Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/MWN9c6oOvLcLDF0h5VEQX5ffvcE.roa
File: MWN9c6oOvLcLDF0h5VEQX5ffvcE.roa (raw, json)
Hash identifier: LrBoRd7H0/hrRD9Y/bBXlMm2LKg2NVW4uWQJIgIV8lk=
Subject key identifier: 31:63:7D:73:AA:0E:BC:B7:0B:0C:5D:21:E5:51:10:5F:97:DF:BD:C1
Certificate issuer: /CN=f65419e3700a36ba2b03906c9f8f4d2dfd848070
Certificate serial: 0187C8500A3BA2A96DE4457073434998982A
Authority key identifier: F6:54:19:E3:70:0A:36:BA:2B:03:90:6C:9F:8F:4D:2D:FD:84:80:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9lQZ43AKNrorA5Bsn49NLf2EgHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/MWN9c6oOvLcLDF0h5VEQX5ffvcE.roa
Signing time: Fri 28 Apr 2023 14:41:41 +0000
ROA not before: Fri 28 Apr 2023 14:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206078
IP address blocks: 185.180.34.0/24 maxlen: 24
185.180.34.0/23 maxlen: 23
185.180.33.0/24 maxlen: 24
185.180.32.0/23 maxlen: 23
185.180.32.0/24 maxlen: 24
185.180.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c8:50:0a:3b:a2:a9:6d:e4:45:70:73:43:49:98:98:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f65419e3700a36ba2b03906c9f8f4d2dfd848070
Validity
Not Before: Apr 28 14:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31637d73aa0ebcb70b0c5d21e551105f97dfbdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b9:74:53:fa:ed:b5:65:84:51:f9:32:d4:fd:
ce:62:3a:38:c1:55:48:ed:ca:86:0a:e5:34:d6:03:
6c:f5:c3:0d:be:dc:cf:98:09:c9:2d:99:e4:67:d1:
38:b6:60:b2:cb:18:34:e1:3f:f8:e2:32:fe:9c:72:
fc:70:4e:0a:00:ed:10:2c:da:84:65:c7:63:d5:90:
cc:1f:7d:7e:77:de:65:67:cc:47:c5:43:40:85:11:
62:fa:ad:b5:9d:08:47:95:46:7f:38:13:f7:d7:00:
26:0f:28:65:e3:35:19:53:cc:75:05:6c:91:c5:cc:
1b:cf:71:d5:50:6a:49:97:d0:1c:60:ca:15:30:12:
eb:f0:54:02:1a:e6:dd:33:5b:53:11:1a:b2:be:0c:
68:3f:fe:c0:69:c0:01:90:87:f0:0d:ca:66:31:76:
9d:b4:76:00:76:92:18:e1:0a:c0:75:90:32:92:75:
e5:28:18:0a:0c:33:a9:6c:53:c4:53:d2:98:f9:03:
cb:c6:90:a6:81:07:e4:50:de:f6:c2:20:46:7c:ba:
d7:fd:56:01:ff:ad:15:3f:32:c8:76:ef:63:54:35:
aa:ae:1d:76:f2:36:d1:85:d3:0f:26:68:8c:5d:a5:
f6:d0:92:04:c4:fc:fe:c3:92:3c:f9:45:e0:9c:20:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:63:7D:73:AA:0E:BC:B7:0B:0C:5D:21:E5:51:10:5F:97:DF:BD:C1
X509v3 Authority Key Identifier:
keyid:F6:54:19:E3:70:0A:36:BA:2B:03:90:6C:9F:8F:4D:2D:FD:84:80:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lQZ43AKNrorA5Bsn49NLf2EgHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/MWN9c6oOvLcLDF0h5VEQX5ffvcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/9lQZ43AKNrorA5Bsn49NLf2EgHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.32.0/22
Signature Algorithm: sha256WithRSAEncryption
03:1c:8e:bf:a6:c5:4c:78:7e:0e:7d:91:a3:9a:49:a1:8b:50:
c1:b8:23:c5:9b:3e:d1:8f:c2:9b:e9:30:b8:6e:90:8f:15:8d:
9d:29:3a:71:69:10:b1:fa:1f:11:1c:ff:d9:34:48:34:57:34:
bd:84:2f:71:6d:68:2c:83:40:2e:20:59:1d:fc:8b:06:b8:53:
29:37:d3:ae:ed:ae:0c:57:38:c6:69:69:d5:91:cc:79:44:56:
8f:41:ac:41:19:d9:8c:5b:25:d6:e4:d2:99:df:51:ca:67:a4:
7e:e3:9b:86:4c:96:03:bc:1a:1d:68:36:8d:3a:d4:b6:06:d8:
e9:5b:3a:bc:79:64:a4:ac:e9:17:f1:b1:27:7f:f3:eb:a0:77:
bb:20:23:6b:e0:a5:0c:62:47:01:84:02:9b:47:3d:1b:95:f9:
2d:67:9e:3d:05:55:85:2b:62:f4:28:d0:3d:f0:fd:83:8a:40:
b7:14:77:d6:be:23:c2:57:f0:73:77:3b:95:7a:bb:07:f2:28:
e9:04:c7:2a:90:06:4d:ec:f9:76:b9:48:7e:f3:53:6f:1e:4c:
13:fc:42:ba:c6:42:ef:e0:1d:60:e3:bd:3b:59:30:fe:ae:a6:
91:92:31:ca:73:a9:c6:5b:63:8b:fb:79:b0:7c:0b:52:80:d6:
4c:0e:16:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfIUAo7oqlt5EVwc0NJmJgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTQxOWUzNzAwYTM2YmEyYjAzOTA2YzlmOGY0ZDJkZmQ4
NDgwNzAwHhcNMjMwNDI4MTQ0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYzN2Q3M2FhMGViY2I3MGIwYzVkMjFlNTUxMTA1Zjk3ZGZiZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7l0U/rttWWEUfky1P3OYjo4wVVI
7cqGCuU01gNs9cMNvtzPmAnJLZnkZ9E4tmCyyxg04T/44jL+nHL8cE4KAO0QLNqE
Zcdj1ZDMH31+d95lZ8xHxUNAhRFi+q21nQhHlUZ/OBP31wAmDyhl4zUZU8x1BWyR
xcwbz3HVUGpJl9AcYMoVMBLr8FQCGubdM1tTERqyvgxoP/7AacABkIfwDcpmMXad
tHYAdpIY4QrAdZAyknXlKBgKDDOpbFPEU9KY+QPLxpCmgQfkUN72wiBGfLrX/VYB
/60VPzLIdu9jVDWqrh128jbRhdMPJmiMXaX20JIExPz+w5I8+UXgnCAO/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFjfXOqDry3CwxdIeVREF+X373BMB8GA1UdIwQY
MBaAFPZUGeNwCja6KwOQbJ+PTS39hIBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxRWjQzQUtOcm9yQTVCc240OU5MZjJFZ0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NDljMDItZjI2Mi00NWQzLThmOGYt
ZDRiNzIzZWQ3ODFjLzEvTVdOOWM2b092TGNMREYwaDVWRVFYNWZmdmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NDljMDItZjI2Mi00NWQzLThmOGYtZDRiNzIzZWQ3ODFj
LzEvOWxRWjQzQUtOcm9yQTVCc240OU5MZjJFZ0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubQgMA0G
CSqGSIb3DQEBCwUAA4IBAQADHI6/psVMeH4OfZGjmkmhi1DBuCPFmz7Rj8Kb6TC4
bpCPFY2dKTpxaRCx+h8RHP/ZNEg0VzS9hC9xbWgsg0AuIFkd/IsGuFMpN9Ou7a4M
VzjGaWnVkcx5RFaPQaxBGdmMWyXW5NKZ31HKZ6R+45uGTJYDvBodaDaNOtS2Btjp
Wzq8eWSkrOkX8bEnf/ProHe7ICNr4KUMYkcBhAKbRz0blfktZ549BVWFK2L0KNA9
8P2DikC3FHfWviPCV/BzdzuVersH8ijpBMcqkAZN7Pl2uUh+81NvHkwT/EK6xkLv
4B1g4707WTD+rqaRkjHKc6nGW2OL+3mwfAtSgNZMDhYw
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:22 2025 by rpki-client