Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/MtXaDha4J_JLBU0WagCHhT6aqs0.roa
File: MtXaDha4J_JLBU0WagCHhT6aqs0.roa (raw, json)
Hash identifier: I4sM9Yhsyk7UKXsuDha75jMK+nWAVUZU9kAH3wde79M=
Subject key identifier: 32:D5:DA:0E:16:B8:27:F2:4B:05:4D:16:6A:00:87:85:3E:9A:AA:CD
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 018C0803E2B4756D9EF5438905556FD65AA2
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/MtXaDha4J_JLBU0WagCHhT6aqs0.roa
Signing time: Sat 25 Nov 2023 19:45:21 +0000
ROA not before: Sat 25 Nov 2023 19:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.83.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.85.83.0/25 maxlen: 25
91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
93.179.94.0/24 maxlen: 24
93.179.93.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
93.179.69.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.66.0/24 maxlen: 24
95.181.213.0/24 maxlen: 24
95.181.212.0/23 maxlen: 23
2a04:8681::/32 maxlen: 32
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:08:03:e2:b4:75:6d:9e:f5:43:89:05:55:6f:d6:5a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Nov 25 19:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32d5da0e16b827f24b054d166a0087853e9aaacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ca:c0:32:9f:c8:08:43:e7:cd:71:e1:39:68:
fb:9e:9e:ae:48:17:a4:ab:63:9a:27:15:e1:b7:a6:
e3:4a:dd:3a:85:32:1d:1b:cf:8d:1a:1e:78:92:b8:
e8:1e:40:03:23:fd:39:e6:00:66:f4:64:15:ec:1b:
46:70:c9:01:02:6c:e7:72:ab:e3:d7:d3:be:dc:76:
8c:49:8b:b7:5f:b0:d2:c7:26:49:88:2d:c3:68:76:
0f:ea:7c:7b:0d:13:90:26:f0:26:68:59:b8:9e:39:
aa:68:39:b1:e0:d5:e0:65:8c:52:9a:e0:cf:be:91:
17:e8:86:79:4f:92:ce:0f:53:9a:75:7f:12:9a:2d:
83:bb:2d:c8:4e:f2:38:6a:c2:eb:06:68:56:9f:a2:
de:ea:f7:d6:ae:32:e8:89:85:82:bc:7b:16:92:0b:
c5:6f:0f:06:ab:87:56:15:3a:c6:0d:3b:b9:33:6c:
7f:32:b6:23:9b:be:ab:6d:c3:cc:d0:cc:f2:16:bb:
43:56:b2:91:04:83:3d:af:61:2f:19:73:f9:ec:07:
f6:ce:dd:37:d6:ba:6f:cb:5a:df:88:53:a7:0e:90:
ea:c3:d8:ed:50:e4:2f:8e:b1:ac:55:4a:5a:c9:4e:
8a:6e:2f:5e:2e:f0:6e:ff:23:47:fb:c1:5a:60:41:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D5:DA:0E:16:B8:27:F2:4B:05:4D:16:6A:00:87:85:3E:9A:AA:CD
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/MtXaDha4J_JLBU0WagCHhT6aqs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.66.0/24
93.179.68.0/23
93.179.93.0-93.179.94.255
93.179.120.0/23
95.85.83.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:a9:d4:1d:93:07:92:0e:3e:e1:bd:03:47:62:8f:0e:94:94:
83:58:9b:b0:0f:eb:cf:b7:85:7b:ae:3b:8f:ab:b7:8d:c8:e5:
da:95:ae:c5:06:b7:94:05:27:67:9d:af:c3:aa:01:2c:b4:3a:
a2:86:a5:23:3f:82:b7:6e:4a:8a:6d:c9:f8:37:1f:db:13:fd:
9c:d2:80:7c:d8:fe:8e:ee:20:a8:51:c7:36:7c:39:3b:d4:aa:
c3:76:11:93:88:06:c3:92:09:e5:6d:9a:a3:db:2d:a8:93:a0:
bc:3c:03:a3:83:bc:60:5f:3a:3d:aa:07:9b:2c:b3:98:9c:ab:
f1:7f:90:cd:df:27:da:6f:5e:5b:5a:9e:ef:67:ee:b4:8f:2a:
7e:f5:20:01:f6:24:a2:49:72:f5:13:3e:d0:41:89:5c:a8:d3:
c9:f8:56:d6:6e:40:55:f4:bc:79:49:9c:ab:56:47:24:10:44:
a1:e7:a5:a7:3d:7e:db:62:0c:33:e8:20:76:7d:37:f9:58:40:
e7:1b:46:68:59:33:88:b7:7f:29:de:87:d5:9f:d3:23:cd:03:
a6:8c:4d:97:fc:25:13:72:2a:d7:04:ee:34:12:8c:9b:4a:8a:
36:ce:d1:88:3d:c7:b9:e2:20:c5:f1:6d:33:b0:6a:7f:b1:4d:
8c:8f:58:26
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYwIA+K0dW2e9UOJBVVv1lqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMxMTI1MTk0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ1ZGEwZTE2YjgyN2YyNGIwNTRkMTY2YTAwODc4NTNlOWFhYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMrAMp/ICEPnzXHhOWj7np6uSBek
q2OaJxXht6bjSt06hTIdG8+NGh54krjoHkADI/055gBm9GQV7BtGcMkBAmzncqvj
19O+3HaMSYu3X7DSxyZJiC3DaHYP6nx7DROQJvAmaFm4njmqaDmx4NXgZYxSmuDP
vpEX6IZ5T5LOD1OadX8Smi2Duy3ITvI4asLrBmhWn6Le6vfWrjLoiYWCvHsWkgvF
bw8Gq4dWFTrGDTu5M2x/MrYjm76rbcPM0MzyFrtDVrKRBIM9r2EvGXP57Af2zt03
1rpvy1rfiFOnDpDqw9jtUOQvjrGsVUpayU6Kbi9eLvBu/yNH+8FaYEGkNQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDLV2g4WuCfySwVNFmoAh4U+mqrNMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvTXRYYURoYTRKX0pMQlUwV2FnQ0hoVDZhcXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8SIAwQA
XbNCAwQBXbNEMAwDBABds10DBABds14DBAFds3gDBABfVVMDBAFftdQDBABtxIUD
BADDtggwFAQCAAIwDgMFASoEhoADBQAqCdXAMA0GCSqGSIb3DQEBCwUAA4IBAQCK
qdQdkweSDj7hvQNHYo8OlJSDWJuwD+vPt4V7rjuPq7eNyOXala7FBreUBSdnna/D
qgEstDqihqUjP4K3bkqKbcn4Nx/bE/2c0oB82P6O7iCoUcc2fDk71KrDdhGTiAbD
kgnlbZqj2y2ok6C8PAOjg7xgXzo9qgebLLOYnKvxf5DN3yfab15bWp7vZ+60jyp+
9SAB9iSiSXL1Ez7QQYlcqNPJ+FbWbkBV9Lx5SZyrVkckEESh56WnPX7bYgwz6CB2
fTf5WEDnG0ZoWTOIt38p3ofVn9MjzQOmjE2X/CUTcirXBO40EoybSoo2ztGIPce5
4iDF8W0zsGp/sU2Mj1gm
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:34:18 2025 by rpki-client