Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1759da-c66e-43c8-881d-6db090214035/1/MRQUsVvSnq468L2gsCviNQRTFzs.roa
File: MRQUsVvSnq468L2gsCviNQRTFzs.roa (raw, json)
Hash identifier: 7vvIMZcD+4iAj8cGEaDAVlj/JNI7hKfxoShzMfeqQwM=
Subject key identifier: 31:14:14:B1:5B:D2:9E:AE:3A:F0:BD:A0:B0:2B:E2:35:04:53:17:3B
Certificate issuer: /CN=de9f2a927378bd1455da8bdf85bb1ab867e1f528
Certificate serial: 0A026D3D
Authority key identifier: DE:9F:2A:92:73:78:BD:14:55:DA:8B:DF:85:BB:1A:B8:67:E1:F5:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3p8qknN4vRRV2ovfhbsauGfh9Sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1759da-c66e-43c8-881d-6db090214035/1/MRQUsVvSnq468L2gsCviNQRTFzs.roa
Signing time: Sat 01 Jan 2022 05:02:00 +0000
ROA not before: Sat 01 Jan 2022 05:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209122
IP address blocks: 194.35.104.0/23 maxlen: 23
194.35.104.0/22 maxlen: 22
194.35.106.0/23 maxlen: 23
2a0d:f8c0:20::/43 maxlen: 43
2a0d:f8c0::/43 maxlen: 43
2a0d:f8c0::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167931197 (0xa026d3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9f2a927378bd1455da8bdf85bb1ab867e1f528
Validity
Not Before: Jan 1 05:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=311414b15bd29eae3af0bda0b02be2350453173b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:06:46:07:e6:1c:53:f0:40:86:21:32:39:97:
59:93:cf:c8:03:26:c6:03:bf:63:ce:a5:8f:c3:f4:
70:2a:27:46:a7:8d:b5:dc:18:b4:a9:a3:0b:61:ec:
61:c4:7d:ce:d2:c7:13:1c:37:69:b7:df:b4:59:e2:
ac:1b:5b:01:55:40:65:56:51:07:cd:74:ea:2f:3e:
3d:39:a3:03:b9:f5:da:8b:c5:7d:c0:fc:72:3d:58:
44:1c:ba:c5:62:04:34:cc:91:ad:b1:93:b8:4d:17:
06:ec:98:66:5f:2e:f0:ba:cb:fd:a8:11:95:61:34:
34:30:f9:29:31:ba:8d:f5:dd:d4:32:c3:1a:7e:10:
f5:e7:83:be:b9:54:0a:62:31:13:fc:69:59:f1:a4:
db:21:07:8e:6f:6f:a8:53:dc:18:fd:4f:3e:3e:bc:
eb:ae:d6:ae:3d:31:f2:79:a8:0b:cb:a9:87:02:df:
db:ef:02:00:76:5b:59:20:fc:83:82:70:15:f3:c4:
d8:c1:b3:b9:7e:39:04:95:23:b7:9e:cb:b0:36:3f:
39:cc:0f:78:1e:71:66:84:1f:d6:f9:30:ca:06:de:
52:e0:01:4c:2e:33:87:ba:77:cb:4c:58:31:a4:a4:
04:9d:3e:66:95:69:ac:38:23:4d:e5:68:d4:57:8a:
1d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:14:14:B1:5B:D2:9E:AE:3A:F0:BD:A0:B0:2B:E2:35:04:53:17:3B
X509v3 Authority Key Identifier:
keyid:DE:9F:2A:92:73:78:BD:14:55:DA:8B:DF:85:BB:1A:B8:67:E1:F5:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3p8qknN4vRRV2ovfhbsauGfh9Sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1759da-c66e-43c8-881d-6db090214035/1/MRQUsVvSnq468L2gsCviNQRTFzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1759da-c66e-43c8-881d-6db090214035/1/3p8qknN4vRRV2ovfhbsauGfh9Sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.104.0/22
IPv6:
2a0d:f8c0::/42
Signature Algorithm: sha256WithRSAEncryption
13:55:86:c2:72:fe:62:04:16:0e:cc:11:73:46:0c:21:2d:0e:
12:6c:01:bf:fc:99:fb:d2:51:6a:f5:99:6f:e4:23:7e:ae:a2:
3d:09:a0:df:15:e4:7c:fc:22:18:41:de:f8:1a:4f:cc:5f:0a:
48:2e:db:ac:66:f1:36:9c:22:a3:96:4c:88:e5:2c:65:19:fa:
a8:cb:bc:fb:49:56:81:b3:af:1c:49:2c:e7:3d:42:27:ea:83:
00:59:69:af:fe:09:ad:52:cf:7d:db:2a:1c:ab:29:e7:49:3b:
a8:33:73:65:50:f0:d2:74:ea:02:09:fd:13:1f:79:74:e1:de:
28:81:de:14:08:58:53:36:9a:2f:b0:25:e1:13:57:b1:53:4b:
c9:0d:c3:a0:cd:b5:55:84:29:39:0b:25:5b:14:82:54:19:7a:
3d:dd:e7:f2:b2:fd:7d:02:d6:2d:4b:80:76:fb:70:70:7b:c0:
07:e6:8f:71:1e:c5:29:32:ee:65:64:97:a6:6a:78:fd:1c:27:
e8:b7:c1:99:fe:7e:cb:89:48:31:d7:ea:e6:25:f2:70:9d:8d:
44:a1:18:5f:21:b8:b7:ed:2e:f2:8c:d2:d0:aa:f5:e1:08:5d:
cd:3d:34:9c:88:7b:c1:aa:20:2a:13:00:60:07:01:f8:52:0f:
ad:98:75:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECgJtPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTlmMmE5MjczNzhiZDE0NTVkYThiZGY4NWJiMWFiODY3ZTFmNTI4MB4XDTIyMDEw
MTA1MDIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzExNDE0YjE1YmQy
OWVhZTNhZjBiZGEwYjAyYmUyMzUwNDUzMTczYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsGRgfmHFPwQIYhMjmXWZPPyAMmxgO/Y86lj8P0cConRqeN
tdwYtKmjC2HsYcR9ztLHExw3abfftFnirBtbAVVAZVZRB8106i8+PTmjA7n12ovF
fcD8cj1YRBy6xWIENMyRrbGTuE0XBuyYZl8u8LrL/agRlWE0NDD5KTG6jfXd1DLD
Gn4Q9eeDvrlUCmIxE/xpWfGk2yEHjm9vqFPcGP1PPj68667Wrj0x8nmoC8uphwLf
2+8CAHZbWSD8g4JwFfPE2MGzuX45BJUjt57LsDY/OcwPeB5xZoQf1vkwygbeUuAB
TC4zh7p3y0xYMaSkBJ0+ZpVprDgjTeVo1FeKHQcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQxFBSxW9KerjrwvaCwK+I1BFMXOzAfBgNVHSMEGDAWgBTenyqSc3i9FFXa
i9+Fuxq4Z+H1KDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNwOHFrbk40dlJSVjJvdmZoYnNhdUdmaDlTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvMTc1OWRhLWM2NmUtNDNjOC04ODFkLTZkYjA5MDIxNDAzNS8x
L01SUVVzVnZTbnE0NjhMMmdzQ3ZpTlFSVEZ6cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
MTc1OWRhLWM2NmUtNDNjOC04ODFkLTZkYjA5MDIxNDAzNS8xLzNwOHFrbk40dlJS
VjJvdmZoYnNhdUdmaDlTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsIjaDAPBAIAAjAJAwcGKg34wAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQATVYbCcv5iBBYOzBFzRgwhLQ4SbAG//Jn70lFq
9Zlv5CN+rqI9CaDfFeR8/CIYQd74Gk/MXwpILtusZvE2nCKjlkyI5SxlGfqoy7z7
SVaBs68cSSznPUIn6oMAWWmv/gmtUs992yocqynnSTuoM3NlUPDSdOoCCf0TH3l0
4d4ogd4UCFhTNpovsCXhE1exU0vJDcOgzbVVhCk5CyVbFIJUGXo93efysv19AtYt
S4B2+3Bwe8AH5o9xHsUpMu5lZJemanj9HCfot8GZ/n7LiUgx1+rmJfJwnY1EoRhf
Ibi37S7yjNLQqvXhCF3NPTSciHvBqiAqEwBgBwH4Ug+tmHUh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:59 2025 by rpki-client