Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MxUzsKDPNpVzyQu8p6cb5VNFCmI.roa
File: MxUzsKDPNpVzyQu8p6cb5VNFCmI.roa (raw, json)
Hash identifier: ElGvv4mGCE2866enhKfvtuc7EStJYokCwJbifC/e2vE=
Subject key identifier: 33:15:33:B0:A0:CF:36:95:73:C9:0B:BC:A7:A7:1B:E5:53:45:0A:62
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018511F4CD33C0D66E2942B163CFA245964E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MxUzsKDPNpVzyQu8p6cb5VNFCmI.roa
Signing time: Wed 14 Dec 2022 18:45:33 +0000
ROA not before: Wed 14 Dec 2022 18:45:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211687
IP address blocks: 92.38.35.0/24 maxlen: 24
93.170.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:f4:cd:33:c0:d6:6e:29:42:b1:63:cf:a2:45:96:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 14 18:45:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=331533b0a0cf369573c90bbca7a71be553450a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3f:4c:29:e3:83:0e:7f:a1:90:c1:44:c8:00:
d5:3c:58:5c:53:ea:c5:82:44:05:d8:1e:88:aa:fb:
2c:56:07:20:f6:a0:0c:3b:e7:25:48:65:bb:c7:7b:
2c:1a:59:f5:86:10:f9:dd:84:67:c0:14:60:ae:af:
99:fd:4b:fb:03:ba:f7:2f:d5:86:b0:7a:a6:ae:68:
6d:c4:39:6d:b8:84:77:51:12:fd:e4:a8:08:1e:2a:
d6:d6:60:e3:82:aa:c4:35:3f:e5:b6:2f:eb:c1:2b:
5a:ae:0c:5f:08:0f:4d:70:2a:92:5b:31:4a:8e:e6:
93:9f:ad:32:60:83:bd:43:de:66:10:b9:1a:51:10:
cd:31:75:17:c4:9d:08:ce:1c:7f:c4:c2:30:9e:8f:
75:37:5a:78:a7:2c:16:6f:8d:9c:36:78:c7:35:84:
e6:bc:f2:ce:27:ca:c8:d4:af:53:1b:12:ab:8f:a1:
9d:9f:f0:fc:d8:4f:9f:ba:93:b4:c3:ee:96:7b:08:
c7:58:a4:7e:28:60:c5:2d:5d:e1:b5:04:1f:f1:de:
d3:29:87:5d:7e:b0:62:24:fc:4c:3c:b0:ee:c2:63:
52:51:29:00:86:53:d2:18:54:30:22:c2:2f:53:18:
78:8e:94:d4:8c:21:6e:b8:cf:b2:20:3f:0f:d1:8d:
d4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:15:33:B0:A0:CF:36:95:73:C9:0B:BC:A7:A7:1B:E5:53:45:0A:62
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MxUzsKDPNpVzyQu8p6cb5VNFCmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.35.0/24
93.170.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f0:2e:18:11:b9:91:5e:3f:9d:e8:94:10:75:e5:0f:ce:8b:
c0:69:65:ed:54:3d:ea:97:f6:d4:b7:1e:26:73:42:1a:2f:bb:
88:37:7c:ac:bb:80:ba:b0:f5:2b:1b:40:78:55:e2:5b:03:16:
a1:e3:6f:d0:c7:96:94:e2:63:14:d5:b3:22:a0:3e:03:72:c3:
ee:c6:4c:da:1b:c9:1f:7c:4f:46:e9:6d:32:bc:e7:d6:4a:75:
ab:35:91:69:3f:cf:18:a1:b7:36:e5:11:40:0f:f5:cb:8b:c8:
aa:60:d6:37:32:ed:d3:e0:f7:0f:6d:e7:50:ae:de:49:0a:d8:
3e:c1:6b:7d:43:31:14:30:8a:4c:d3:49:39:0d:cb:97:13:18:
7b:d7:f2:54:6b:be:70:60:cb:67:73:19:fe:31:c8:be:35:30:
a3:5e:6b:52:b5:39:7a:d6:db:74:95:fd:70:3f:c7:f4:2a:20:
c5:c6:6d:a2:76:b2:4d:dd:db:76:b2:d8:77:b1:d4:7b:9c:71:
70:f6:23:44:07:5a:71:16:37:5c:13:58:d7:77:da:ba:9b:64:
ec:c6:8c:ac:06:3d:77:9c:12:a8:4c:e5:75:7b:a6:f7:7f:fd:
d3:ed:d7:c5:c4:32:53:30:b4:c5:02:dc:95:94:6c:46:30:23:
a4:f4:b8:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUR9M0zwNZuKUKxY8+iRZZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIxMjE0MTg0NTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE1MzNiMGEwY2YzNjk1NzNjOTBiYmNhN2E3MWJlNTUzNDUwYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD9MKeODDn+hkMFEyADVPFhcU+rF
gkQF2B6IqvssVgcg9qAMO+clSGW7x3ssGln1hhD53YRnwBRgrq+Z/Uv7A7r3L9WG
sHqmrmhtxDltuIR3URL95KgIHirW1mDjgqrENT/lti/rwStargxfCA9NcCqSWzFK
juaTn60yYIO9Q95mELkaURDNMXUXxJ0Izhx/xMIwno91N1p4pywWb42cNnjHNYTm
vPLOJ8rI1K9TGxKrj6Gdn/D82E+fupO0w+6WewjHWKR+KGDFLV3htQQf8d7TKYdd
frBiJPxMPLDuwmNSUSkAhlPSGFQwIsIvUxh4jpTUjCFuuM+yID8P0Y3UxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMVM7CgzzaVc8kLvKenG+VTRQpiMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTXhVenNLRFBOcFZ6eVF1OHA2Y2I1Vk5GQ21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXCYjAwQA
XaoYMA0GCSqGSIb3DQEBCwUAA4IBAQCx8C4YEbmRXj+d6JQQdeUPzovAaWXtVD3q
l/bUtx4mc0IaL7uIN3ysu4C6sPUrG0B4VeJbAxah42/Qx5aU4mMU1bMioD4DcsPu
xkzaG8kffE9G6W0yvOfWSnWrNZFpP88Yobc25RFAD/XLi8iqYNY3Mu3T4PcPbedQ
rt5JCtg+wWt9QzEUMIpM00k5DcuXExh71/JUa75wYMtncxn+Mci+NTCjXmtStTl6
1tt0lf1wP8f0KiDFxm2idrJN3dt2sth3sdR7nHFw9iNEB1pxFjdcE1jXd9q6m2Ts
xoysBj13nBKoTOV1e6b3f/3T7dfFxDJTMLTFAtyVlGxGMCOk9Lid
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:38:54 2025 by rpki-client