Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/MV231-CZDbhCdWQpTj-6Q085XH8.roa
File: MV231-CZDbhCdWQpTj-6Q085XH8.roa (raw, json)
Hash identifier: 7rFSI4oeilWiJ4DaHTVR2bNrllcUmosvP+hpsMKuBXY=
Subject key identifier: 31:5D:B7:D7:E0:99:0D:B8:42:75:64:29:4E:3F:BA:43:4F:39:5C:7F
Certificate issuer: /CN=6c1ce5315a43d5661cdcdcc1b9d7daacfa6990f7
Certificate serial: 0185723A14CA4B6991483E2C1855DFD99209
Authority key identifier: 6C:1C:E5:31:5A:43:D5:66:1C:DC:DC:C1:B9:D7:DA:AC:FA:69:90:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bBzlMVpD1WYc3NzBudfarPppkPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/MV231-CZDbhCdWQpTj-6Q085XH8.roa
Signing time: Mon 02 Jan 2023 11:24:47 +0000
ROA not before: Mon 02 Jan 2023 11:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198551
IP address blocks: 185.200.145.0/24 maxlen: 24
185.200.144.0/22 maxlen: 22
185.200.144.0/24 maxlen: 24
185.200.147.0/24 maxlen: 24
185.200.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:14:ca:4b:69:91:48:3e:2c:18:55:df:d9:92:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c1ce5315a43d5661cdcdcc1b9d7daacfa6990f7
Validity
Not Before: Jan 2 11:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=315db7d7e0990db8427564294e3fba434f395c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c9:46:f1:93:74:f4:e8:c7:d5:df:8b:63:d3:
09:ad:2c:8b:0b:a8:f9:00:91:57:1b:88:4f:df:51:
39:55:83:7e:bc:b0:09:f2:cd:1d:9f:bb:3d:3e:44:
14:40:f1:32:32:46:08:c8:a9:97:da:e4:b7:0b:62:
36:0f:97:ec:f7:55:45:2c:23:bf:34:55:73:54:9f:
04:a5:27:c1:0d:83:e3:3a:81:be:a8:6e:05:d7:64:
6e:70:a4:03:b4:14:e8:28:d9:0b:00:f2:6d:69:ec:
32:53:9a:99:ef:dc:b2:b7:ec:ae:bf:cf:bf:5d:04:
e9:f6:9a:0d:7a:33:75:37:14:1b:fb:5f:8c:a1:93:
5a:21:66:e9:6d:c5:f2:d2:0a:3a:2e:f7:db:1e:4d:
0d:88:19:87:cb:a2:5b:5e:d8:4c:bc:e5:5f:7a:3b:
4f:22:cc:8f:6d:c2:6b:96:d8:d7:48:dc:d4:d2:9c:
23:c5:22:b0:05:53:37:f2:84:93:ba:ba:82:63:30:
1e:45:d6:58:9a:d9:90:55:59:a6:53:56:26:ad:57:
6c:78:df:7d:2d:c6:8c:64:20:88:d6:4a:13:c2:20:
d1:8f:b7:e6:5c:6a:0d:5b:7d:9f:f2:98:c7:e5:cb:
ff:50:82:de:0f:f3:10:c5:ec:6e:92:3a:cd:76:b6:
e6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5D:B7:D7:E0:99:0D:B8:42:75:64:29:4E:3F:BA:43:4F:39:5C:7F
X509v3 Authority Key Identifier:
keyid:6C:1C:E5:31:5A:43:D5:66:1C:DC:DC:C1:B9:D7:DA:AC:FA:69:90:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBzlMVpD1WYc3NzBudfarPppkPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/MV231-CZDbhCdWQpTj-6Q085XH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/bBzlMVpD1WYc3NzBudfarPppkPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.144.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:f2:6b:66:41:c8:bd:b5:61:3d:28:de:1a:96:58:41:8e:d8:
0f:40:c8:79:8e:ce:82:7f:c9:78:6a:88:4e:cb:26:1b:9d:e6:
eb:a1:76:f5:03:4a:58:58:5c:1c:97:e9:40:6e:4d:b5:63:03:
b3:0c:bf:2b:76:8b:75:3a:fd:da:58:81:1b:ac:ca:af:ee:2e:
6d:b2:5b:a6:50:c8:96:17:aa:99:d1:11:25:46:d2:ff:42:0c:
7f:60:d6:88:1e:9c:d0:2f:1c:ff:7b:ca:d0:9d:be:43:43:94:
e1:82:f9:21:70:6f:df:a2:b4:e5:1d:2b:ad:d2:f8:1b:c0:ae:
0a:2c:dc:81:6a:25:f7:66:b3:48:e8:78:c8:9c:29:52:86:4b:
da:0e:68:fc:25:34:63:24:f6:54:cb:51:39:e2:33:af:db:5d:
81:b3:a7:4d:db:96:00:fb:6e:ef:c8:20:5b:1e:29:9a:b6:09:
cf:c4:67:e4:2d:5f:9c:13:3c:c0:8d:c7:ea:1b:ba:e2:56:ce:
9b:86:c6:0f:a1:6e:79:39:3a:ed:ca:fd:3c:54:98:80:41:ea:
c5:1a:5f:1c:64:01:e5:4e:c1:fd:86:b6:26:3c:4f:ee:43:b1:
ac:f1:6a:14:09:6e:81:52:37:76:bf:4e:01:b8:08:3e:62:25:
98:6e:01:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOhTKS2mRSD4sGFXf2ZIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMWNlNTMxNWE0M2Q1NjYxY2RjZGNjMWI5ZDdkYWFjZmE2
OTkwZjcwHhcNMjMwMTAyMTEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTVkYjdkN2UwOTkwZGI4NDI3NTY0Mjk0ZTNmYmE0MzRmMzk1YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6clG8ZN09OjH1d+LY9MJrSyLC6j5
AJFXG4hP31E5VYN+vLAJ8s0dn7s9PkQUQPEyMkYIyKmX2uS3C2I2D5fs91VFLCO/
NFVzVJ8EpSfBDYPjOoG+qG4F12RucKQDtBToKNkLAPJtaewyU5qZ79yyt+yuv8+/
XQTp9poNejN1NxQb+1+MoZNaIWbpbcXy0go6LvfbHk0NiBmHy6JbXthMvOVfejtP
IsyPbcJrltjXSNzU0pwjxSKwBVM38oSTurqCYzAeRdZYmtmQVVmmU1YmrVdseN99
LcaMZCCI1koTwiDRj7fmXGoNW32f8pjH5cv/UILeD/MQxexukjrNdrbmAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFdt9fgmQ24QnVkKU4/ukNPOVx/MB8GA1UdIwQY
MBaAFGwc5TFaQ9VmHNzcwbnX2qz6aZD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJ6bE1WcEQxV1ljM056QnVkZmFyUHBwa1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iYjUyMGMtY2QwZC00OGQ4LTk2YTgt
MGZiZTdiZDc2ZmZiLzEvTVYyMzEtQ1pEYmhDZFdRcFRqLTZRMDg1WEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iYjUyMGMtY2QwZC00OGQ4LTk2YTgtMGZiZTdiZDc2ZmZi
LzEvYkJ6bE1WcEQxV1ljM056QnVkZmFyUHBwa1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuciQMA0G
CSqGSIb3DQEBCwUAA4IBAQDN8mtmQci9tWE9KN4allhBjtgPQMh5js6Cf8l4aohO
yyYbnebroXb1A0pYWFwcl+lAbk21YwOzDL8rdot1Ov3aWIEbrMqv7i5tslumUMiW
F6qZ0RElRtL/Qgx/YNaIHpzQLxz/e8rQnb5DQ5ThgvkhcG/forTlHSut0vgbwK4K
LNyBaiX3ZrNI6HjInClShkvaDmj8JTRjJPZUy1E54jOv212Bs6dN25YA+27vyCBb
HimatgnPxGfkLV+cEzzAjcfqG7riVs6bhsYPoW55OTrtyv08VJiAQerFGl8cZAHl
TsH9hrYmPE/uQ7Gs8WoUCW6BUjd2v04BuAg+YiWYbgGb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:56 2025 by rpki-client