Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/MxmRNETQ0gBOrUcPupFZ0B0urT0.roa
File: MxmRNETQ0gBOrUcPupFZ0B0urT0.roa (raw, json)
Hash identifier: YRjf58BlaWwkUNMF9V8o0gGf5SIqZeO8BmAWneXqnjY=
Subject key identifier: 33:19:91:34:44:D0:D2:00:4E:AD:47:0F:BA:91:59:D0:1D:2E:AD:3D
Certificate issuer: /CN=64753d20b98a0ee770c3b5166a3f4a07f0515bdd
Certificate serial: 06BF9292
Authority key identifier: 64:75:3D:20:B9:8A:0E:E7:70:C3:B5:16:6A:3F:4A:07:F0:51:5B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHU9ILmKDudww7UWaj9KB_BRW90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/MxmRNETQ0gBOrUcPupFZ0B0urT0.roa
Signing time: Sat 01 Jan 2022 16:05:09 +0000
ROA not before: Sat 01 Jan 2022 16:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9023
IP address blocks: 194.37.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113218194 (0x6bf9292)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64753d20b98a0ee770c3b5166a3f4a07f0515bdd
Validity
Not Before: Jan 1 16:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3319913444d0d2004ead470fba9159d01d2ead3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5f:4d:f4:44:66:ab:d7:dc:89:29:14:97:dc:
80:68:65:02:30:80:49:fb:73:4f:97:97:d9:1a:80:
dc:08:09:97:8e:f0:50:eb:b3:4a:9c:04:b3:e0:e1:
17:a5:38:91:b9:4e:e0:3e:77:fd:28:72:6a:86:62:
b8:25:f2:24:b3:d9:62:77:cf:38:6a:2f:86:88:2b:
3e:15:12:d4:77:2b:0c:4f:84:29:5f:82:b7:24:c2:
f7:c2:2f:4b:64:39:40:d2:f6:39:1f:ac:8a:b5:6c:
3c:c0:ab:06:de:f5:3f:0e:a8:1e:e6:5b:f2:b1:bb:
a1:2d:20:0e:06:83:28:b5:81:fd:ac:27:56:57:83:
ce:80:64:ee:2f:f9:d2:a9:bd:33:f9:95:7a:f4:27:
a4:65:5c:4a:e9:1c:a6:f5:84:f5:80:31:de:45:8c:
97:bf:39:ea:97:26:e7:fa:ad:44:94:8b:e5:ff:be:
40:a8:67:d0:de:e9:39:9f:c6:34:43:47:25:b3:fc:
1d:29:ab:11:19:8c:9f:d4:43:db:6b:ca:a7:df:df:
59:22:c6:e5:fa:fb:c5:a3:a7:fd:af:15:30:9e:dd:
7b:f4:c0:d2:cd:eb:03:b2:ee:be:df:cb:4d:90:9d:
0b:40:fc:da:ed:8e:da:e6:6d:34:9d:7b:1f:62:d2:
97:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:19:91:34:44:D0:D2:00:4E:AD:47:0F:BA:91:59:D0:1D:2E:AD:3D
X509v3 Authority Key Identifier:
keyid:64:75:3D:20:B9:8A:0E:E7:70:C3:B5:16:6A:3F:4A:07:F0:51:5B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHU9ILmKDudww7UWaj9KB_BRW90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/MxmRNETQ0gBOrUcPupFZ0B0urT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/ZHU9ILmKDudww7UWaj9KB_BRW90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.253.0/24
Signature Algorithm: sha256WithRSAEncryption
08:2c:95:3d:c1:f0:cc:76:25:53:a5:60:e0:53:7f:41:11:db:
9a:c4:7f:c3:01:1c:58:4c:a7:7b:5e:1e:bf:98:b5:15:54:f2:
eb:b2:e7:da:3d:49:c7:96:7d:c8:b5:dc:2a:dd:05:5d:93:a8:
92:2e:29:88:e6:8b:f7:33:e6:57:f0:d9:32:db:5b:8b:a7:7e:
e1:1b:d7:40:e6:d4:8f:a8:0a:af:71:80:ca:a8:d7:16:f7:54:
94:76:eb:3b:65:6e:cf:fb:10:95:48:9b:d7:f2:4f:51:17:f5:
85:4d:11:64:cc:32:79:55:81:8b:08:9a:14:f0:60:c4:31:7d:
4a:78:09:f0:5d:1d:99:bd:fb:d3:47:7f:2d:a9:1c:00:dd:80:
40:01:89:ea:84:92:8c:8e:8a:18:8d:77:90:7f:9e:16:35:b4:
1c:83:64:e0:d8:59:69:98:e4:6f:5f:3e:94:30:f1:7f:2d:fb:
de:4c:cd:b8:97:3a:df:cd:94:5a:76:d6:df:f8:df:b2:35:37:
75:b5:34:e3:db:9b:85:74:c0:c7:a2:cc:7e:7c:b3:82:6c:85:
54:98:36:c3:d8:9f:bd:31:78:9d:fb:9f:8c:fd:12:07:6e:86:
c9:a1:50:89:4e:0c:d4:a8:e3:fe:58:16:76:b8:09:cc:d3:ac:
d6:e3:cb:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBr+SkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NDc1M2QyMGI5OGEwZWU3NzBjM2I1MTY2YTNmNGEwN2YwNTE1YmRkMB4XDTIyMDEw
MTE2MDUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzMxOTkxMzQ0NGQw
ZDIwMDRlYWQ0NzBmYmE5MTU5ZDAxZDJlYWQzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJfTfREZqvX3IkpFJfcgGhlAjCASftzT5eX2RqA3AgJl47w
UOuzSpwEs+DhF6U4kblO4D53/ShyaoZiuCXyJLPZYnfPOGovhogrPhUS1HcrDE+E
KV+CtyTC98IvS2Q5QNL2OR+sirVsPMCrBt71Pw6oHuZb8rG7oS0gDgaDKLWB/awn
VleDzoBk7i/50qm9M/mVevQnpGVcSukcpvWE9YAx3kWMl7856pcm5/qtRJSL5f++
QKhn0N7pOZ/GNENHJbP8HSmrERmMn9RD22vKp9/fWSLG5fr7xaOn/a8VMJ7de/TA
0s3rA7Luvt/LTZCdC0D82u2O2uZtNJ17H2LSl80CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQzGZE0RNDSAE6tRw+6kVnQHS6tPTAfBgNVHSMEGDAWgBRkdT0guYoO53DD
tRZqP0oH8FFb3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pIVTlJTG1LRHVkd3c3VVdhajlLQl9CUlc5MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvZWJlZDdkLTUwOTAtNDE3YS1iNWI4LWFhOTk1OTAyYjg0Yi8x
L014bVJORVRRMGdCT3JVY1B1cEZaMEIwdXJUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ZWJlZDdkLTUwOTAtNDE3YS1iNWI4LWFhOTk1OTAyYjg0Yi8xL1pIVTlJTG1LRHVk
d3c3VVdhajlLQl9CUlc5MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIl/TANBgkqhkiG9w0BAQsFAAOC
AQEACCyVPcHwzHYlU6Vg4FN/QRHbmsR/wwEcWEyne14ev5i1FVTy67Ln2j1Jx5Z9
yLXcKt0FXZOoki4piOaL9zPmV/DZMttbi6d+4RvXQObUj6gKr3GAyqjXFvdUlHbr
O2Vuz/sQlUib1/JPURf1hU0RZMwyeVWBiwiaFPBgxDF9SngJ8F0dmb3700d/Lakc
AN2AQAGJ6oSSjI6KGI13kH+eFjW0HINk4NhZaZjkb18+lDDxfy373kzNuJc6382U
WnbW3/jfsjU3dbU049ubhXTAx6LMfnyzgmyFVJg2w9ifvTF4nfufjP0SB26GyaFQ
iU4M1Kjj/lgWdrgJzNOs1uPLig==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:46 2025 by rpki-client