Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/MdZbPPee7jJkAGLECMPeEQgXb0g.roa
File: MdZbPPee7jJkAGLECMPeEQgXb0g.roa (raw, json)
Hash identifier: P4tESgnkEFHhfLbCvtBXK4ezxpXkuqTjbEGSC06LyoY=
Subject key identifier: 31:D6:5B:3C:F7:9E:EE:32:64:00:62:C4:08:C3:DE:11:08:17:6F:48
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 01856F1DB2E3E13CBD9245276F9A4AB7901E
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/MdZbPPee7jJkAGLECMPeEQgXb0g.roa
Signing time: Sun 01 Jan 2023 20:54:55 +0000
ROA not before: Sun 01 Jan 2023 20:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47696
IP address blocks: 194.8.96.0/19 maxlen: 25
194.145.64.0/19 maxlen: 25
2a01:8180::/36 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b2:e3:e1:3c:bd:92:45:27:6f:9a:4a:b7:90:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 20:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d65b3cf79eee32640062c408c3de1108176f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c9:6e:dd:11:88:4c:a4:37:47:c1:1f:a5:e9:
12:34:d3:7b:12:f5:bc:23:2e:ec:0a:51:68:48:e4:
31:6b:0b:22:6f:41:0f:09:4d:76:62:05:6c:a3:63:
57:01:c1:49:51:21:3e:56:22:c0:4f:14:58:52:50:
ef:c3:82:3e:c0:22:8c:6a:1a:d2:ed:59:25:b4:01:
4d:05:64:1c:30:72:f9:77:40:d9:03:c6:8d:65:40:
e2:c0:5c:a3:03:f2:66:bd:e9:70:11:95:28:10:37:
28:8a:02:c4:38:92:c2:fa:19:a0:ac:f6:e2:30:6a:
bd:f4:df:1f:f3:58:b6:b6:00:4c:55:bd:94:26:b9:
60:64:40:6d:ec:9a:89:1b:a1:82:24:6f:aa:b4:cc:
35:59:95:23:dd:68:5c:6b:8b:30:4c:61:8c:ef:13:
c3:a7:49:d6:f5:f6:ce:08:bb:a2:c6:5b:9b:ab:40:
49:d5:36:d3:2a:7f:ea:75:36:22:1e:d8:b9:36:6e:
c1:04:6f:16:0e:51:99:e5:cf:a6:e0:46:c1:9a:e7:
31:b2:27:35:1e:f2:62:3e:a5:e7:59:c2:38:7b:6f:
ab:44:ee:d1:ac:1a:1d:46:14:b3:c5:d8:d0:11:15:
2d:24:f2:e0:33:60:fb:ae:22:a7:88:9b:ac:49:2b:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D6:5B:3C:F7:9E:EE:32:64:00:62:C4:08:C3:DE:11:08:17:6F:48
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/MdZbPPee7jJkAGLECMPeEQgXb0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.96.0/19
194.145.64.0/19
IPv6:
2a01:8180::/36
Signature Algorithm: sha256WithRSAEncryption
9e:e7:13:3a:46:06:2b:b6:10:49:64:0d:55:10:53:1d:cf:3d:
83:d2:b8:33:fa:4b:97:87:a0:a5:92:5d:5a:a9:16:55:db:ee:
f9:8b:ab:e7:a9:22:fe:60:ff:67:24:17:63:1c:22:3b:7a:a2:
ea:be:4f:5b:89:72:a4:93:14:2d:00:58:01:19:36:c0:f9:a6:
21:48:06:f3:e1:a0:36:ed:bf:84:67:99:a1:e9:75:60:b7:4f:
48:93:f7:b8:91:43:0c:6d:17:ab:94:27:dc:12:2d:df:bc:8b:
57:3c:d8:b0:bc:31:60:08:38:c6:b6:d1:8a:99:f3:4b:b2:5e:
3b:2a:30:e6:ec:8c:92:79:30:46:fe:5e:6e:a0:7d:11:43:10:
01:e9:00:11:7c:d5:30:99:1a:83:7b:8e:3f:19:81:52:bb:9f:
59:c5:e8:91:78:0c:77:da:75:95:66:fe:43:fd:d9:3a:7e:a9:
80:20:8a:c8:24:d4:8d:c1:fc:5e:50:a5:00:0f:7d:ad:2e:76:
93:ab:ce:72:56:48:b5:cc:c2:38:bd:fd:a3:3a:98:1b:ab:e9:
59:a6:60:5c:ac:02:6b:4c:1a:b4:89:5c:af:46:5c:5c:41:31:
ea:21:00:e2:f5:bc:9f:3f:53:71:27:b8:35:89:78:af:5c:cd:
bf:54:0e:45
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVvHbLj4Ty9kkUnb5pKt5AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjMwMTAxMjA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ2NWIzY2Y3OWVlZTMyNjQwMDYyYzQwOGMzZGUxMTA4MTc2ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8lu3RGITKQ3R8EfpekSNNN7EvW8
Iy7sClFoSOQxawsib0EPCU12YgVso2NXAcFJUSE+ViLATxRYUlDvw4I+wCKMahrS
7VkltAFNBWQcMHL5d0DZA8aNZUDiwFyjA/JmvelwEZUoEDcoigLEOJLC+hmgrPbi
MGq99N8f81i2tgBMVb2UJrlgZEBt7JqJG6GCJG+qtMw1WZUj3Whca4swTGGM7xPD
p0nW9fbOCLuixlubq0BJ1TbTKn/qdTYiHti5Nm7BBG8WDlGZ5c+m4EbBmucxsic1
HvJiPqXnWcI4e2+rRO7RrBodRhSzxdjQERUtJPLgM2D7riKniJusSSuUUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDHWWzz3nu4yZABixAjD3hEIF29IMB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvTWRaYlBQZWU3akprQUdMRUNNUGVFUWdYYjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQFwghgAwQF
wpFAMA4EAgACMAgDBgQqAYGAADANBgkqhkiG9w0BAQsFAAOCAQEAnucTOkYGK7YQ
SWQNVRBTHc89g9K4M/pLl4egpZJdWqkWVdvu+Yur56ki/mD/ZyQXYxwiO3qi6r5P
W4lypJMULQBYARk2wPmmIUgG8+GgNu2/hGeZoel1YLdPSJP3uJFDDG0Xq5Qn3BIt
37yLVzzYsLwxYAg4xrbRipnzS7JeOyow5uyMknkwRv5ebqB9EUMQAekAEXzVMJka
g3uOPxmBUrufWcXokXgMd9p1lWb+Q/3ZOn6pgCCKyCTUjcH8XlClAA99rS52k6vO
clZItczCOL39ozqYG6vpWaZgXKwCa0watIlcr0ZcXEEx6iEA4vW8nz9TcSe4NYl4
r1zNv1QORQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:52:31 2025 by rpki-client