Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/MkEZEqAgltaYJac0KD-A0sdHNAM.roa
File: MkEZEqAgltaYJac0KD-A0sdHNAM.roa (raw, json)
Hash identifier: IMuHC9SMS40S5C8j1jkn1LRx/5UZUbm5Cgn2Ax5C/40=
Subject key identifier: 32:41:19:12:A0:20:96:D6:98:25:A7:34:28:3F:80:D2:C7:47:34:03
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 01856CCAE05F17FE857AA8A7C78EFB63209C
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/MkEZEqAgltaYJac0KD-A0sdHNAM.roa
Signing time: Sun 01 Jan 2023 10:05:13 +0000
ROA not before: Sun 01 Jan 2023 10:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 185.82.216.0/22 maxlen: 22
195.123.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e0:5f:17:fe:85:7a:a8:a7:c7:8e:fb:63:20:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 1 10:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32411912a02096d69825a734283f80d2c7473403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:47:5b:74:ff:b4:a1:9a:c8:a8:f5:9c:b3:d3:
8b:60:3d:ec:61:9e:69:fa:c9:d4:e7:41:52:73:72:
d8:58:8c:96:12:85:3d:00:8c:9a:4e:9a:08:58:ea:
19:53:b1:cf:26:d1:5c:39:02:34:e9:54:22:96:76:
28:2c:86:94:4e:ea:78:5e:53:a4:25:e5:76:6a:17:
b1:66:58:6e:6f:c2:08:98:d8:ca:b9:c9:46:c8:70:
cf:36:f9:47:95:9c:be:b5:de:da:a3:25:57:45:1a:
58:ae:ff:b6:86:76:6e:30:3f:7e:71:47:fa:09:1c:
56:08:d6:55:cc:31:9f:db:17:39:15:33:9e:15:ef:
02:e0:c3:c8:7a:af:c8:e5:59:c5:56:79:5a:89:32:
42:45:a5:02:e0:02:b9:4c:55:d5:6e:50:3d:f3:14:
1d:83:2c:89:a0:79:78:e8:1e:f1:e3:60:00:d1:8f:
67:d1:1c:43:6c:4c:00:b8:38:51:17:d2:aa:f4:c0:
9f:38:d8:cc:01:cc:3a:a1:a1:59:b9:38:d3:8f:9b:
b7:37:ff:5a:2b:5f:9e:b7:1f:0c:1a:06:48:1f:9a:
a3:59:a2:f6:a3:0f:da:96:ed:cd:cc:5c:30:2d:6c:
b2:d8:bb:3c:d2:2f:01:64:56:8b:40:d7:af:08:19:
6a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:41:19:12:A0:20:96:D6:98:25:A7:34:28:3F:80:D2:C7:47:34:03
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/MkEZEqAgltaYJac0KD-A0sdHNAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.216.0/22
195.123.224.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:70:b5:4e:c4:f5:68:e6:80:88:81:c5:d9:7f:d8:f9:e1:72:
04:18:ee:bc:72:c8:8b:fd:c2:50:c9:e8:b7:65:84:38:8a:e7:
b4:d2:53:44:8b:06:c7:82:e6:b4:aa:5d:ae:2c:ef:63:f9:3c:
c7:a7:87:d3:a6:be:51:1e:d4:0f:db:09:2f:7d:8b:ae:9f:42:
9f:f9:0e:c9:4f:7a:1c:78:54:b9:26:18:5a:d3:ce:e8:1e:44:
e1:4a:c8:d2:59:4b:d6:81:e9:e5:c6:6c:b1:83:89:a1:03:91:
9f:b3:65:75:1b:bc:32:8e:ac:27:4e:49:94:7c:ac:e9:c9:66:
65:5a:db:8f:32:a5:c3:9a:f1:35:69:fa:b9:e5:f3:02:7a:66:
96:46:3e:dd:c4:1b:2c:b5:32:d0:e6:37:9f:8d:da:e5:b1:b9:
01:80:a1:a2:52:ba:a1:84:03:77:b0:48:c4:e3:e2:03:cd:43:
2a:12:5d:dd:58:9c:53:65:85:c0:ef:f5:59:9b:20:a6:78:48:
52:f4:bf:0c:6a:9d:65:3e:ae:17:bd:69:a9:d3:0f:b2:11:2e:
f6:11:8a:51:3f:47:ca:a3:b3:89:11:59:6c:3b:76:94:f7:6c:
c8:da:30:0d:f9:eb:72:68:bd:4b:f9:4b:77:3b:3f:9a:29:5d:
a2:f3:1a:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsyuBfF/6Feqinx477YyCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjMwMTAxMTAwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQxMTkxMmEwMjA5NmQ2OTgyNWE3MzQyODNmODBkMmM3NDczNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEdbdP+0oZrIqPWcs9OLYD3sYZ5p
+snU50FSc3LYWIyWEoU9AIyaTpoIWOoZU7HPJtFcOQI06VQilnYoLIaUTup4XlOk
JeV2ahexZlhub8IImNjKuclGyHDPNvlHlZy+td7aoyVXRRpYrv+2hnZuMD9+cUf6
CRxWCNZVzDGf2xc5FTOeFe8C4MPIeq/I5VnFVnlaiTJCRaUC4AK5TFXVblA98xQd
gyyJoHl46B7x42AA0Y9n0RxDbEwAuDhRF9Kq9MCfONjMAcw6oaFZuTjTj5u3N/9a
K1+etx8MGgZIH5qjWaL2ow/alu3NzFwwLWyy2Ls80i8BZFaLQNevCBlqfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDJBGRKgIJbWmCWnNCg/gNLHRzQDMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvTWtFWkVxQWdsdGFZSmFjMEtELUEwc2RITkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVLYAwQD
w3vgMA0GCSqGSIb3DQEBCwUAA4IBAQBMcLVOxPVo5oCIgcXZf9j54XIEGO68csiL
/cJQyei3ZYQ4iue00lNEiwbHgua0ql2uLO9j+TzHp4fTpr5RHtQP2wkvfYuun0Kf
+Q7JT3oceFS5Jhha087oHkThSsjSWUvWgenlxmyxg4mhA5Gfs2V1G7wyjqwnTkmU
fKzpyWZlWtuPMqXDmvE1afq55fMCemaWRj7dxBsstTLQ5jefjdrlsbkBgKGiUrqh
hAN3sEjE4+IDzUMqEl3dWJxTZYXA7/VZmyCmeEhS9L8Map1lPq4XvWmp0w+yES72
EYpRP0fKo7OJEVlsO3aU92zI2jAN+etyaL1L+Ut3Oz+aKV2i8xqL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:56 2025 by rpki-client