Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/MoorygogMLwqXpqaZWdAd7yTxCk.roa
File: MoorygogMLwqXpqaZWdAd7yTxCk.roa (raw, json)
Hash identifier: Aj2PuvynUBNhPSwsJ8pR1wnmSCw7QclMafuCdHd9OII=
Subject key identifier: 32:8A:2B:CA:0A:20:30:BC:2A:5E:9A:9A:65:67:40:77:BC:93:C4:29
Certificate issuer: /CN=bbca3f25d54620b50ef8520657634d3b096bac57
Certificate serial: D92C3B
Authority key identifier: BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/MoorygogMLwqXpqaZWdAd7yTxCk.roa
Signing time: Tue 05 Apr 2022 12:24:57 +0000
ROA not before: Tue 05 Apr 2022 12:24:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 193.41.237.0/24 maxlen: 24
193.42.11.0/24 maxlen: 24
193.42.12.0/24 maxlen: 24
176.96.136.0/22 maxlen: 22
2.59.132.0/22 maxlen: 22
193.41.226.0/24 maxlen: 24
2a0d:5940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14232635 (0xd92c3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbca3f25d54620b50ef8520657634d3b096bac57
Validity
Not Before: Apr 5 12:24:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=328a2bca0a2030bc2a5e9a9a65674077bc93c429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:ed:ee:68:f0:3e:a8:8c:07:32:e2:ae:4c:
76:79:46:36:28:36:14:f2:60:dd:5d:fd:4c:e6:a6:
57:3b:17:ef:47:02:08:71:0b:91:94:29:e7:c3:65:
47:fa:2e:b1:4e:12:c2:71:af:5b:d7:69:35:2b:dc:
16:5e:98:57:23:27:2d:53:0b:a6:0a:fc:67:dc:6f:
9d:99:b7:ec:7a:fc:c0:2f:9a:93:e2:2d:5f:7a:08:
03:6a:f4:8c:38:af:14:fc:64:bb:ab:5a:76:7c:21:
73:c4:1a:7e:64:fd:18:63:64:56:d1:06:ed:cc:4d:
52:a8:92:17:38:6a:25:37:34:7f:cb:bb:4a:c0:49:
60:39:55:d4:a0:27:53:88:aa:56:bb:4a:88:9e:01:
bc:14:dc:f8:d3:17:61:8d:ea:45:79:ac:93:98:c1:
51:b5:43:0c:81:e5:ce:2e:02:fd:1f:ea:ee:54:0f:
28:7a:48:9a:dd:25:40:ff:80:79:95:ae:83:6b:e8:
7c:fb:85:4e:85:d2:e4:a6:da:c5:b8:f0:ea:0b:7b:
19:77:fa:42:45:86:34:28:40:42:be:df:d4:5a:a9:
bd:73:bf:0d:ed:71:94:9a:6d:f5:00:dc:b6:37:0f:
d2:e1:ca:14:88:d5:95:88:4a:4d:33:27:37:61:4c:
e1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8A:2B:CA:0A:20:30:BC:2A:5E:9A:9A:65:67:40:77:BC:93:C4:29
X509v3 Authority Key Identifier:
keyid:BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/MoorygogMLwqXpqaZWdAd7yTxCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/u8o_JdVGILUO-FIGV2NNOwlrrFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.132.0/22
176.96.136.0/22
193.41.226.0/24
193.41.237.0/24
193.42.11.0-193.42.12.255
IPv6:
2a0d:5940::/29
Signature Algorithm: sha256WithRSAEncryption
a2:f1:bf:bf:49:d7:3c:60:6f:5f:21:fe:ce:d2:30:f2:bb:f4:
a1:33:66:c7:0b:8f:12:c9:c5:39:35:45:6f:97:0c:dd:d4:26:
3b:1f:eb:91:95:a9:ac:6d:38:9b:c2:8f:db:be:0a:e9:ee:ac:
53:06:61:46:1e:23:9c:a2:8b:3c:17:a0:ae:59:e0:a1:08:e5:
84:ee:57:5a:7f:ff:80:5d:d4:d5:c9:18:b5:25:86:65:05:cd:
63:79:c2:a6:7e:8c:83:d3:7e:67:14:97:90:37:2f:8e:22:ab:
87:9a:22:e7:a9:26:f6:f4:2c:fc:f6:4f:dc:82:38:ba:ce:f4:
29:68:26:73:4b:a9:a2:c0:ca:c2:92:be:ed:ea:9a:e0:e3:52:
84:48:9c:f6:7b:4e:19:4b:7e:c6:7f:69:97:ef:89:93:03:8f:
90:13:57:38:0a:d1:10:d5:6e:17:e9:a6:2b:ba:05:da:77:45:
85:91:2d:2d:de:33:29:cc:f0:b0:af:69:60:2d:15:b0:8c:75:
9d:24:7a:04:c1:0d:ac:70:4a:1c:87:20:33:53:e9:65:b0:05:
d3:fe:15:76:f5:98:7c:c5:c0:b7:9a:0d:6a:14:f1:52:5a:55:
9a:d4:28:64:1e:02:47:42:cb:61:76:45:96:42:ff:ed:b5:a1:
e5:92:ac:13
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEANksOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmNhM2YyNWQ1NDYyMGI1MGVmODUyMDY1NzYzNGQzYjA5NmJhYzU3MB4XDTIyMDQw
NTEyMjQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI4YTJiY2EwYTIw
MzBiYzJhNWU5YTlhNjU2NzQwNzdiYzkzYzQyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDC7e5o8D6ojAcy4q5MdnlGNig2FPJg3V39TOamVzsX70cC
CHELkZQp58NlR/ousU4SwnGvW9dpNSvcFl6YVyMnLVMLpgr8Z9xvnZm37Hr8wC+a
k+ItX3oIA2r0jDivFPxku6tadnwhc8QafmT9GGNkVtEG7cxNUqiSFzhqJTc0f8u7
SsBJYDlV1KAnU4iqVrtKiJ4BvBTc+NMXYY3qRXmsk5jBUbVDDIHlzi4C/R/q7lQP
KHpImt0lQP+AeZWug2vofPuFToXS5Kbaxbjw6gt7GXf6QkWGNChAQr7f1FqpvXO/
De1xlJpt9QDctjcP0uHKFIjVlYhKTTMnN2FM4W0CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQyiivKCiAwvCpempplZ0B3vJPEKTAfBgNVHSMEGDAWgBS7yj8l1UYgtQ74
UgZXY007CWusVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U4b19KZFZHSUxVTy1GSUdWMk5OT3dscnJGYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvNTYxZDI0LWU5MjEtNGVjOC1hNjExLTRkYzIwYzViNjI2OC8x
L01vb3J5Z29nTUx3cVhwcWFaV2RBZDd5VHhDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
NTYxZDI0LWU5MjEtNGVjOC1hNjExLTRkYzIwYzViNjI2OC8xL3U4b19KZFZHSUxV
Ty1GSUdWMk5OT3dscnJGYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAgI7hAMEArBgiAMEAMEp4gMEAMEp
7TAMAwQAwSoLAwQAwSoMMA0EAgACMAcDBQMqDVlAMA0GCSqGSIb3DQEBCwUAA4IB
AQCi8b+/Sdc8YG9fIf7O0jDyu/ShM2bHC48SycU5NUVvlwzd1CY7H+uRlamsbTib
wo/bvgrp7qxTBmFGHiOcoos8F6CuWeChCOWE7ldaf/+AXdTVyRi1JYZlBc1jecKm
foyD035nFJeQNy+OIquHmiLnqSb29Cz89k/cgji6zvQpaCZzS6miwMrCkr7t6prg
41KESJz2e04ZS37Gf2mX74mTA4+QE1c4CtEQ1W4X6aYrugXad0WFkS0t3jMpzPCw
r2lgLRWwjHWdJHoEwQ2scEochyAzU+llsAXT/hV29Zh8xcC3mg1qFPFSWlWa1Chk
HgJHQsthdkWWQv/ttaHlkqwT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:58 2025 by rpki-client