Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/mHTscMDqOX5201_V39jRmvMa2bU.roa
File: mHTscMDqOX5201_V39jRmvMa2bU.roa (raw, json)
Hash identifier: +Eof1zfXJwM6dEKdEuMEWO0+hR4D+NQlkTET0SG+G/4=
Subject key identifier: 98:74:EC:70:C0:EA:39:7E:76:D3:5F:D5:DF:D8:D1:9A:F3:1A:D9:B5
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018B4841396B7491A302E63B3F381CE95B19
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/mHTscMDqOX5201_V39jRmvMa2bU.roa
Signing time: Thu 19 Oct 2023 14:05:15 +0000
ROA not before: Thu 19 Oct 2023 14:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 217.147.180.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:41:39:6b:74:91:a3:02:e6:3b:3f:38:1c:e9:5b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Oct 19 14:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9874ec70c0ea397e76d35fd5dfd8d19af31ad9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:64:53:b8:77:d3:c2:df:b9:18:0a:92:0f:be:
0c:73:5e:4a:44:b3:f9:c7:48:25:a1:0b:36:14:07:
5f:05:de:44:a1:6a:11:c3:a9:3b:0a:a2:24:77:89:
45:87:99:ff:ab:3a:07:e0:30:0b:ff:d7:d4:b0:1b:
36:8e:49:44:8d:da:00:d2:a5:3c:48:84:28:70:c3:
fd:9f:73:df:df:16:3e:a0:1e:4a:29:aa:10:93:63:
ff:4e:b3:ab:00:ad:90:d7:23:b9:53:b3:0e:33:56:
d7:d9:74:4c:10:b8:1c:62:ce:19:0c:7a:d0:ba:93:
a1:53:59:9a:e3:34:5f:8d:9a:39:31:86:6f:cc:cc:
7b:19:79:c3:96:a2:4a:dc:74:63:97:0f:f3:b3:1d:
8e:cd:7c:66:e1:9e:b6:0e:1d:8d:b3:9b:44:00:e9:
f5:07:7f:52:c8:d6:bb:31:be:87:4f:04:96:26:45:
50:a2:01:8a:a9:5c:9c:ac:00:29:26:22:c7:25:51:
ba:ff:4b:00:bd:04:a5:4c:96:7a:73:24:4b:63:53:
bc:01:3e:8d:1a:66:71:f1:5b:88:fa:05:48:5e:d3:
f9:d3:f1:3d:54:e9:39:ff:2c:e7:50:0b:82:93:b5:
95:d1:23:02:47:b5:ed:31:ed:55:c4:a6:bc:5c:09:
f8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:74:EC:70:C0:EA:39:7E:76:D3:5F:D5:DF:D8:D1:9A:F3:1A:D9:B5
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/mHTscMDqOX5201_V39jRmvMa2bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:9b:cf:f3:64:6a:59:10:3b:e6:e7:97:29:de:1a:f1:9e:40:
74:a2:02:55:16:ea:dc:6c:45:6d:d2:67:65:3d:49:22:08:4d:
bf:d3:86:8e:62:62:96:5b:ec:97:42:88:c2:4a:3d:49:30:b7:
6f:b2:c4:f3:70:b7:58:ce:ad:dc:0a:55:7a:9c:eb:71:54:be:
fc:b6:f6:3b:8b:4f:71:e8:cb:e2:7b:2e:b9:16:24:5c:3a:dd:
84:b5:e1:b3:d3:2b:43:08:d3:5d:2b:37:8d:62:3c:b9:fa:2f:
9b:ae:2e:cf:7c:76:7e:82:be:39:ec:7a:db:41:53:31:63:a9:
47:58:3b:72:52:0f:9a:10:ec:d0:8c:f3:ae:40:89:66:d6:32:
07:f1:af:f5:39:a0:23:27:1b:fe:11:f0:3f:0f:77:9b:db:76:
87:f8:0c:49:3a:3f:d4:e2:14:70:48:84:d2:94:66:24:5a:5f:
3b:9c:32:79:02:da:67:59:f6:38:31:56:21:fa:eb:4c:f2:6d:
5f:35:16:23:90:8e:8d:0f:0d:65:1a:f9:ea:6d:8b:46:92:a7:
2b:fb:06:73:cc:85:ae:5b:3c:8c:05:65:f1:a4:fe:bb:01:a1:
50:50:de:11:95:88:2f:05:eb:6e:47:6f:01:87:8d:68:5e:33:
7f:22:86:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtIQTlrdJGjAuY7Pzgc6VsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjMxMDE5MTQwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc0ZWM3MGMwZWEzOTdlNzZkMzVmZDVkZmQ4ZDE5YWYzMWFkOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGRTuHfTwt+5GAqSD74Mc15KRLP5
x0gloQs2FAdfBd5EoWoRw6k7CqIkd4lFh5n/qzoH4DAL/9fUsBs2jklEjdoA0qU8
SIQocMP9n3Pf3xY+oB5KKaoQk2P/TrOrAK2Q1yO5U7MOM1bX2XRMELgcYs4ZDHrQ
upOhU1ma4zRfjZo5MYZvzMx7GXnDlqJK3HRjlw/zsx2OzXxm4Z62Dh2Ns5tEAOn1
B39SyNa7Mb6HTwSWJkVQogGKqVycrAApJiLHJVG6/0sAvQSlTJZ6cyRLY1O8AT6N
GmZx8VuI+gVIXtP50/E9VOk5/yznUAuCk7WV0SMCR7XtMe1VxKa8XAn4xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJh07HDA6jl+dtNf1d/Y0ZrzGtm1MB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvbUhUc2NNRHFPWDUyMDFfVjM5alJtdk1hMmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZO0MA0G
CSqGSIb3DQEBCwUAA4IBAQB8m8/zZGpZEDvm55cp3hrxnkB0ogJVFurcbEVt0mdl
PUkiCE2/04aOYmKWW+yXQojCSj1JMLdvssTzcLdYzq3cClV6nOtxVL78tvY7i09x
6Mviey65FiRcOt2EteGz0ytDCNNdKzeNYjy5+i+bri7PfHZ+gr457HrbQVMxY6lH
WDtyUg+aEOzQjPOuQIlm1jIH8a/1OaAjJxv+EfA/D3eb23aH+AxJOj/U4hRwSITS
lGYkWl87nDJ5AtpnWfY4MVYh+utM8m1fNRYjkI6NDw1lGvnqbYtGkqcr+wZzzIWu
WzyMBWXxpP67AaFQUN4RlYgvBetuR28Bh41oXjN/IoZ9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:45 2025 by rpki-client