Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/MqMnVurTUlne61KMGPT1xg-dRVI.roa
File: MqMnVurTUlne61KMGPT1xg-dRVI.roa (raw, json)
Hash identifier: T8OdFERoDMLUVjCYNmi8cXjJ0zulVLL16YKZAgtfxvc=
Subject key identifier: 32:A3:27:56:EA:D3:52:59:DE:EB:52:8C:18:F4:F5:C6:0F:9D:45:52
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 01856C0135046D636C0321121B4626A0CA91
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/MqMnVurTUlne61KMGPT1xg-dRVI.roa
Signing time: Sun 01 Jan 2023 06:24:56 +0000
ROA not before: Sun 01 Jan 2023 06:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206352
IP address blocks: 185.217.50.0/23 maxlen: 23
185.217.48.0/23 maxlen: 23
185.188.253.0/24 maxlen: 24
185.188.254.0/23 maxlen: 23
185.248.0.0/23 maxlen: 23
185.248.2.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:35:04:6d:63:6c:03:21:12:1b:46:26:a0:ca:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: Jan 1 06:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32a32756ead35259deeb528c18f4f5c60f9d4552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b1:1f:1f:52:33:4b:34:1d:d9:85:d1:08:5b:
8d:1e:88:1d:ee:d5:d1:11:42:ea:e4:a2:9c:a5:25:
86:97:cf:ac:8a:b1:14:7f:a1:71:13:04:24:c0:a2:
b7:5c:72:21:02:5d:cb:29:a8:8f:08:15:fe:71:2b:
e7:73:2e:cc:e4:f6:fa:c6:ef:69:06:a1:fe:0a:b4:
16:35:03:ee:c1:70:9a:1a:a1:95:50:5e:52:78:71:
0f:f8:fd:cc:4f:25:da:11:7d:ab:36:1c:ca:d5:f5:
b4:44:c2:6e:2a:9e:f1:e1:07:23:2f:af:04:0e:53:
dd:7c:e7:1f:5d:70:9c:f9:95:f6:16:f2:9c:11:c0:
a6:17:b7:b2:6d:a3:5b:a9:46:a1:73:36:2d:54:b3:
8c:53:aa:1d:20:51:14:a3:cf:22:ac:c3:f7:67:ee:
a2:ac:01:c2:6a:88:7d:dc:46:f6:01:b1:b5:b0:06:
75:c8:79:ea:32:69:3e:a9:27:d8:81:8c:40:d3:a8:
ad:59:8d:c2:e3:13:2e:d6:ac:27:c5:28:93:36:7f:
4d:17:2f:b4:b1:ab:7a:77:37:63:20:ca:50:33:cf:
aa:2b:fd:4c:9d:9c:19:8b:ad:d6:8b:aa:46:15:6f:
a5:fd:ee:e7:8c:fa:65:ed:b1:0d:84:56:d3:e0:04:
39:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A3:27:56:EA:D3:52:59:DE:EB:52:8C:18:F4:F5:C6:0F:9D:45:52
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/MqMnVurTUlne61KMGPT1xg-dRVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.253.0-185.188.255.255
185.217.48.0/22
185.248.0.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:3e:69:b8:a5:11:06:3e:86:b0:e4:1c:0a:11:1d:f6:02:27:
4d:40:1b:ba:64:a8:23:1a:4f:82:8e:ad:0d:dd:5b:32:d1:a7:
4e:69:ec:15:13:ee:18:99:ce:32:17:d5:56:75:ae:ea:56:28:
81:98:a2:f7:b0:eb:ed:a2:fc:77:d9:71:e6:81:5b:5e:71:cd:
6d:a9:fe:6c:1c:f0:4a:9d:74:0a:f8:b1:f3:85:b1:b6:92:f4:
c0:7a:bb:de:5c:6b:45:7a:f6:6d:d7:25:fb:68:71:78:ae:c9:
c2:41:ef:2b:e1:e3:e5:39:e9:fc:d1:40:4d:2f:c7:d6:36:64:
86:a9:8d:3a:42:d6:b7:11:4b:82:a2:34:7d:8f:93:ff:b7:1a:
56:0c:fd:df:95:d4:72:e0:c5:98:2d:38:03:60:0f:86:d7:c4:
94:1d:44:53:8a:59:e8:49:f6:af:36:ef:e2:53:42:8a:20:7c:
6e:14:ab:b5:85:81:9f:3e:01:36:70:33:c8:e7:83:2d:8a:0f:
13:f6:0a:3e:9c:67:4f:28:85:94:5d:81:c7:8d:39:4e:66:e8:
75:e8:d8:43:20:e3:e0:b5:53:95:26:65:bb:39:e0:5c:21:de:
10:b4:b8:4c:31:84:7e:70:92:33:9b:28:16:0b:67:f7:66:2f:
fe:a6:e8:8a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVsATUEbWNsAyESG0YmoMqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGNiZGYwNjMyYTEwMTYxM2E4ZjZjOTQ0OWIyOWVkNDVj
MWE4NzIwHhcNMjMwMTAxMDYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmEzMjc1NmVhZDM1MjU5ZGVlYjUyOGMxOGY0ZjVjNjBmOWQ0NTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7EfH1IzSzQd2YXRCFuNHogd7tXR
EULq5KKcpSWGl8+sirEUf6FxEwQkwKK3XHIhAl3LKaiPCBX+cSvncy7M5Pb6xu9p
BqH+CrQWNQPuwXCaGqGVUF5SeHEP+P3MTyXaEX2rNhzK1fW0RMJuKp7x4QcjL68E
DlPdfOcfXXCc+ZX2FvKcEcCmF7eybaNbqUahczYtVLOMU6odIFEUo88irMP3Z+6i
rAHCaoh93Eb2AbG1sAZ1yHnqMmk+qSfYgYxA06itWY3C4xMu1qwnxSiTNn9NFy+0
sat6dzdjIMpQM8+qK/1MnZwZi63Wi6pGFW+l/e7njPpl7bENhFbT4AQ5mwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFDKjJ1bq01JZ3utSjBj09cYPnUVSMB8GA1UdIwQY
MBaAFJncvfBjKhAWE6j2yUSbKe1FwahyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgt
ODg1OGE1NTlmMjUxLzEvTXFNblZ1clRVbG5lNjFLTUdQVDF4Zy1kUlZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgtODg1OGE1NTlmMjUx
LzEvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDBAC5vP0D
AwC5vAMEArnZMAMEArn4ADANBgkqhkiG9w0BAQsFAAOCAQEACj5puKURBj6GsOQc
ChEd9gInTUAbumSoIxpPgo6tDd1bMtGnTmnsFRPuGJnOMhfVVnWu6lYogZii97Dr
7aL8d9lx5oFbXnHNban+bBzwSp10Cvix84WxtpL0wHq73lxrRXr2bdcl+2hxeK7J
wkHvK+Hj5Tnp/NFATS/H1jZkhqmNOkLWtxFLgqI0fY+T/7caVgz935XUcuDFmC04
A2APhtfElB1EU4pZ6En2rzbv4lNCiiB8bhSrtYWBnz4BNnAzyOeDLYoPE/YKPpxn
TyiFlF2Bx405TmbodejYQyDj4LVTlSZluzngXCHeELS4TDGEfnCSM5soFgtn92Yv
/qboig==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:26:13 2025 by rpki-client