Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/MA-JJng_vHUcNuFThwy9cPfkhCk.roa
File: MA-JJng_vHUcNuFThwy9cPfkhCk.roa (raw, json)
Hash identifier: 7EQCc7aExuxjZdiQcU/jYH8ceRJcyyfzgTfPhPIioZs=
Subject key identifier: 30:0F:89:26:78:3F:BC:75:1C:36:E1:53:87:0C:BD:70:F7:E4:84:29
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 018745D0A65E2C8AD1108D5781B592BE66B2
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/MA-JJng_vHUcNuFThwy9cPfkhCk.roa
Signing time: Mon 03 Apr 2023 06:31:54 +0000
ROA not before: Mon 03 Apr 2023 06:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 206.204.0.0/20 maxlen: 32
206.204.16.0/20 maxlen: 32
43.252.28.0/22 maxlen: 32
206.204.32.0/20 maxlen: 32
103.211.184.0/23 maxlen: 32
206.204.48.0/20 maxlen: 32
37.61.226.0/24 maxlen: 32
94.176.48.0/20 maxlen: 32
216.194.80.0/20 maxlen: 32
103.225.128.0/22 maxlen: 32
45.130.120.0/22 maxlen: 32
103.207.152.0/23 maxlen: 32
213.188.64.0/22 maxlen: 32
193.151.52.0/22 maxlen: 32
180.94.216.0/22 maxlen: 32
85.208.148.0/22 maxlen: 32
103.30.12.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:d0:a6:5e:2c:8a:d1:10:8d:57:81:b5:92:be:66:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Apr 3 06:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300f8926783fbc751c36e153870cbd70f7e48429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2a:9b:7c:51:bb:50:3c:d6:db:96:c3:6d:a2:
2e:1e:b2:a8:00:9a:39:18:ec:14:ca:ce:d0:bf:5e:
d4:ff:ee:3a:d5:c7:10:5b:99:e0:74:93:28:eb:a5:
0b:dd:7d:c0:7f:20:dd:1e:d4:8f:b5:48:a7:5e:62:
fd:18:6b:6a:2f:a8:fe:4e:fa:cf:52:02:3a:49:33:
74:02:07:18:a5:20:a6:5e:b8:8d:ce:53:57:b6:47:
2d:30:5c:51:67:5c:2c:fe:eb:e1:a4:fe:a8:ea:70:
64:b1:88:b8:f9:63:91:d5:23:37:86:06:48:19:5a:
5f:08:78:52:99:4f:f5:bf:09:07:eb:57:83:89:50:
16:7d:6b:4c:3e:a8:a5:b6:eb:49:05:87:70:12:f3:
8a:ad:39:81:ea:6c:29:6b:34:63:b1:06:77:db:88:
27:1e:45:78:13:ed:96:e0:4d:5d:b7:4f:08:16:88:
58:a3:de:1b:87:f9:2e:70:b3:85:ab:21:b4:b3:e3:
e2:c8:73:16:a4:14:38:aa:44:98:f5:d7:49:02:22:
f2:8e:53:50:27:cf:10:8e:b0:28:37:90:05:1d:a1:
4c:a2:3f:be:f5:c4:3b:42:5a:ce:bd:ae:50:4f:86:
97:7f:6a:6b:38:d2:07:73:4c:67:0e:46:9e:4a:4b:
7d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0F:89:26:78:3F:BC:75:1C:36:E1:53:87:0C:BD:70:F7:E4:84:29
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/MA-JJng_vHUcNuFThwy9cPfkhCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/24
43.252.28.0/22
45.130.120.0/22
85.208.148.0/22
94.176.48.0/20
103.30.12.0/22
103.207.152.0/23
103.211.184.0/23
103.225.128.0/22
180.94.216.0/22
193.151.52.0/22
206.204.0.0/18
213.188.64.0/22
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:15:33:31:a0:f6:19:0e:7c:38:fe:8a:ad:10:57:c8:18:39:
89:59:6d:f0:91:10:05:30:46:33:25:95:ce:62:4a:a9:6c:81:
d8:2c:3d:e3:45:0a:ba:2e:4a:05:78:50:09:b9:43:56:ac:d2:
12:31:cc:04:7d:24:91:d3:8f:24:96:78:7e:30:96:73:72:11:
e1:74:f4:ae:92:21:8c:e4:d3:14:52:ea:9a:7b:d9:f1:05:e8:
df:b8:e0:27:5c:2e:66:1a:15:49:5e:cc:5d:e5:fd:5f:01:0d:
0b:2b:c6:d2:ce:53:8e:ec:7d:0a:d6:2b:c6:db:6a:8f:38:63:
2a:4d:69:c1:f5:66:a0:21:36:76:34:1c:7a:6c:92:3a:f5:27:
c8:d0:67:d4:c5:df:b3:7f:06:bb:0c:d5:49:c7:3e:21:94:6d:
b6:3f:1e:b5:06:bf:72:53:e2:55:73:f2:d8:01:f5:09:05:7a:
fb:e2:8c:6c:c6:49:42:62:1a:39:e6:ec:47:66:e6:fd:53:db:
68:8a:61:3d:8e:3b:72:c7:c4:0f:c4:5a:8c:3e:3c:47:44:32:
dc:1e:56:1a:3e:05:be:8e:89:e8:3a:68:a8:52:fc:bc:11:5c:
14:bd:74:18:f2:3e:95:fb:02:e4:25:d6:01:30:19:32:2e:5b:
25:b6:67:05
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYdF0KZeLIrREI1XgbWSvmayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNDAzMDYzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBmODkyNjc4M2ZiYzc1MWMzNmUxNTM4NzBjYmQ3MGY3ZTQ4NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryqbfFG7UDzW25bDbaIuHrKoAJo5
GOwUys7Qv17U/+461ccQW5ngdJMo66UL3X3AfyDdHtSPtUinXmL9GGtqL6j+TvrP
UgI6STN0AgcYpSCmXriNzlNXtkctMFxRZ1ws/uvhpP6o6nBksYi4+WOR1SM3hgZI
GVpfCHhSmU/1vwkH61eDiVAWfWtMPqiltutJBYdwEvOKrTmB6mwpazRjsQZ324gn
HkV4E+2W4E1dt08IFohYo94bh/kucLOFqyG0s+PiyHMWpBQ4qkSY9ddJAiLyjlNQ
J88QjrAoN5AFHaFMoj++9cQ7QlrOva5QT4aXf2prONIHc0xnDkaeSkt9YQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDAPiSZ4P7x1HDbhU4cMvXD35IQpMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvTUEtSkpuZ192SFVjTnVGVGh3eTljUGZraENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAJT3iAwQC
K/wcAwQCLYJ4AwQCVdCUAwQEXrAwAwQCZx4MAwQBZ8+YAwQBZ9O4AwQCZ+GAAwQC
tF7YAwQCwZc0AwQGzswAAwQC1bxAAwQE2MJQMA0GCSqGSIb3DQEBCwUAA4IBAQBO
FTMxoPYZDnw4/oqtEFfIGDmJWW3wkRAFMEYzJZXOYkqpbIHYLD3jRQq6LkoFeFAJ
uUNWrNISMcwEfSSR048klnh+MJZzchHhdPSukiGM5NMUUuqae9nxBejfuOAnXC5m
GhVJXsxd5f1fAQ0LK8bSzlOO7H0K1ivG22qPOGMqTWnB9WagITZ2NBx6bJI69SfI
0GfUxd+zfwa7DNVJxz4hlG22Px61Br9yU+JVc/LYAfUJBXr74oxsxklCYho55uxH
Zub9U9toimE9jjtyx8QPxFqMPjxHRDLcHlYaPgW+jonoOmioUvy8EVwUvXQY8j6V
+wLkJdYBMBkyLlsltmcF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:26 2025 by rpki-client