Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/MTUMjmPQ6oQHPvwlH6MeBlJu1ns.roa
File: MTUMjmPQ6oQHPvwlH6MeBlJu1ns.roa (raw, json)
Hash identifier: B7y2YsLAtdhlBQpHqEu8ob+97nOqvT6gm8e8qWMy6u4=
Subject key identifier: 31:35:0C:8E:63:D0:EA:84:07:3E:FC:25:1F:A3:1E:06:52:6E:D6:7B
Certificate issuer: /CN=612423536e51f94fabfc50acf944d798aacf403f
Certificate serial: 01856C41504DAFF49519B58C8E501D66425B
Authority key identifier: 61:24:23:53:6E:51:F9:4F:AB:FC:50:AC:F9:44:D7:98:AA:CF:40:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/MTUMjmPQ6oQHPvwlH6MeBlJu1ns.roa
Signing time: Sun 01 Jan 2023 07:34:57 +0000
ROA not before: Sun 01 Jan 2023 07:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41766
IP address blocks: 193.37.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:50:4d:af:f4:95:19:b5:8c:8e:50:1d:66:42:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612423536e51f94fabfc50acf944d798aacf403f
Validity
Not Before: Jan 1 07:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31350c8e63d0ea84073efc251fa31e06526ed67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:33:1d:59:0f:15:46:2f:8f:ad:23:5b:65:e5:
60:aa:7f:41:0e:ea:d7:5f:67:77:c7:30:b7:98:87:
c4:f4:fd:52:93:8d:56:79:41:09:d9:6f:2e:13:fa:
ad:f2:d7:ce:48:38:30:9f:2e:0d:ae:0f:a1:22:d7:
8f:1c:0b:44:d8:34:a8:b8:17:78:76:e2:96:ab:14:
b3:0f:e2:44:16:25:c5:f7:df:c5:fd:c0:7d:fe:0f:
13:e3:de:ca:1c:47:f7:ef:43:4b:4d:e4:df:9f:8c:
12:52:12:2d:bb:13:9c:45:24:7f:28:33:42:44:d9:
82:75:5d:a7:29:44:83:df:f6:46:e2:0b:6c:69:9e:
1e:c1:09:da:e5:30:42:71:23:82:94:49:56:45:2a:
f5:bb:b3:e2:33:58:4f:9f:5f:35:93:7f:8f:e7:58:
2e:f3:41:e3:22:c6:cf:d5:6a:f9:1a:3c:f2:34:5d:
f2:19:af:46:27:e6:df:28:8d:e0:86:62:69:6c:45:
8d:cc:02:86:93:4a:ee:ee:fb:f3:98:05:a1:dc:5e:
29:d6:17:4f:d8:e3:2c:48:2d:33:8a:f8:f3:9f:f9:
f2:8b:61:0f:b6:cc:8b:d4:a5:64:35:ba:a4:bb:29:
56:fb:0f:d8:c1:39:26:fe:d6:ef:55:4b:a4:35:3f:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:35:0C:8E:63:D0:EA:84:07:3E:FC:25:1F:A3:1E:06:52:6E:D6:7B
X509v3 Authority Key Identifier:
keyid:61:24:23:53:6E:51:F9:4F:AB:FC:50:AC:F9:44:D7:98:AA:CF:40:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/MTUMjmPQ6oQHPvwlH6MeBlJu1ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.147.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:b3:ee:e1:8c:cc:5c:d6:7e:bb:63:fc:21:4c:a2:97:67:a4:
4a:c2:6e:6c:0c:84:b0:19:cd:82:b8:85:5f:a2:42:82:fa:db:
52:f8:9f:4f:db:4b:74:7b:ee:ff:70:11:38:1d:d0:86:14:b8:
7f:00:07:27:49:96:9c:53:c5:23:e7:47:72:42:3a:b0:d4:fc:
64:07:3a:7e:66:30:56:80:d2:d1:fd:02:f4:61:53:09:bf:5e:
e0:ca:da:9c:21:21:4c:74:7f:1d:19:c4:86:e0:93:bf:cd:cd:
0a:fc:d3:40:c0:d9:7e:c1:f7:e2:46:e2:32:ec:0d:88:b9:d2:
f2:7a:d9:13:58:1d:62:be:33:52:65:80:f8:c7:e6:ba:57:eb:
b4:be:d1:e9:c4:54:5f:53:91:1a:6c:4f:c4:96:75:0b:f3:95:
61:5f:1e:dd:bc:6e:a2:78:04:18:54:e1:0c:bd:5b:46:fe:83:
31:f6:1f:89:17:6d:ba:ca:70:fb:c0:29:85:b8:76:c6:86:5f:
76:3f:2e:72:69:ce:6f:85:d5:75:c8:18:76:34:ab:cd:80:e5:
28:8a:5b:4b:68:2a:65:46:1a:66:31:25:1e:50:9d:98:10:79:
2c:f8:0f:f5:44:f1:4f:0f:34:16:0e:46:a0:b4:f1:ae:90:aa:
8e:80:6b:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQVBNr/SVGbWMjlAdZkJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMjQyMzUzNmU1MWY5NGZhYmZjNTBhY2Y5NDRkNzk4YWFj
ZjQwM2YwHhcNMjMwMTAxMDczNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM1MGM4ZTYzZDBlYTg0MDczZWZjMjUxZmEzMWUwNjUyNmVkNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDMdWQ8VRi+PrSNbZeVgqn9BDurX
X2d3xzC3mIfE9P1Sk41WeUEJ2W8uE/qt8tfOSDgwny4Nrg+hItePHAtE2DSouBd4
duKWqxSzD+JEFiXF99/F/cB9/g8T497KHEf370NLTeTfn4wSUhItuxOcRSR/KDNC
RNmCdV2nKUSD3/ZG4gtsaZ4ewQna5TBCcSOClElWRSr1u7PiM1hPn181k3+P51gu
80HjIsbP1Wr5GjzyNF3yGa9GJ+bfKI3ghmJpbEWNzAKGk0ru7vvzmAWh3F4p1hdP
2OMsSC0zivjzn/nyi2EPtsyL1KVkNbqkuylW+w/YwTkm/tbvVUukNT+tRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDE1DI5j0OqEBz78JR+jHgZSbtZ7MB8GA1UdIwQY
MBaAFGEkI1NuUflPq/xQrPlE15iqz0A/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVNRalUyNVItVS1yX0ZDcy1VVFhtS3JQUUQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YjBlYzctOTg0OC00MTYzLWFjMWIt
N2IwNGQzNTk3Mzc4LzEvTVRVTWptUFE2b1FIUHZ3bEg2TWVCbEp1MW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YjBlYzctOTg0OC00MTYzLWFjMWItN2IwNGQzNTk3Mzc4
LzEvWVNRalUyNVItVS1yX0ZDcy1VVFhtS3JQUUQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSWTMA0G
CSqGSIb3DQEBCwUAA4IBAQBfs+7hjMxc1n67Y/whTKKXZ6RKwm5sDISwGc2CuIVf
okKC+ttS+J9P20t0e+7/cBE4HdCGFLh/AAcnSZacU8Uj50dyQjqw1PxkBzp+ZjBW
gNLR/QL0YVMJv17gytqcISFMdH8dGcSG4JO/zc0K/NNAwNl+wffiRuIy7A2IudLy
etkTWB1ivjNSZYD4x+a6V+u0vtHpxFRfU5EabE/ElnUL85VhXx7dvG6ieAQYVOEM
vVtG/oMx9h+JF226ynD7wCmFuHbGhl92Py5yac5vhdV1yBh2NKvNgOUoiltLaCpl
RhpmMSUeUJ2YEHks+A/1RPFPDzQWDkagtPGukKqOgGu/
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:19:13 2025 by rpki-client