Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/MUgOQjADlTJ9mFM8L-KEvQYnrUE.roa
File: MUgOQjADlTJ9mFM8L-KEvQYnrUE.roa (raw, json)
Hash identifier: ZAASgpvK6hNEt5e4OcyCzY/lxXba9r2kYINo00c/n5o=
Subject key identifier: 31:48:0E:42:30:03:95:32:7D:98:53:3C:2F:E2:84:BD:06:27:AD:41
Certificate issuer: /CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Certificate serial: 54F891
Authority key identifier: 00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/MUgOQjADlTJ9mFM8L-KEvQYnrUE.roa
Signing time: Tue 17 May 2022 11:00:30 +0000
ROA not before: Tue 17 May 2022 11:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 217.28.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5568657 (0x54f891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Validity
Not Before: May 17 11:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31480e42300395327d98533c2fe284bd0627ad41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:27:97:f2:91:29:d6:5f:1b:57:6c:bc:91:ea:
8e:8f:7a:0a:04:f1:05:be:44:a4:90:8b:66:55:c6:
d1:1d:ca:42:84:9b:63:60:10:fc:da:01:0e:57:32:
dd:aa:7e:3b:cf:3c:88:1c:d5:a7:44:8e:07:4f:dd:
c0:56:e1:60:2c:be:26:88:08:6f:4e:97:66:fb:19:
e1:3d:b4:1a:38:92:65:f0:62:09:52:c0:e9:11:85:
d2:07:ae:61:39:68:61:03:da:e0:d6:20:a5:f5:40:
0b:0e:82:83:25:bf:9e:bf:90:66:4e:6f:e5:2f:39:
d3:8a:b9:09:5d:87:ff:78:3d:09:12:74:b9:2e:e4:
fe:ce:81:fc:0b:39:23:bd:33:2f:bb:28:2d:3a:b5:
bb:f3:69:d5:7d:7b:34:3e:0a:d5:f2:8d:12:72:9f:
99:ef:db:84:36:3b:f7:03:f4:ca:1b:a2:97:d4:6f:
9b:5d:94:a3:b9:7a:98:4c:f5:c5:84:bb:1e:0e:07:
a8:10:39:0d:21:6a:87:a3:54:a6:20:8e:e3:03:42:
6a:73:a8:1f:21:6b:72:b8:cf:ba:3b:a7:0c:7a:86:
63:b1:d5:80:2d:ca:21:93:e2:fe:de:ff:be:04:af:
10:d9:15:a6:50:f9:79:df:71:c6:2a:24:47:f4:45:
eb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:48:0E:42:30:03:95:32:7D:98:53:3C:2F:E2:84:BD:06:27:AD:41
X509v3 Authority Key Identifier:
keyid:00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/MUgOQjADlTJ9mFM8L-KEvQYnrUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/ABK53JdtfOgH5G_qSTbHJrDEogY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.128.0/24
Signature Algorithm: sha256WithRSAEncryption
52:7d:21:a8:5c:bc:d7:70:45:83:7a:da:fa:76:5d:a4:03:a9:
39:17:73:1f:b1:f1:41:ee:27:f2:46:e9:0c:9b:8c:e0:83:57:
dc:cb:86:94:ac:f8:4a:e0:1d:47:b2:75:ec:39:ca:b1:3e:3f:
fd:78:f4:27:42:b3:79:d9:bb:e3:21:f1:bd:d7:47:fb:b3:7b:
67:9f:4a:2b:f2:d2:3f:ea:5f:2d:ab:34:08:68:56:d9:af:6e:
9b:fd:d7:fa:cd:ba:58:48:88:a4:bf:08:61:c9:00:a0:99:9c:
e0:c8:f1:a2:97:34:2d:c3:8a:b4:17:4e:4d:15:07:2d:8c:19:
75:e6:26:bd:68:6d:5a:a6:96:51:d5:5a:96:d1:ca:51:cf:b3:
c6:f0:43:38:8a:5d:2d:05:5b:11:d1:1d:ea:74:f9:f8:44:44:
4d:d2:1a:d5:3f:cd:11:7e:7a:68:8a:6b:63:d4:b7:13:89:0c:
01:6b:d7:37:df:76:07:e0:b3:98:71:53:af:29:09:95:cb:10:
81:c2:88:5a:e5:de:09:a2:fa:4e:2d:87:79:ca:9b:2e:cb:4a:
2c:92:5f:75:14:ad:30:c1:34:e6:38:b1:f5:eb:6d:49:20:9d:
1c:1b:d9:b4:fc:de:e9:38:14:9b:ea:5f:13:14:8d:9e:8a:37:
af:ed:c7:11
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDVPiRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAw
MTJiOWRjOTc2ZDdjZTgwN2U0NmZlYTQ5MzZjNzI2YjBjNGEyMDYwHhcNMjIwNTE3
MTEwMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzMTQ4MGU0MjMwMDM5
NTMyN2Q5ODUzM2MyZmUyODRiZDA2MjdhZDQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyCeX8pEp1l8bV2y8keqOj3oKBPEFvkSkkItmVcbRHcpChJtj
YBD82gEOVzLdqn47zzyIHNWnRI4HT93AVuFgLL4miAhvTpdm+xnhPbQaOJJl8GIJ
UsDpEYXSB65hOWhhA9rg1iCl9UALDoKDJb+ev5BmTm/lLznTirkJXYf/eD0JEnS5
LuT+zoH8CzkjvTMvuygtOrW782nVfXs0PgrV8o0Scp+Z79uENjv3A/TKG6KX1G+b
XZSjuXqYTPXFhLseDgeoEDkNIWqHo1SmII7jA0Jqc6gfIWtyuM+6O6cMeoZjsdWA
Lcohk+L+3v++BK8Q2RWmUPl533HGKiRH9EXrQQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDFIDkIwA5UyfZhTPC/ihL0GJ61BMB8GA1UdIwQYMBaAFAASudyXbXzoB+Rv
6kk2xyawxKIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5LzEv
TVVnT1FqQURsVEo5bUZNOEwtS0V2UVluclVFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82
Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5LzEvQUJLNTNKZHRmT2dI
NUdfcVNUYkhKckRFb2dZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyAMA0GCSqGSIb3DQEBCwUAA4IB
AQBSfSGoXLzXcEWDetr6dl2kA6k5F3MfsfFB7ifyRukMm4zgg1fcy4aUrPhK4B1H
snXsOcqxPj/9ePQnQrN52bvjIfG910f7s3tnn0or8tI/6l8tqzQIaFbZr26b/df6
zbpYSIikvwhhyQCgmZzgyPGilzQtw4q0F05NFQctjBl15ia9aG1appZR1VqW0cpR
z7PG8EM4il0tBVsR0R3qdPn4RERN0hrVP80Rfnpoimtj1LcTiQwBa9c333YH4LOY
cVOvKQmVyxCBwoha5d4JovpOLYd5ypsuy0oskl91FK0wwTTmOLH1621JIJ0cG9m0
/N7pOBSb6l8TFI2eijev7ccR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:52 2023 by rpki-client on console-fra.rpki-client.org