Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/MHc33D4qcOrf2TZIyY1uxoGsbLM.roa
File: MHc33D4qcOrf2TZIyY1uxoGsbLM.roa (raw, json)
Hash identifier: Kr7C7kuSAwayUroN/WpqtGlUm5P9X8ilrcWJrXQSBGw=
Subject key identifier: 30:77:37:DC:3E:2A:70:EA:DF:D9:36:48:C9:8D:6E:C6:81:AC:6C:B3
Certificate issuer: /CN=b543ef9bc3c2132361c1240972a180912bf7a859
Certificate serial: 02988B11
Authority key identifier: B5:43:EF:9B:C3:C2:13:23:61:C1:24:09:72:A1:80:91:2B:F7:A8:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUPvm8PCEyNhwSQJcqGAkSv3qFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/MHc33D4qcOrf2TZIyY1uxoGsbLM.roa
Signing time: Sat 01 Jan 2022 07:53:03 +0000
ROA not before: Sat 01 Jan 2022 07:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200647
IP address blocks: 185.67.196.0/22 maxlen: 24
2a05:1280::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43551505 (0x2988b11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b543ef9bc3c2132361c1240972a180912bf7a859
Validity
Not Before: Jan 1 07:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=307737dc3e2a70eadfd93648c98d6ec681ac6cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a9:f7:1b:44:da:2e:a0:dc:c4:38:68:2f:23:
61:cb:e9:ec:a3:a5:bd:50:9d:e6:46:9e:95:40:05:
bc:e4:fa:e5:02:55:fc:6c:d3:7c:dc:83:07:93:a0:
35:04:9a:18:89:54:f4:d2:93:3a:e7:5c:45:fe:8b:
2b:6e:c9:b3:00:40:2a:12:14:74:fb:de:c4:9e:21:
89:b4:b7:df:93:fc:f9:8e:02:00:85:ce:87:0c:a3:
84:c5:be:99:20:22:e2:18:9b:3e:69:36:d2:e3:d2:
04:57:5b:d7:5a:33:13:82:fa:65:25:54:03:49:3a:
37:5c:fc:54:62:70:9a:97:2e:15:28:d1:a4:f4:c4:
16:61:69:de:5f:d8:eb:db:c7:4a:14:c7:a7:eb:f9:
8d:ab:ef:2b:71:50:81:40:9d:ed:64:60:f1:25:79:
c8:c8:19:94:77:f0:69:db:cc:c0:65:2d:c1:2c:5e:
b0:ac:d0:a2:ce:80:47:3c:fe:4c:03:a5:68:f2:c7:
fc:83:32:b2:c9:e3:68:ad:65:1d:cd:18:76:7a:7f:
ba:ff:7e:f8:a3:b0:ef:7e:63:5c:fa:fa:fa:b7:8b:
60:09:5a:f3:c3:7d:7a:66:9f:05:30:87:9c:6b:10:
9b:c5:a7:09:93:fb:eb:b0:fb:54:4a:46:70:bd:18:
c9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:77:37:DC:3E:2A:70:EA:DF:D9:36:48:C9:8D:6E:C6:81:AC:6C:B3
X509v3 Authority Key Identifier:
keyid:B5:43:EF:9B:C3:C2:13:23:61:C1:24:09:72:A1:80:91:2B:F7:A8:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUPvm8PCEyNhwSQJcqGAkSv3qFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/MHc33D4qcOrf2TZIyY1uxoGsbLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/tUPvm8PCEyNhwSQJcqGAkSv3qFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.196.0/22
IPv6:
2a05:1280::/29
Signature Algorithm: sha256WithRSAEncryption
56:9b:ba:d9:b5:97:9e:31:8c:4a:0f:14:fd:5c:f4:72:80:ec:
0a:4b:7e:da:54:60:79:63:ed:c4:27:7f:ef:93:77:ad:e6:64:
cc:29:d6:f2:5e:d0:73:fc:38:7d:03:82:7b:9b:5d:3a:14:d1:
06:ba:9e:74:a9:0e:6b:18:40:be:aa:af:0c:0d:a6:4a:ed:f0:
3e:ac:6e:80:e4:8d:ac:16:ba:64:2d:cc:10:29:d8:d6:e9:a9:
e5:c6:ad:d4:b5:6a:85:52:fa:c5:c3:d7:29:ee:7e:29:d1:ea:
45:99:87:8f:60:dc:0e:fd:f6:73:43:de:72:e4:da:46:b0:f3:
2a:8f:eb:33:fe:32:ee:60:73:4f:0e:00:e6:a3:0b:d6:4b:f3:
b5:bb:4a:27:f3:5d:1b:7c:bd:2f:5a:14:f5:68:48:c3:6a:0f:
bc:3c:ba:a2:0f:b5:a1:22:6a:0b:6e:d6:db:32:c0:6c:6b:a3:
5e:f3:5e:d9:3f:38:01:21:68:5c:f9:7c:50:f4:89:c5:05:dc:
b1:a0:07:bf:27:e2:07:ac:0f:ac:bb:7e:09:5d:91:3a:9f:14:
10:e7:68:b8:d5:06:0b:3f:25:86:98:75:25:18:5e:75:0b:fa:
07:42:0d:5f:fe:f7:ad:c8:be:c0:90:99:7c:1a:9e:77:26:3b:
ff:4f:b4:39
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEApiLETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTQzZWY5YmMzYzIxMzIzNjFjMTI0MDk3MmExODA5MTJiZjdhODU5MB4XDTIyMDEw
MTA3NTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA3NzM3ZGMzZTJh
NzBlYWRmZDkzNjQ4Yzk4ZDZlYzY4MWFjNmNiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGp9xtE2i6g3MQ4aC8jYcvp7KOlvVCd5kaelUAFvOT65QJV
/GzTfNyDB5OgNQSaGIlU9NKTOudcRf6LK27JswBAKhIUdPvexJ4hibS335P8+Y4C
AIXOhwyjhMW+mSAi4hibPmk20uPSBFdb11ozE4L6ZSVUA0k6N1z8VGJwmpcuFSjR
pPTEFmFp3l/Y69vHShTHp+v5javvK3FQgUCd7WRg8SV5yMgZlHfwadvMwGUtwSxe
sKzQos6ARzz+TAOlaPLH/IMyssnjaK1lHc0Ydnp/uv9++KOw735jXPr6+reLYAla
88N9emafBTCHnGsQm8WnCZP767D7VEpGcL0YyY8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQwdzfcPipw6t/ZNkjJjW7GgaxsszAfBgNVHSMEGDAWgBS1Q++bw8ITI2HB
JAlyoYCRK/eoWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RVUHZtOFBDRXlOaHdTUUpjcUdBa1N2M3FGay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvMjVlNmQ2LWNlZDEtNDI4My04YzlmLWM4NGNjYmE0ZTYwNy8x
L01IYzMzRDRxY09yZjJUWkl5WTF1eG9Hc2JMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
MjVlNmQ2LWNlZDEtNDI4My04YzlmLWM4NGNjYmE0ZTYwNy8xL3RVUHZtOFBDRXlO
aHdTUUpjcUdBa1N2M3FGay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlDxDANBAIAAjAHAwUDKgUSgDAN
BgkqhkiG9w0BAQsFAAOCAQEAVpu62bWXnjGMSg8U/Vz0coDsCkt+2lRgeWPtxCd/
75N3reZkzCnW8l7Qc/w4fQOCe5tdOhTRBrqedKkOaxhAvqqvDA2mSu3wPqxugOSN
rBa6ZC3MECnY1ump5cat1LVqhVL6xcPXKe5+KdHqRZmHj2DcDv32c0PecuTaRrDz
Ko/rM/4y7mBzTw4A5qML1kvztbtKJ/NdG3y9L1oU9WhIw2oPvDy6og+1oSJqC27W
2zLAbGujXvNe2T84ASFoXPl8UPSJxQXcsaAHvyfiB6wPrLt+CV2ROp8UEOdouNUG
Cz8lhph1JRhedQv6B0INX/73rci+wJCZfBqedyY7/0+0OQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:49 2025 by rpki-client