Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/MtC1eoXVPO0pJZgzlwIPTVL2hVU.roa
File: MtC1eoXVPO0pJZgzlwIPTVL2hVU.roa (raw, json)
Hash identifier: l7gHwgNz1OTcfwaVlQMRQcp2ySZpTwkUfFUWZrVvIb4=
Subject key identifier: 32:D0:B5:7A:85:D5:3C:ED:29:25:98:33:97:02:0F:4D:52:F6:85:55
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 327736E9
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/MtC1eoXVPO0pJZgzlwIPTVL2hVU.roa
Signing time: Sat 01 Jan 2022 09:53:31 +0000
ROA not before: Sat 01 Jan 2022 09:53:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200520
IP address blocks: 193.17.96.0/21 maxlen: 30
2a03:35c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 846673641 (0x327736e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 1 09:53:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32d0b57a85d53ced2925983397020f4d52f68555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:41:31:d6:d0:d9:89:b0:23:73:33:6f:59:78:
c7:af:65:83:06:90:f6:2b:0e:7f:41:67:21:07:ed:
c7:50:8d:58:f3:92:c3:1e:dd:c9:77:39:07:f2:63:
0d:99:bf:51:02:66:21:dc:4c:58:59:9f:85:8d:4d:
72:4c:30:c6:28:70:a2:da:fc:a2:61:9a:eb:f0:7f:
4d:e0:a9:42:fb:68:81:3f:aa:2f:65:7b:62:35:2e:
16:a6:d5:69:b1:b8:d0:68:bf:a4:54:0c:7d:ec:1c:
24:2d:6b:9d:f0:3d:f6:96:17:61:53:75:b2:07:62:
46:fe:b9:f1:fe:15:25:64:85:4a:1e:b9:b6:8b:fe:
92:8b:a8:a1:e7:95:81:70:79:96:8f:42:cb:77:c5:
e6:b0:6d:88:85:c9:5e:75:29:15:c2:1b:6b:0f:22:
61:4b:13:40:46:2c:83:26:67:ff:a2:0e:20:3d:7a:
88:3c:89:07:fa:9e:50:a9:f9:4c:e6:70:4f:ff:a2:
3b:b1:f6:ae:cb:f4:d9:ca:29:ae:d4:e1:bf:49:d9:
62:2d:a7:93:12:83:2f:d6:d7:f5:2e:71:f0:64:d2:
58:a7:11:03:49:d5:87:55:1b:2a:f3:b2:3f:a7:d5:
3d:7c:45:01:d8:bf:0a:b4:b5:7c:99:a2:d4:cb:bc:
53:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D0:B5:7A:85:D5:3C:ED:29:25:98:33:97:02:0F:4D:52:F6:85:55
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/MtC1eoXVPO0pJZgzlwIPTVL2hVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/21
IPv6:
2a03:35c0::/32
Signature Algorithm: sha256WithRSAEncryption
d6:65:31:27:1d:45:1a:fd:44:18:06:dd:a6:f5:e2:f6:9c:fd:
46:34:ef:f7:20:18:06:14:99:2b:04:57:38:de:9f:12:a2:35:
cb:74:fa:16:4e:b4:d8:e5:5b:bd:21:14:d9:7e:3a:83:e4:54:
18:2c:af:49:a9:b7:17:98:32:03:50:0c:df:48:4d:83:0a:a6:
cf:6b:4a:14:29:ef:09:33:c2:a7:1c:17:7e:75:04:7f:43:5d:
4b:88:2b:36:98:a4:ae:7a:80:97:42:f9:a6:4b:5a:33:8a:e3:
b7:d8:a4:d2:34:90:95:84:06:44:38:ce:f0:6f:d9:aa:f9:59:
f4:e7:09:2d:92:6a:79:f1:b5:16:2d:1e:3e:09:1a:93:d4:00:
28:48:64:f8:87:10:e4:0d:7a:8e:b8:6a:aa:86:9a:e8:fa:a5:
c4:8a:66:bf:74:4e:ac:9f:13:5a:a7:59:a7:a3:a5:ed:7f:cb:
e8:36:3c:fd:fa:c6:cd:9a:a9:40:62:ab:e4:3f:c1:1b:21:aa:
25:ff:b2:da:18:97:59:c2:6e:d5:8e:fd:eb:df:ae:2f:da:86:
e0:3c:21:45:0a:55:d1:d9:65:53:7b:5d:3c:61:7d:cd:a8:6d:
53:c8:bb:b2:a5:42:67:aa:c8:e6:7a:be:68:33:29:5b:3e:39:
7e:3b:01:54
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEMnc26TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTIwYTBjZTAxM2UyZDUyYTZmZjM1NGEyNzA4OTRiYjk5OGU0NTQ3MB4XDTIyMDEw
MTA5NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJkMGI1N2E4NWQ1
M2NlZDI5MjU5ODMzOTcwMjBmNGQ1MmY2ODU1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhBMdbQ2YmwI3Mzb1l4x69lgwaQ9isOf0FnIQftx1CNWPOS
wx7dyXc5B/JjDZm/UQJmIdxMWFmfhY1Nckwwxihwotr8omGa6/B/TeCpQvtogT+q
L2V7YjUuFqbVabG40Gi/pFQMfewcJC1rnfA99pYXYVN1sgdiRv658f4VJWSFSh65
tov+kouooeeVgXB5lo9Cy3fF5rBtiIXJXnUpFcIbaw8iYUsTQEYsgyZn/6IOID16
iDyJB/qeUKn5TOZwT/+iO7H2rsv02coprtThv0nZYi2nkxKDL9bX9S5x8GTSWKcR
A0nVh1UbKvOyP6fVPXxFAdi/CrS1fJmi1Mu8U3cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQy0LV6hdU87SklmDOXAg9NUvaFVTAfBgNVHSMEGDAWgBQRIKDOAT4tUqb/
NUonCJS7mY5FRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VTQ2d6Z0UtTFZLbV96VktKd2lVdTVtT1JVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNDIxNDk4LTI4ZDMtNDM3Ni1iNjI1LTMxYWYzZTI5NDY3MS8x
L010QzFlb1hWUE8wcEpaZ3psd0lQVFZMMmhWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NDIxNDk4LTI4ZDMtNDM3Ni1iNjI1LTMxYWYzZTI5NDY3MS8xL0VTQ2d6Z0UtTFZL
bV96VktKd2lVdTVtT1JVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA8ERYDANBAIAAjAHAwUAKgM1wDAN
BgkqhkiG9w0BAQsFAAOCAQEA1mUxJx1FGv1EGAbdpvXi9pz9RjTv9yAYBhSZKwRX
ON6fEqI1y3T6Fk602OVbvSEU2X46g+RUGCyvSam3F5gyA1AM30hNgwqmz2tKFCnv
CTPCpxwXfnUEf0NdS4grNpikrnqAl0L5pktaM4rjt9ik0jSQlYQGRDjO8G/ZqvlZ
9OcJLZJqefG1Fi0ePgkak9QAKEhk+IcQ5A16jrhqqoaa6PqlxIpmv3ROrJ8TWqdZ
p6Ol7X/L6DY8/frGzZqpQGKr5D/BGyGqJf+y2hiXWcJu1Y7969+uL9qG4DwhRQpV
0dllU3tdPGF9zahtU8i7sqVCZ6rI5nq+aDMpWz45fjsBVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org