Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/MN_6HRcPj_8w_YmRs5u6TKNJ7iE.roa
File: MN_6HRcPj_8w_YmRs5u6TKNJ7iE.roa (raw, json)
Hash identifier: i3xNIalz9UijC77a5JCoiSlPmpG5cWg5nRuN6CAm5PU=
Subject key identifier: 30:DF:FA:1D:17:0F:8F:FF:30:FD:89:91:B3:9B:BA:4C:A3:49:EE:21
Certificate issuer: /CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Certificate serial: 07B8093B
Authority key identifier: D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/MN_6HRcPj_8w_YmRs5u6TKNJ7iE.roa
Signing time: Sat 01 Jan 2022 10:53:41 +0000
ROA not before: Sat 01 Jan 2022 10:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 95.140.0.0/20 maxlen: 20
178.251.80.0/21 maxlen: 21
79.141.0.0/20 maxlen: 20
141.101.48.0/21 maxlen: 21
185.14.120.0/22 maxlen: 22
217.15.80.0/20 maxlen: 20
37.122.200.0/21 maxlen: 21
185.4.20.0/22 maxlen: 22
171.33.152.0/21 maxlen: 21
83.167.128.0/19 maxlen: 19
95.170.8.0/22 maxlen: 22
46.254.224.0/21 maxlen: 21
2a01:6380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129501499 (0x7b8093b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Validity
Not Before: Jan 1 10:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30dffa1d170f8fff30fd8991b39bba4ca349ee21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:84:99:83:c0:e2:48:69:de:5a:7b:71:07:a6:
89:5e:c1:f5:6b:84:be:47:05:c3:e9:57:8b:0d:60:
f2:92:f4:18:a3:37:81:e9:83:da:75:65:8a:e5:02:
82:40:cb:0a:57:63:e1:99:b9:e9:47:f7:3d:1b:68:
d2:c5:ad:f7:65:94:ed:76:a5:36:dd:01:f2:13:a8:
7a:56:aa:64:d8:cd:6f:22:84:27:af:59:d6:54:38:
ce:d5:4f:43:66:32:1f:b8:b7:a9:48:78:e1:f6:45:
b0:5b:d9:28:6a:c1:c3:8b:7e:bc:48:eb:7f:6f:d0:
04:01:9c:71:71:b8:68:83:c4:9d:5e:74:59:e4:11:
d6:a0:17:90:ed:b6:0b:81:3e:42:d9:42:76:ad:a5:
aa:e5:05:5d:52:18:8f:aa:68:e2:63:af:aa:a9:c2:
fc:1a:cb:33:ab:75:da:25:46:15:57:f8:8b:05:da:
a2:f3:8b:c7:b8:b2:6a:7d:47:a8:35:bd:45:77:e4:
74:5a:8c:27:6c:05:f9:f8:73:b2:2a:c8:d8:38:76:
e6:34:56:36:0e:b2:9f:72:ac:d7:63:d7:0b:37:e9:
b4:96:85:29:cf:f9:60:ad:ee:69:01:d9:2a:b0:06:
c5:49:b5:46:a6:a9:03:3d:e7:7e:37:5b:80:3d:58:
9e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DF:FA:1D:17:0F:8F:FF:30:FD:89:91:B3:9B:BA:4C:A3:49:EE:21
X509v3 Authority Key Identifier:
keyid:D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/MN_6HRcPj_8w_YmRs5u6TKNJ7iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.200.0/21
46.254.224.0/21
79.141.0.0/20
83.167.128.0/19
95.140.0.0/20
95.170.8.0/22
141.101.48.0/21
171.33.152.0/21
178.251.80.0/21
185.4.20.0/22
185.14.120.0/22
217.15.80.0/20
IPv6:
2a01:6380::/32
Signature Algorithm: sha256WithRSAEncryption
67:97:46:63:d5:8b:82:b2:17:7a:f9:49:46:f8:ff:ec:53:ed:
c7:c2:b2:d2:60:d4:53:e2:d2:98:9f:79:bd:13:fd:26:ee:c7:
7c:de:b5:ec:ad:60:46:b9:91:dd:83:62:74:6a:4f:a2:56:68:
a2:b3:d2:2b:75:26:2d:d6:44:90:4f:97:5d:4d:47:6c:94:ae:
27:80:e7:a5:ff:61:e8:09:1b:2d:0c:50:35:76:08:bd:f4:a8:
5f:70:75:18:a4:a2:04:43:6e:85:b0:62:aa:38:a3:c6:1f:4f:
1e:82:79:47:32:c2:3f:d4:7f:17:3b:e8:30:a7:e4:00:96:fd:
1f:a1:f9:c9:9c:9d:39:45:81:ec:7b:ef:15:ea:77:70:9f:93:
a5:11:f8:ac:09:91:a9:85:c8:41:0d:b9:b0:05:97:a3:94:ae:
fa:72:5b:1d:e5:c6:04:e7:ec:21:d6:e3:89:47:39:cf:b2:1f:
75:0d:d7:1f:fd:d7:77:36:a9:42:69:73:cd:03:61:aa:65:77:
ed:c1:65:24:f9:b0:17:65:bb:b8:b0:d3:c0:a4:05:79:66:e6:
d1:f2:9b:64:cb:a8:f7:aa:67:8d:46:47:7a:81:9f:d9:36:a3:
26:b0:9d:cd:18:5f:1d:e5:d9:d6:2c:5f:16:18:e2:2f:88:2f:
e3:19:d5:62
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEB7gJOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGVlMDM4OTY4N2RiZDQ0NWRlNmY5MjM5YzFkMDJjMzc3MGNmNTc0MB4XDTIyMDEw
MTEwNTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBkZmZhMWQxNzBm
OGZmZjMwZmQ4OTkxYjM5YmJhNGNhMzQ5ZWUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyEmYPA4khp3lp7cQemiV7B9WuEvkcFw+lXiw1g8pL0GKM3
gemD2nVliuUCgkDLCldj4Zm56Uf3PRto0sWt92WU7XalNt0B8hOoelaqZNjNbyKE
J69Z1lQ4ztVPQ2YyH7i3qUh44fZFsFvZKGrBw4t+vEjrf2/QBAGccXG4aIPEnV50
WeQR1qAXkO22C4E+QtlCdq2lquUFXVIYj6po4mOvqqnC/BrLM6t12iVGFVf4iwXa
ovOLx7iyan1HqDW9RXfkdFqMJ2wF+fhzsirI2Dh25jRWNg6yn3Ks12PXCzfptJaF
Kc/5YK3uaQHZKrAGxUm1RqapAz3nfjdbgD1YnikCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBQw3/odFw+P/zD9iZGzm7pMo0nuITAfBgNVHSMEGDAWgBTQ7gOJaH29RF3m
+SOcHQLDdwz1dDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBPNERpV2g5dlVSZDV2a2puQjBDdzNjTTlYUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvYTExNDE3LTZhYmMtNGMwZC04YWZhLTFhMjlhNDQ4ZDMwOS8x
L01OXzZIUmNQal84d19ZbVJzNXU2VEtOSjdpRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
YTExNDE3LTZhYmMtNGMwZC04YWZhLTFhMjlhNDQ4ZDMwOS8xLzBPNERpV2g5dlVS
ZDV2a2puQjBDdzNjTTlYUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAyV6yAMEAy7+4AMEBE+NAAMEBVOn
gAMEBF+MAAMEAl+qCAMEA41lMAMEA6shmAMEA7L7UAMEArkEFAMEArkOeAMEBNkP
UDANBAIAAjAHAwUAKgFjgDANBgkqhkiG9w0BAQsFAAOCAQEAZ5dGY9WLgrIXevlJ
Rvj/7FPtx8Ky0mDUU+LSmJ95vRP9Ju7HfN617K1gRrmR3YNidGpPolZoorPSK3Um
LdZEkE+XXU1HbJSuJ4Dnpf9h6AkbLQxQNXYIvfSoX3B1GKSiBENuhbBiqjijxh9P
HoJ5RzLCP9R/FzvoMKfkAJb9H6H5yZydOUWB7HvvFep3cJ+TpRH4rAmRqYXIQQ25
sAWXo5Su+nJbHeXGBOfsIdbjiUc5z7IfdQ3XH/3XdzapQmlzzQNhqmV37cFlJPmw
F2W7uLDTwKQFeWbm0fKbZMuo96pnjUZHeoGf2TajJrCdzRhfHeXZ1ixfFhjiL4gv
4xnVYg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:23 2025 by rpki-client