbGhva1d5Mk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81NWFlMmQtMzdhMi00ZjY3LTk1MTYtOTA4MTU0NWY1Njkx
LzEvNDg0R25meGJZSWgyMWtKS011ZURxWXFTN19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+bwAwQB
wgkWMA0GCSqGSIb3DQEBCwUAA4IBAQBZ/9rjWFzNYwOX6MjdsDTOLSj8mqXXHr+a
oGOSg3+QZvfkxVVtcQcVQFoChTIzKxAMQI6AOTWqgwqvXSOcPD/Dsi/fHzahgSqy
V04wIDbauLQ2j/NX4CPTfgW0y21GNBg0hffkur13I4N+SBOqJYG5lD5ftjU/SkXF
OsY+ySByO2bqAwvyVXhdWS381StyXT9aZly7VUuH0XYboBbdG/2Ifsh99JSoAhQR
9SKfTJfN0m3UvQZ64kMQef6FJvoEfegmZh+mLYBaAYB1ZXk6oqJHK3C4hsFtay+R
PxgMPdwwP4tLDS0H+uL/DGbnsnHpteU76/XJTPHW54+ePDUe+w7Y
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:37 2025 by rpki-client