Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/MvmpUO6uChEhbw58E0ZgUUoou2Y.roa
File: MvmpUO6uChEhbw58E0ZgUUoou2Y.roa (raw, json)
Hash identifier: fvzyQAaJFNPJ4CS9+Fs2+Sv/NUs2XJ8QVn9v0dWSPXU=
Subject key identifier: 32:F9:A9:50:EE:AE:0A:11:21:6F:0E:7C:13:46:60:51:4A:28:BB:66
Certificate issuer: /CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Certificate serial: 018573715F148F5C5BAB09CBD37A0A9F9212
Authority key identifier: 06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/MvmpUO6uChEhbw58E0ZgUUoou2Y.roa
Signing time: Mon 02 Jan 2023 17:04:47 +0000
ROA not before: Mon 02 Jan 2023 17:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8387
IP address blocks: 92.61.208.0/20 maxlen: 24
185.49.176.0/22 maxlen: 24
212.166.96.0/19 maxlen: 24
212.31.64.0/19 maxlen: 24
193.162.45.0/24 maxlen: 24
212.166.108.0/24 maxlen: 24
212.166.122.0/23 maxlen: 23
46.17.224.0/21 maxlen: 24
2a10:f8c0::/29 maxlen: 48
2001:9d0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:5f:14:8f:5c:5b:ab:09:cb:d3:7a:0a:9f:92:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Validity
Not Before: Jan 2 17:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32f9a950eeae0a11216f0e7c134660514a28bb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5a:6a:69:cc:14:b5:9f:d7:e4:28:e5:e9:52:
34:7e:2d:a8:b7:bb:2f:f1:5d:82:8b:9e:65:8d:a5:
6d:15:21:b4:44:42:86:a6:5d:1a:73:3d:4c:2e:23:
75:f7:85:9a:a4:a0:21:b3:2e:bc:db:3d:9e:06:37:
81:ce:d8:b2:75:d8:be:7e:3e:f4:40:8c:c8:6c:df:
d5:80:d4:82:2c:4c:2a:89:c7:db:a1:e6:a9:2d:5c:
79:52:99:74:a5:6e:fd:fe:62:b2:0d:2a:45:2f:f9:
31:11:19:96:ef:ab:ba:b8:44:ed:a4:aa:38:db:bf:
37:3f:5d:d0:8a:7c:a1:91:d3:e3:c8:a1:37:4f:4e:
8f:61:ee:2b:d8:62:17:8a:48:07:50:12:28:34:ec:
6b:db:55:61:81:c0:cb:a9:38:36:48:f3:09:2c:4b:
e3:27:43:e9:e4:4b:1a:4e:c5:80:95:0f:8c:c9:2b:
4a:3b:17:f3:a8:a7:7d:79:69:15:44:97:8b:1a:49:
da:f8:27:75:44:7f:8b:07:cc:bd:fc:56:c6:99:dc:
dd:6e:ad:fc:ff:26:e0:b1:7d:5b:82:36:03:05:8e:
8d:98:25:60:ea:37:c6:28:3a:d7:ec:ce:31:d5:35:
a4:ab:5c:2c:9f:2c:6f:2b:87:e2:15:d9:fe:24:26:
3a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F9:A9:50:EE:AE:0A:11:21:6F:0E:7C:13:46:60:51:4A:28:BB:66
X509v3 Authority Key Identifier:
keyid:06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/MvmpUO6uChEhbw58E0ZgUUoou2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.224.0/21
92.61.208.0/20
185.49.176.0/22
193.162.45.0/24
212.31.64.0/19
212.166.96.0/19
IPv6:
2001:9d0::/32
2a10:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:01:dc:09:47:87:77:d1:0a:bf:17:73:89:d1:6e:eb:2d:80:
fc:df:85:3c:f0:d4:0b:1c:6d:ed:5d:06:5f:ac:a9:3c:0f:3b:
0d:9f:d2:ea:fe:47:0d:24:15:2f:d7:26:91:b6:80:95:de:df:
5a:8b:81:74:13:37:b0:db:20:14:23:26:b6:d5:96:e2:22:9a:
c8:c7:69:57:23:2d:f4:18:a7:f6:29:15:2c:00:44:25:24:ce:
d2:85:f8:0b:ff:25:e6:50:23:2a:48:8d:e2:a6:0e:cf:03:02:
64:64:7b:e2:4b:93:21:2d:94:07:fc:69:27:7c:c6:bd:06:6e:
be:7e:28:fe:f7:e0:e2:fb:14:ae:1e:f8:a8:9f:0c:e1:4b:5f:
ce:68:a1:bd:55:a4:41:42:a3:b7:ba:d3:b2:c8:c3:c2:e2:50:
96:96:e2:44:c8:e1:bc:9b:78:81:46:fe:64:79:1d:40:50:cc:
58:31:28:46:4d:72:6d:7d:59:ed:e6:2c:87:71:da:6b:9b:54:
f5:7e:b3:56:38:d1:7e:ea:66:d0:9f:9b:ec:80:7f:81:6a:5b:
3b:3e:88:8e:21:ef:90:9e:7e:6e:e9:15:ff:ba:34:5f:3b:f4:
2b:08:67:6a:79:2c:57:72:ac:22:1f:02:08:bd:cc:02:39:59:
e6:0e:18:25
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVzcV8Uj1xbqwnL03oKn5ISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2M2JhZGM3ODUzYjA1MTAwYTZiMjI0ZGRjZWZjMThlMmU3
ZDNkZDUwHhcNMjMwMTAyMTcwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY5YTk1MGVlYWUwYTExMjE2ZjBlN2MxMzQ2NjA1MTRhMjhiYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVpqacwUtZ/X5Cjl6VI0fi2ot7sv
8V2Ci55ljaVtFSG0REKGpl0acz1MLiN194WapKAhsy682z2eBjeBztiyddi+fj70
QIzIbN/VgNSCLEwqicfboeapLVx5Upl0pW79/mKyDSpFL/kxERmW76u6uETtpKo4
2783P13QinyhkdPjyKE3T06PYe4r2GIXikgHUBIoNOxr21VhgcDLqTg2SPMJLEvj
J0Pp5EsaTsWAlQ+MyStKOxfzqKd9eWkVRJeLGkna+Cd1RH+LB8y9/FbGmdzdbq38
/ybgsX1bgjYDBY6NmCVg6jfGKDrX7M4x1TWkq1wsnyxvK4fiFdn+JCY6kwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDL5qVDurgoRIW8OfBNGYFFKKLtmMB8GA1UdIwQY
MBaAFAY7rceFOwUQCmsiTdzvwY4ufT3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYt
YTIzNzQ0NGFmODI5LzEvTXZtcFVPNnVDaEVoYnc1OEUwWmdVVW9vdTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYtYTIzNzQ0NGFmODI5
LzEvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDLhHgAwQE
XD3QAwQCuTGwAwQAwaItAwQF1B9AAwQF1KZgMBQEAgACMA4DBQAgAQnQAwUDKhD4
wDANBgkqhkiG9w0BAQsFAAOCAQEAFAHcCUeHd9EKvxdzidFu6y2A/N+FPPDUCxxt
7V0GX6ypPA87DZ/S6v5HDSQVL9cmkbaAld7fWouBdBM3sNsgFCMmttWW4iKayMdp
VyMt9Bin9ikVLABEJSTO0oX4C/8l5lAjKkiN4qYOzwMCZGR74kuTIS2UB/xpJ3zG
vQZuvn4o/vfg4vsUrh74qJ8M4UtfzmihvVWkQUKjt7rTssjDwuJQlpbiRMjhvJt4
gUb+ZHkdQFDMWDEoRk1ybX1Z7eYsh3Haa5tU9X6zVjjRfupm0J+b7IB/gWpbOz6I
jiHvkJ5+bukV/7o0Xzv0KwhnanksV3KsIh8CCL3MAjlZ5g4YJQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:32 2025 by rpki-client