Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/MsDZ9EquDhKn_FYWs_jq4o_pUcw.roa
File: MsDZ9EquDhKn_FYWs_jq4o_pUcw.roa (raw, json)
Hash identifier: UW5bZhINU87QEWY2QUjRsKEC3ArmwAT7Poylm3SOtM0=
Subject key identifier: 32:C0:D9:F4:4A:AE:0E:12:A7:FC:56:16:B3:F8:EA:E2:8F:E9:51:CC
Certificate issuer: /CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Certificate serial: 0506ED90
Authority key identifier: D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/MsDZ9EquDhKn_FYWs_jq4o_pUcw.roa
Signing time: Sat 01 Jan 2022 03:50:50 +0000
ROA not before: Sat 01 Jan 2022 03:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43456
IP address blocks: 185.164.48.0/24 maxlen: 24
185.164.51.0/24 maxlen: 24
185.164.50.0/24 maxlen: 24
185.164.49.0/24 maxlen: 24
185.171.17.0/24 maxlen: 24
185.171.16.0/24 maxlen: 24
185.171.19.0/24 maxlen: 24
185.171.18.0/24 maxlen: 24
185.93.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84340112 (0x506ed90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Validity
Not Before: Jan 1 03:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32c0d9f44aae0e12a7fc5616b3f8eae28fe951cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:71:15:7c:05:3b:cf:0f:17:06:6c:59:97:39:
b2:23:a0:61:6d:fb:b8:a1:b2:6c:75:9f:35:16:14:
42:96:2a:21:03:a7:59:28:83:7c:43:45:0c:98:18:
f5:cc:a5:0a:db:b4:72:53:07:0b:32:18:7d:02:28:
7f:67:91:2b:0a:e7:ce:27:aa:33:16:04:76:34:73:
7f:a9:dc:fa:64:4e:ae:5f:8b:a7:c4:13:52:cf:d1:
b4:86:c1:e5:b8:54:a8:8a:a5:f6:f7:3e:08:fd:85:
ab:21:17:4d:bf:78:c3:cc:e6:7a:1e:b8:47:b5:a5:
ea:b3:af:4c:5c:d8:37:e7:66:cb:7f:28:ae:ec:8a:
85:3a:f4:82:a7:ec:8b:a5:d1:10:04:e8:7c:d2:28:
1b:5d:ce:59:26:20:b2:dc:4c:9e:ca:b4:8b:c5:b3:
b8:de:4e:28:5f:c8:f0:37:cf:55:e4:60:2f:55:71:
88:8a:98:3b:f1:d7:4c:1f:65:c7:eb:9f:ab:d1:de:
9f:59:e7:c5:d9:d7:80:6a:75:88:35:c9:16:f0:bc:
92:98:c4:8c:4a:6b:84:9c:62:cc:c4:55:7b:e3:e6:
94:f3:a0:47:b1:80:70:57:6e:16:80:d2:63:86:28:
0f:fe:7e:f1:9a:fe:f0:16:75:57:76:c0:f6:30:8e:
52:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C0:D9:F4:4A:AE:0E:12:A7:FC:56:16:B3:F8:EA:E2:8F:E9:51:CC
X509v3 Authority Key Identifier:
keyid:D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/MsDZ9EquDhKn_FYWs_jq4o_pUcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.172.0/24
185.164.48.0/22
185.171.16.0/22
Signature Algorithm: sha256WithRSAEncryption
13:c3:27:3e:6e:a1:63:7d:f6:05:97:71:69:bc:36:97:23:3c:
b4:98:e0:b2:54:21:3d:18:c3:0d:d2:ae:cd:fd:04:3e:20:54:
76:85:6e:63:b9:29:17:f6:d9:56:59:55:9c:97:d9:06:52:56:
ec:40:ac:00:56:9b:0b:fc:08:1c:56:8b:9f:2d:d5:d5:52:25:
61:d5:76:c8:04:d9:a0:e5:18:cb:c5:31:42:45:71:5d:7e:b5:
bf:d6:62:66:29:b0:ba:e0:f3:1f:b7:f6:13:f4:84:ca:fd:9a:
0e:2e:ae:ad:28:c8:64:bf:26:48:45:e9:86:b4:85:46:71:60:
2c:ee:0c:7f:ad:71:d0:75:5f:e3:1c:6b:1b:43:bc:1f:77:fd:
76:ab:d1:73:e8:0d:38:25:ed:20:9f:1d:8a:19:43:3a:d3:4d:
bb:6d:fa:d8:e3:58:de:b2:10:af:c2:59:9d:78:8c:c6:da:24:
2d:0e:24:3c:19:0d:6a:7b:c1:ff:d9:1b:59:bc:b2:f8:49:24:
87:87:1f:06:a7:af:ab:0c:e5:a8:0c:d8:55:70:28:3b:66:53:
de:59:51:ff:c9:1f:0c:06:3f:00:ad:e2:b2:c4:61:09:9d:c0:
dd:c3:06:38:05:ea:62:42:88:53:d8:29:c2:af:35:bb:a7:f8:
1f:41:86:88
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBQbtkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTc3M2Q3MzNkMTg0NWM0MWQzZjlhMzYyYjU1Yjc0ZTY4NmY5YzAyMB4XDTIyMDEw
MTAzNTA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJjMGQ5ZjQ0YWFl
MGUxMmE3ZmM1NjE2YjNmOGVhZTI4ZmU5NTFjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5xFXwFO88PFwZsWZc5siOgYW37uKGybHWfNRYUQpYqIQOn
WSiDfENFDJgY9cylCtu0clMHCzIYfQIof2eRKwrnzieqMxYEdjRzf6nc+mROrl+L
p8QTUs/RtIbB5bhUqIql9vc+CP2FqyEXTb94w8zmeh64R7Wl6rOvTFzYN+dmy38o
ruyKhTr0gqfsi6XREATofNIoG13OWSYgstxMnsq0i8WzuN5OKF/I8DfPVeRgL1Vx
iIqYO/HXTB9lx+ufq9Hen1nnxdnXgGp1iDXJFvC8kpjEjEprhJxizMRVe+PmlPOg
R7GAcFduFoDSY4YoD/5+8Zr+8BZ1V3bA9jCOUvsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQywNn0Sq4OEqf8Vhaz+Orij+lRzDAfBgNVHSMEGDAWgBTZdz1zPRhFxB0/
mjYrVbdOaG+cAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJYYzljejBZUmNRZFA1bzJLMVczVG1odm5BSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvMzc0MTFlLTJiODktNDA3OS04Y2ZjLTAxYTI5ZjVmNmRkZS8x
L01zRFo5RXF1RGhLbl9GWVdzX2pxNG9fcFVjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
Mzc0MTFlLTJiODktNDA3OS04Y2ZjLTAxYTI5ZjVmNmRkZS8xLzJYYzljejBZUmNR
ZFA1bzJLMVczVG1odm5BSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALldrAMEArmkMAMEArmrEDANBgkq
hkiG9w0BAQsFAAOCAQEAE8MnPm6hY332BZdxabw2lyM8tJjgslQhPRjDDdKuzf0E
PiBUdoVuY7kpF/bZVllVnJfZBlJW7ECsAFabC/wIHFaLny3V1VIlYdV2yATZoOUY
y8UxQkVxXX61v9ZiZimwuuDzH7f2E/SEyv2aDi6urSjIZL8mSEXphrSFRnFgLO4M
f61x0HVf4xxrG0O8H3f9dqvRc+gNOCXtIJ8dihlDOtNNu2362ONY3rIQr8JZnXiM
xtokLQ4kPBkNanvB/9kbWbyy+Ekkh4cfBqevqwzlqAzYVXAoO2ZT3llR/8kfDAY/
AK3issRhCZ3A3cMGOAXqYkKIU9gpwq81u6f4H0GGiA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:34 2025 by rpki-client