Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf2bb4-36d3-4b17-8bcf-44a957132639/1/lMPUlANi-IAR3fcAtJfPmA3I2l0.roa
File: lMPUlANi-IAR3fcAtJfPmA3I2l0.roa (raw, json)
Hash identifier: KkZI7GIEbsoByRn+uDtUMw/insb6uXB8WKpvUdd+dRA=
Subject key identifier: 94:C3:D4:94:03:62:F8:80:11:DD:F7:00:B4:97:CF:98:0D:C8:DA:5D
Certificate issuer: /CN=3298056b806a7b7cc1633345dc55836a45a244c7
Certificate serial: 01856CA5D7BED2D08956DEC74EEC59EED2CD
Authority key identifier: 32:98:05:6B:80:6A:7B:7C:C1:63:33:45:DC:55:83:6A:45:A2:44:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MpgFa4Bqe3zBYzNF3FWDakWiRMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf2bb4-36d3-4b17-8bcf-44a957132639/1/lMPUlANi-IAR3fcAtJfPmA3I2l0.roa
Signing time: Sun 01 Jan 2023 09:24:46 +0000
ROA not before: Sun 01 Jan 2023 09:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38927
IP address blocks: 193.19.112.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:d7:be:d2:d0:89:56:de:c7:4e:ec:59:ee:d2:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3298056b806a7b7cc1633345dc55836a45a244c7
Validity
Not Before: Jan 1 09:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94c3d4940362f88011ddf700b497cf980dc8da5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e7:30:66:cb:0c:1d:a1:fb:97:89:4b:b4:4e:
20:bc:ac:3d:b3:39:15:2d:22:33:db:a4:d4:f9:83:
d8:db:59:4e:37:73:cc:37:80:89:35:20:38:03:f1:
b7:e4:7e:52:14:b4:e3:1c:d0:1c:da:56:a3:af:da:
56:3c:0e:e2:b5:b0:7c:2b:4a:2e:b0:6e:a3:a0:bb:
30:44:db:70:fb:b9:f5:d3:60:fe:10:d2:b1:f7:e8:
fd:d1:c8:17:8c:44:59:18:16:3b:12:78:9c:6d:0a:
24:9b:d9:5e:b7:c8:83:2a:ce:9f:d9:36:47:08:96:
6e:4f:3b:64:80:ae:6e:5c:fa:47:a4:1d:79:77:4a:
8a:97:39:bc:c4:aa:97:78:d2:88:32:4c:52:d3:12:
11:08:8b:49:a1:b2:aa:f1:fd:cb:dc:97:d0:bc:e0:
e7:d4:84:a3:25:80:45:ad:01:c8:f4:dd:53:6c:10:
d2:10:a8:e6:c2:94:ea:f2:cd:1e:50:02:34:83:c6:
78:bf:77:58:14:89:5a:87:a2:eb:64:ca:35:ce:df:
14:08:0b:8c:5e:12:37:5d:52:7c:3d:2a:2c:1d:f4:
93:3a:ec:1f:2d:e4:75:de:72:bb:e4:86:73:71:30:
d5:e2:da:60:4c:f0:33:9f:f5:07:53:30:3f:bd:8b:
d6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C3:D4:94:03:62:F8:80:11:DD:F7:00:B4:97:CF:98:0D:C8:DA:5D
X509v3 Authority Key Identifier:
keyid:32:98:05:6B:80:6A:7B:7C:C1:63:33:45:DC:55:83:6A:45:A2:44:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MpgFa4Bqe3zBYzNF3FWDakWiRMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf2bb4-36d3-4b17-8bcf-44a957132639/1/lMPUlANi-IAR3fcAtJfPmA3I2l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf2bb4-36d3-4b17-8bcf-44a957132639/1/MpgFa4Bqe3zBYzNF3FWDakWiRMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.112.0/23
Signature Algorithm: sha256WithRSAEncryption
65:fb:34:78:a6:27:70:08:53:80:62:f8:fb:16:5a:88:62:c8:
21:15:5f:93:e3:98:cf:17:eb:7b:b3:b8:07:2d:56:35:db:fe:
04:dd:0b:13:81:99:3a:08:21:06:08:92:3b:61:90:5a:ec:fe:
d2:d7:91:ea:53:7d:e2:24:11:d6:81:6b:01:71:a4:f6:25:c2:
ab:ce:a1:b9:39:27:88:dd:91:27:2e:63:11:42:f7:7d:6a:47:
8e:58:ed:f3:24:65:3d:c3:cc:49:83:95:a2:20:73:5c:9d:21:
ec:15:0d:11:9e:40:f8:6f:00:e7:bf:e4:c8:56:94:d0:94:ff:
a5:2a:32:55:1e:2c:8b:d1:c8:a6:2d:96:d5:ea:79:73:81:69:
3f:2d:97:9f:30:fa:00:0e:87:7d:a3:cd:b9:93:17:3c:2e:f0:
64:f8:7a:b0:0c:1b:d7:ad:8b:dd:3c:2f:4c:f7:1d:e3:9e:c6:
f4:6f:21:04:e3:ef:d6:d8:1f:65:0a:0f:b1:50:71:46:14:17:
92:3f:8e:c2:ac:94:86:ae:71:03:30:db:61:91:c1:fa:d0:b8:
4a:a8:30:c1:62:f1:44:1f:33:8a:63:ba:80:a0:72:c4:3a:d4:
90:37:e5:f5:32:48:8c:f7:58:57:d8:75:93:ec:5c:15:2b:d3:
0d:47:2f:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVspde+0tCJVt7HTuxZ7tLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOTgwNTZiODA2YTdiN2NjMTYzMzM0NWRjNTU4MzZhNDVh
MjQ0YzcwHhcNMjMwMTAxMDkyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGMzZDQ5NDAzNjJmODgwMTFkZGY3MDBiNDk3Y2Y5ODBkYzhkYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+cwZssMHaH7l4lLtE4gvKw9szkV
LSIz26TU+YPY21lON3PMN4CJNSA4A/G35H5SFLTjHNAc2lajr9pWPA7itbB8K0ou
sG6joLswRNtw+7n102D+ENKx9+j90cgXjERZGBY7EnicbQokm9let8iDKs6f2TZH
CJZuTztkgK5uXPpHpB15d0qKlzm8xKqXeNKIMkxS0xIRCItJobKq8f3L3JfQvODn
1ISjJYBFrQHI9N1TbBDSEKjmwpTq8s0eUAI0g8Z4v3dYFIlah6LrZMo1zt8UCAuM
XhI3XVJ8PSosHfSTOuwfLeR13nK75IZzcTDV4tpgTPAzn/UHUzA/vYvWGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTD1JQDYviAEd33ALSXz5gNyNpdMB8GA1UdIwQY
MBaAFDKYBWuAant8wWMzRdxVg2pFokTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXBnRmE0QnFlM3pCWXpORjNGV0Rha1dpUk1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZjJiYjQtMzZkMy00YjE3LThiY2Yt
NDRhOTU3MTMyNjM5LzEvbE1QVWxBTmktSUFSM2ZjQXRKZlBtQTNJMmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZjJiYjQtMzZkMy00YjE3LThiY2YtNDRhOTU3MTMyNjM5
LzEvTXBnRmE0QnFlM3pCWXpORjNGV0Rha1dpUk1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBl+zR4pidwCFOAYvj7FlqIYsghFV+T45jPF+t7s7gH
LVY12/4E3QsTgZk6CCEGCJI7YZBa7P7S15HqU33iJBHWgWsBcaT2JcKrzqG5OSeI
3ZEnLmMRQvd9akeOWO3zJGU9w8xJg5WiIHNcnSHsFQ0RnkD4bwDnv+TIVpTQlP+l
KjJVHiyL0cimLZbV6nlzgWk/LZefMPoADod9o825kxc8LvBk+HqwDBvXrYvdPC9M
9x3jnsb0byEE4+/W2B9lCg+xUHFGFBeSP47CrJSGrnEDMNthkcH60LhKqDDBYvFE
HzOKY7qAoHLEOtSQN+X1MkiM91hX2HWT7FwVK9MNRy9q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:39 2025 by rpki-client