Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0_MjroBOPbFWqdWsGvgFcATqvhQ.roa
File: 0_MjroBOPbFWqdWsGvgFcATqvhQ.roa (raw, json)
Hash identifier: 0BEDg2aZvtaM2QcJXFhmDTyzvZeG7O1ihTaoGSav95Q=
Subject key identifier: D3:F3:23:AE:80:4E:3D:B1:56:A9:D5:AC:1A:F8:05:70:04:EA:BE:14
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0A807D17EF10A3C666E1156C661B3
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0_MjroBOPbFWqdWsGvgFcATqvhQ.roa
Signing time: Mon 02 Jan 2023 05:24:57 +0000
ROA not before: Mon 02 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43769
IP address blocks: 195.136.197.0/24 maxlen: 24
82.177.95.0/24 maxlen: 24
82.177.92.0/23 maxlen: 23
82.177.100.0/24 maxlen: 24
81.15.187.0/24 maxlen: 24
82.177.110.0/24 maxlen: 24
2a00:4120:8001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a8:07:d1:7e:f1:0a:3c:66:6e:11:56:c6:61:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3f323ae804e3db156a9d5ac1af8057004eabe14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:be:07:c3:f4:28:8b:e4:78:7a:d1:6a:f5:34:
90:59:84:4f:a9:80:64:3f:5b:8e:8b:83:79:a4:1f:
c9:a4:18:cb:68:2e:c8:c7:97:76:de:cd:15:01:a6:
c0:72:e9:7b:00:bf:3a:13:05:fc:d3:47:e3:19:da:
65:f9:fd:50:76:66:59:f6:1d:5a:90:26:49:0c:7a:
ae:7a:da:48:27:d7:5e:19:9c:cd:7d:3c:26:7b:91:
40:70:de:25:b1:22:9c:b4:9e:1b:b0:4b:20:4f:00:
61:24:46:9b:75:a7:fa:d3:21:6a:8d:7a:59:07:d8:
37:45:af:77:f5:f6:f5:67:bd:90:f0:64:36:03:27:
e4:47:4f:d6:c2:17:ca:06:9d:44:85:91:4a:5c:40:
56:bc:64:9e:84:19:cc:2d:49:82:57:2b:8f:4d:a1:
48:ff:fa:f2:42:6e:80:29:7b:5a:90:fc:a7:b1:d0:
f4:27:41:99:34:84:32:f7:50:eb:ce:85:73:63:f1:
3c:7c:8f:de:97:da:f3:63:f4:d2:ba:37:c9:ca:6f:
68:ab:f4:ae:85:5d:47:81:85:99:e0:9e:a9:01:23:
30:61:7d:cb:e8:e8:7b:6e:5a:e4:98:77:94:17:e2:
b0:57:67:ac:c7:38:89:58:40:8c:9f:3b:1d:30:fd:
3c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F3:23:AE:80:4E:3D:B1:56:A9:D5:AC:1A:F8:05:70:04:EA:BE:14
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0_MjroBOPbFWqdWsGvgFcATqvhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.15.187.0/24
82.177.92.0/23
82.177.95.0/24
82.177.100.0/24
82.177.110.0/24
195.136.197.0/24
IPv6:
2a00:4120:8001::/48
Signature Algorithm: sha256WithRSAEncryption
2a:36:8c:f1:be:83:d2:97:f5:b1:79:1d:de:a2:dd:28:87:1e:
c5:99:1c:30:62:99:ed:b5:65:b4:33:f0:d8:b4:02:a2:b1:6e:
a8:3a:52:ba:14:3a:d3:bf:6d:2e:5b:16:a1:02:b8:10:e3:81:
79:ea:c6:56:0a:af:2f:b8:af:0a:47:b6:93:e2:a9:39:42:dc:
a2:ce:a8:6f:a3:74:64:73:cb:c4:c1:2d:7a:e3:f8:02:92:cd:
fb:cb:ea:34:38:2e:19:ae:9f:28:54:04:78:6b:64:9f:dd:65:
9f:12:9d:53:b3:28:e8:33:ed:09:02:34:4b:26:a4:45:a2:27:
4d:1c:04:b8:b9:1d:65:d3:ea:5e:87:6a:02:32:41:20:35:c4:
41:f6:3b:44:fa:9a:e0:da:7d:dd:96:68:31:b4:5a:81:5a:d1:
45:44:74:2c:5a:55:a0:16:dd:33:9c:2e:b0:1f:d3:a9:0f:93:
35:46:e8:0e:6b:9c:ca:0b:d0:da:f6:c8:23:f4:d2:6d:50:f5:
3d:79:67:0c:36:86:1f:c8:0e:86:bf:e3:a3:db:32:91:7b:ab:
cf:57:8e:ed:38:c9:f1:82:fe:08:20:85:9f:68:0b:1d:73:67:
19:9a:df:c7:dd:80:f4:4f:ca:11:dd:af:26:1e:d0:ad:b0:c7:
fc:d9:c1:bc
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVw8KgH0X7xCjxmbhFWxmGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2YzMjNhZTgwNGUzZGIxNTZhOWQ1YWMxYWY4MDU3MDA0ZWFiZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy74Hw/Qoi+R4etFq9TSQWYRPqYBk
P1uOi4N5pB/JpBjLaC7Ix5d23s0VAabAcul7AL86EwX800fjGdpl+f1QdmZZ9h1a
kCZJDHquetpIJ9deGZzNfTwme5FAcN4lsSKctJ4bsEsgTwBhJEabdaf60yFqjXpZ
B9g3Ra939fb1Z72Q8GQ2AyfkR0/WwhfKBp1EhZFKXEBWvGSehBnMLUmCVyuPTaFI
//ryQm6AKXtakPynsdD0J0GZNIQy91DrzoVzY/E8fI/el9rzY/TSujfJym9oq/Su
hV1HgYWZ4J6pASMwYX3L6Oh7blrkmHeUF+KwV2esxziJWECMnzsdMP08twIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNPzI66ATj2xVqnVrBr4BXAE6r4UMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvMF9NanJvQk9QYkZXcWRXc0d2Z0ZjQVRxdmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAUQ+7AwQB
UrFcAwQAUrFfAwQAUrFkAwQAUrFuAwQAw4jFMA8EAgACMAkDBwAqAEEggAEwDQYJ
KoZIhvcNAQELBQADggEBACo2jPG+g9KX9bF5Hd6i3SiHHsWZHDBime21ZbQz8Ni0
AqKxbqg6UroUOtO/bS5bFqECuBDjgXnqxlYKry+4rwpHtpPiqTlC3KLOqG+jdGRz
y8TBLXrj+AKSzfvL6jQ4LhmunyhUBHhrZJ/dZZ8SnVOzKOgz7QkCNEsmpEWiJ00c
BLi5HWXT6l6HagIyQSA1xEH2O0T6muDafd2WaDG0WoFa0UVEdCxaVaAW3TOcLrAf
06kPkzVG6A5rnMoL0Nr2yCP00m1Q9T15Zww2hh/IDoa/46PbMpF7q89Xju04yfGC
/ggghZ9oCx1zZxma38fdgPRPyhHdryYe0K2wx/zZwbw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:16 2025 by rpki-client