Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/mx-hqLx2XbMt7eLnnTshAFWW47w.roa
File: mx-hqLx2XbMt7eLnnTshAFWW47w.roa (raw, json)
Hash identifier: s6PN/U8GQR2Uxvg9K+Ga6kvLaVkgIA0GKZu942QV9Jc=
Subject key identifier: 9B:1F:A1:A8:BC:76:5D:B3:2D:ED:E2:E7:9D:3B:21:00:55:96:E3:BC
Certificate issuer: /CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Certificate serial: 01856D6F778084E4A401D2DE1A34312B67E0
Authority key identifier: 26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/mx-hqLx2XbMt7eLnnTshAFWW47w.roa
Signing time: Sun 01 Jan 2023 13:04:59 +0000
ROA not before: Sun 01 Jan 2023 13:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204324
IP address blocks: 185.252.41.0/24 maxlen: 24
185.252.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:77:80:84:e4:a4:01:d2:de:1a:34:31:2b:67:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Validity
Not Before: Jan 1 13:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b1fa1a8bc765db32dede2e79d3b21005596e3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ff:23:e6:9c:ec:f6:3f:fd:28:45:ef:0c:f9:
da:dc:96:5c:d1:59:76:25:8c:58:0e:b4:53:50:61:
00:d6:45:cc:b9:72:94:63:88:f9:b2:f6:fd:65:38:
1a:39:0a:cd:08:d1:06:6a:6c:00:ad:ac:41:e7:41:
ef:54:69:62:95:6e:f0:73:9f:56:3b:d3:e9:b3:ea:
f6:4d:66:73:2e:48:72:a9:89:0c:65:9e:b4:58:4a:
79:19:7b:e2:66:83:6e:cc:2d:1b:50:9f:f4:44:3e:
81:ad:c3:8d:30:f1:bf:c5:c5:37:2b:1c:4c:dd:47:
0d:e1:e8:65:af:24:fd:9d:a3:61:29:ef:a4:95:fd:
38:22:be:60:15:ad:22:9f:5e:77:4a:ad:76:98:4c:
ac:40:bd:4f:79:87:14:0d:0e:d9:b5:89:85:30:af:
8f:75:94:59:81:7d:1d:8e:e9:ae:b9:28:fa:4d:2c:
60:d8:47:a3:34:52:19:d5:cc:ef:4f:1d:fb:6e:91:
81:e4:88:55:48:74:6a:8d:55:37:dc:86:f9:fa:38:
81:85:d6:6b:2c:9f:de:af:e5:27:4d:ed:11:5b:14:
d6:47:a9:12:8c:7b:fd:a7:21:2d:f6:eb:01:ad:59:
7f:eb:fe:ca:d3:bc:ed:51:68:7d:35:13:43:b7:13:
59:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1F:A1:A8:BC:76:5D:B3:2D:ED:E2:E7:9D:3B:21:00:55:96:E3:BC
X509v3 Authority Key Identifier:
keyid:26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/mx-hqLx2XbMt7eLnnTshAFWW47w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/Jm4MQOTpNw25mtJ6lymNfQVZj3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:da:73:55:c0:33:ee:02:88:b8:21:59:ec:5d:6f:87:0a:f0:
98:3d:1e:99:b9:46:e5:6f:42:7e:0a:bc:3e:8a:42:bf:9f:92:
74:2a:d3:81:6a:d4:ba:17:57:e1:83:d6:89:61:50:29:36:98:
0d:15:b6:95:1d:ed:82:60:79:2e:3e:91:8e:dd:3c:9a:43:6e:
8d:2e:14:97:71:30:65:f1:5d:29:a5:03:27:08:90:4a:74:74:
87:df:15:43:e4:2f:85:f6:2c:8d:80:5b:89:2f:fc:6b:da:9d:
aa:0e:f5:5d:e3:dc:79:3a:23:d1:20:7d:5a:dd:67:74:9a:01:
d4:39:94:99:fe:85:aa:bf:f7:07:92:1f:ff:50:89:8c:f3:57:
5d:2e:4c:f2:e7:fe:34:7a:20:3b:69:2d:70:a7:ad:73:27:7f:
a7:2c:02:bb:92:4f:4e:ad:75:7a:f5:b8:ff:0f:ee:e3:d3:3b:
c4:52:fd:ba:c9:fb:50:86:0c:50:6a:2b:47:f3:d1:47:ab:a9:
5f:6b:1a:53:9a:af:a3:78:bf:91:87:b9:71:82:9e:fb:53:a5:
0b:92:62:0b:84:4a:d0:f8:4c:36:5f:9b:9b:b1:4d:a0:4e:57:
3a:b4:19:f5:04:24:d6:ed:d2:0d:a6:de:4c:50:ce:f1:01:5c:
d6:fe:9e:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb3eAhOSkAdLeGjQxK2fgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NmUwYzQwZTRlOTM3MGRiOTlhZDI3YTk3Mjk4ZDdkMDU1
OThmNzMwHhcNMjMwMTAxMTMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjFmYTFhOGJjNzY1ZGIzMmRlZGUyZTc5ZDNiMjEwMDU1OTZlM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv8j5pzs9j/9KEXvDPna3JZc0Vl2
JYxYDrRTUGEA1kXMuXKUY4j5svb9ZTgaOQrNCNEGamwAraxB50HvVGlilW7wc59W
O9Pps+r2TWZzLkhyqYkMZZ60WEp5GXviZoNuzC0bUJ/0RD6BrcONMPG/xcU3KxxM
3UcN4ehlryT9naNhKe+klf04Ir5gFa0in153Sq12mEysQL1PeYcUDQ7ZtYmFMK+P
dZRZgX0djumuuSj6TSxg2EejNFIZ1czvTx37bpGB5IhVSHRqjVU33Ib5+jiBhdZr
LJ/er+UnTe0RWxTWR6kSjHv9pyEt9usBrVl/6/7K07ztUWh9NRNDtxNZQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsfoai8dl2zLe3i5507IQBVluO8MB8GA1UdIwQY
MBaAFCZuDEDk6TcNuZrSepcpjX0FWY9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm00TVFPVHBOdzI1bXRKNmx5bU5mUVZaajNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85ZTU3YWEtODkwMS00YmQ4LTgyOTUt
OWMxYTUzNTgwZTM5LzEvbXgtaHFMeDJYYk10N2VMbm5Uc2hBRldXNDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85ZTU3YWEtODkwMS00YmQ4LTgyOTUtOWMxYTUzNTgwZTM5
LzEvSm00TVFPVHBOdzI1bXRKNmx5bU5mUVZaajNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufwoMA0G
CSqGSIb3DQEBCwUAA4IBAQCK2nNVwDPuAoi4IVnsXW+HCvCYPR6ZuUblb0J+Crw+
ikK/n5J0KtOBatS6F1fhg9aJYVApNpgNFbaVHe2CYHkuPpGO3TyaQ26NLhSXcTBl
8V0ppQMnCJBKdHSH3xVD5C+F9iyNgFuJL/xr2p2qDvVd49x5OiPRIH1a3Wd0mgHU
OZSZ/oWqv/cHkh//UImM81ddLkzy5/40eiA7aS1wp61zJ3+nLAK7kk9OrXV69bj/
D+7j0zvEUv26yftQhgxQaitH89FHq6lfaxpTmq+jeL+Rh7lxgp77U6ULkmILhErQ
+Ew2X5ubsU2gTlc6tBn1BCTW7dINpt5MUM7xAVzW/p5i
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:44 2025 by rpki-client