Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/MfNeCDbZ7jvx9NI7kvWWvMBdA28.roa
File: MfNeCDbZ7jvx9NI7kvWWvMBdA28.roa (raw, json)
Hash identifier: dA5gkQnOaTd0kChiYu1lfWEibvPlH87QV4UFijZr9FQ=
Subject key identifier: 31:F3:5E:08:36:D9:EE:3B:F1:F4:D2:3B:92:F5:96:BC:C0:5D:03:6F
Certificate issuer: /CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Certificate serial: 01856E8B07068982D7C1097BD1527BCCF729
Authority key identifier: 2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/MfNeCDbZ7jvx9NI7kvWWvMBdA28.roa
Signing time: Sun 01 Jan 2023 18:14:42 +0000
ROA not before: Sun 01 Jan 2023 18:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 195.191.28.0/23 maxlen: 24
185.101.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:07:06:89:82:d7:c1:09:7b:d1:52:7b:cc:f7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Validity
Not Before: Jan 1 18:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31f35e0836d9ee3bf1f4d23b92f596bcc05d036f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4c:4f:7b:b9:c2:2c:db:c0:ac:ee:99:6e:7f:
2f:fb:bf:7f:fa:cb:e1:82:06:7c:6a:14:9a:96:3b:
9b:70:4d:5d:fd:f7:46:df:2a:a9:0a:04:3a:ba:f9:
e6:0b:71:a8:fd:20:60:18:a7:40:af:4f:3d:ef:eb:
01:c9:43:7c:d5:a0:cd:f9:b6:ce:06:85:5a:8a:d9:
c6:d4:bd:5c:fe:97:42:39:7c:1d:11:ca:9e:97:bd:
d6:d3:ed:05:d9:80:61:1d:38:29:b7:ee:a4:14:8f:
a7:32:9d:a7:f3:c7:21:1c:0a:6e:fc:0a:70:68:98:
10:e7:31:83:43:e5:64:9a:db:0d:c8:a9:cd:29:42:
98:11:2a:10:82:fa:b4:aa:5b:6b:45:55:31:68:85:
63:17:2e:dc:1b:d0:7c:3f:56:7a:29:56:fb:31:de:
32:c1:0e:31:39:df:d2:bd:d5:ea:e1:5a:88:9f:53:
1f:ee:a0:26:8d:c2:b8:6a:0e:94:54:1d:01:36:e3:
f9:28:ab:35:33:4a:82:83:00:b0:e9:39:4e:a6:2f:
80:c7:64:a5:7b:6c:0e:9e:ec:ea:15:41:1d:6b:13:
35:df:1f:f3:0e:7a:b7:ae:da:59:7a:83:75:ee:c2:
9e:22:21:46:a5:20:46:e8:e2:db:35:5e:ae:b5:91:
c7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F3:5E:08:36:D9:EE:3B:F1:F4:D2:3B:92:F5:96:BC:C0:5D:03:6F
X509v3 Authority Key Identifier:
keyid:2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/MfNeCDbZ7jvx9NI7kvWWvMBdA28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.240.0/22
195.191.28.0/23
Signature Algorithm: sha256WithRSAEncryption
45:ef:48:7d:79:2f:e0:31:ad:a0:90:2a:6a:73:a7:5d:09:33:
68:cf:02:43:b6:0a:9f:1c:8b:fe:95:92:08:9f:07:0e:e1:ca:
b5:b8:b6:19:f6:aa:04:08:26:24:84:ab:17:bc:db:47:91:76:
9b:fc:a2:29:34:bd:40:20:95:5e:17:57:c5:78:8e:11:04:8c:
2a:3c:5d:26:f8:ca:48:13:5d:e7:7b:74:db:a2:4d:db:3c:20:
86:e2:9b:b8:ac:45:40:66:2c:67:6a:08:49:09:63:be:a6:de:
b1:50:65:e1:57:d6:5f:4f:6d:57:70:27:bf:0e:39:36:f7:72:
e2:ff:99:79:70:e5:6c:22:00:4a:7e:c3:9f:d9:13:d4:6c:27:
49:95:00:35:86:60:21:96:2d:71:61:cf:96:b2:b3:3a:fe:91:
cf:1d:e6:88:5c:e6:37:d8:17:f3:4c:6d:9d:af:8b:9f:2f:14:
7d:28:03:37:d4:33:dd:d2:ff:f0:c7:c9:5d:21:c0:4a:41:98:
c6:9c:be:1d:a9:ad:02:2b:2f:f2:a1:21:1a:f0:75:d2:d2:71:
6e:01:2e:c9:43:4e:c5:37:30:1b:0e:16:4b:f6:49:a6:46:ca:
4a:ec:5a:2e:0d:10:3c:54:8b:15:44:19:60:91:1b:b8:97:2d:
ca:ef:2c:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuiwcGiYLXwQl70VJ7zPcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNmQ2NjEyNDM2Mjg4MGY1ZTRjNTQ4NTJmODM3NmQyYjlk
MTM3ZjQwHhcNMjMwMTAxMTgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWYzNWUwODM2ZDllZTNiZjFmNGQyM2I5MmY1OTZiY2MwNWQwMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUxPe7nCLNvArO6Zbn8v+79/+svh
ggZ8ahSaljubcE1d/fdG3yqpCgQ6uvnmC3Go/SBgGKdAr0897+sByUN81aDN+bbO
BoVaitnG1L1c/pdCOXwdEcqel73W0+0F2YBhHTgpt+6kFI+nMp2n88chHApu/Apw
aJgQ5zGDQ+VkmtsNyKnNKUKYESoQgvq0qltrRVUxaIVjFy7cG9B8P1Z6KVb7Md4y
wQ4xOd/SvdXq4VqIn1Mf7qAmjcK4ag6UVB0BNuP5KKs1M0qCgwCw6TlOpi+Ax2Sl
e2wOnuzqFUEdaxM13x/zDnq3rtpZeoN17sKeIiFGpSBG6OLbNV6utZHHtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDHzXgg22e478fTSO5L1lrzAXQNvMB8GA1UdIwQY
MBaAFCxtZhJDYogPXkxUhS+DdtK50Tf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMt
ZTQwMzBmYTFiMDRhLzEvTWZOZUNEYlo3anZ4OU5JN2t2V1d2TUJkQTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMtZTQwMzBmYTFiMDRh
LzEvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWXwAwQB
w78cMA0GCSqGSIb3DQEBCwUAA4IBAQBF70h9eS/gMa2gkCpqc6ddCTNozwJDtgqf
HIv+lZIInwcO4cq1uLYZ9qoECCYkhKsXvNtHkXab/KIpNL1AIJVeF1fFeI4RBIwq
PF0m+MpIE13ne3Tbok3bPCCG4pu4rEVAZixnaghJCWO+pt6xUGXhV9ZfT21XcCe/
Djk293Li/5l5cOVsIgBKfsOf2RPUbCdJlQA1hmAhli1xYc+WsrM6/pHPHeaIXOY3
2BfzTG2dr4ufLxR9KAM31DPd0v/wx8ldIcBKQZjGnL4dqa0CKy/yoSEa8HXS0nFu
AS7JQ07FNzAbDhZL9kmmRspK7FouDRA8VIsVRBlgkRu4ly3K7ywX
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:50:02 2025 by rpki-client