Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/mxTSqukyHXAEBQhIYJaIjVfpXQQ.roa
File: mxTSqukyHXAEBQhIYJaIjVfpXQQ.roa (raw, json)
Hash identifier: tNdpc7RHSJNQJzI2IatOsstYlxE4x0mbbpeOhv/stlU=
Subject key identifier: 9B:14:D2:AA:E9:32:1D:70:04:05:08:48:60:96:88:8D:57:E9:5D:04
Certificate issuer: /CN=ead799026094d60516b527d842b6166805668e9e
Certificate serial: 0184D34733E01F3DC37F3BA7D3D9DE868359
Authority key identifier: EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/mxTSqukyHXAEBQhIYJaIjVfpXQQ.roa
Signing time: Fri 02 Dec 2022 14:39:29 +0000
ROA not before: Fri 02 Dec 2022 14:39:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43422
IP address blocks: 159.101.244.0/22 maxlen: 22
159.101.248.0/22 maxlen: 22
159.101.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:47:33:e0:1f:3d:c3:7f:3b:a7:d3:d9:de:86:83:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead799026094d60516b527d842b6166805668e9e
Validity
Not Before: Dec 2 14:39:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b14d2aae9321d70040508486096888d57e95d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dc:11:a5:45:5c:e3:c8:ea:5e:e5:3a:6c:af:
75:bf:65:de:dc:4a:d6:da:ff:70:34:05:08:37:07:
03:60:da:45:41:88:95:b9:6e:27:e7:44:87:ab:f6:
8d:68:13:de:c4:6b:94:24:97:c3:2d:84:8f:19:88:
f6:29:95:cf:3d:b2:8c:7a:f0:d4:e9:35:40:ab:f0:
65:a6:2c:35:84:18:0d:3b:76:3b:4b:85:c6:9f:fb:
4f:7b:9a:0a:85:ae:27:ba:2c:35:c9:23:c0:3f:de:
5f:64:fe:93:37:f3:e4:a4:64:9b:1f:19:62:c0:80:
ad:43:70:bb:83:38:a6:1f:dd:9b:8f:66:3f:9b:12:
d4:1d:26:c3:93:88:57:08:22:41:e2:04:07:bc:01:
38:2d:96:d0:01:6b:e8:85:7e:0b:40:10:80:50:21:
7c:25:51:77:06:94:04:e2:e8:ca:d1:6f:d6:d6:ca:
cf:7b:fd:8a:94:91:d3:65:7b:fa:c5:1b:7d:56:3c:
9f:58:a6:8e:25:3f:46:ee:23:1e:54:80:aa:4c:8a:
21:f9:03:39:70:1e:3b:d1:50:c3:a9:38:20:74:2e:
f0:7b:45:15:47:96:c4:55:27:d4:2f:43:6b:9d:4c:
6b:59:56:b5:ec:b8:77:b7:34:68:47:70:3e:52:c7:
80:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:14:D2:AA:E9:32:1D:70:04:05:08:48:60:96:88:8D:57:E9:5D:04
X509v3 Authority Key Identifier:
keyid:EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/mxTSqukyHXAEBQhIYJaIjVfpXQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.101.244.0-159.101.255.255
Signature Algorithm: sha256WithRSAEncryption
88:c1:29:88:43:e9:66:f0:96:3e:92:f1:0b:2a:17:a4:e7:9e:
bc:5d:e4:c0:4c:a8:77:2c:f4:fc:86:e4:4b:af:93:65:87:bd:
a7:8b:00:ec:57:cd:43:a6:d8:ad:04:94:36:9f:4f:30:3d:9e:
e8:f3:21:2e:ca:4a:5c:96:30:84:35:5a:4a:6b:a3:62:64:f9:
67:06:e3:35:db:39:ac:34:7f:35:eb:dd:2c:9f:75:30:f1:95:
17:ab:23:ee:c1:d0:c8:3a:8c:d3:ed:96:cd:79:8a:94:7d:8c:
97:f1:19:a5:1c:ee:a8:1c:7d:fb:e4:86:0b:08:87:a3:68:8b:
d6:ca:6a:40:88:64:c8:aa:a1:d3:8a:cd:20:42:82:41:db:48:
b6:75:16:ae:39:ff:e8:31:3c:e8:da:f8:cf:07:7e:fd:dd:58:
cb:36:29:55:42:e9:e4:ac:ca:23:be:19:d6:72:08:13:b6:47:
9b:dd:62:e3:e2:ed:84:12:41:ec:01:c0:56:38:eb:cc:ec:0f:
23:10:8b:66:fb:a6:47:c1:a0:90:f5:9d:1c:6a:6a:47:ba:67:
92:c5:b4:13:a7:7e:a4:97:30:75:b9:83:6a:12:1f:b9:b9:97:
07:5e:9a:ce:ef:22:c5:c9:10:6d:ac:ac:ce:18:49:21:d3:87:
44:b7:bc:9b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYTTRzPgHz3Dfzun09nehoNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDc5OTAyNjA5NGQ2MDUxNmI1MjdkODQyYjYxNjY4MDU2
NjhlOWUwHhcNMjIxMjAyMTQzOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE0ZDJhYWU5MzIxZDcwMDQwNTA4NDg2MDk2ODg4ZDU3ZTk1ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldwRpUVc48jqXuU6bK91v2Xe3ErW
2v9wNAUINwcDYNpFQYiVuW4n50SHq/aNaBPexGuUJJfDLYSPGYj2KZXPPbKMevDU
6TVAq/Blpiw1hBgNO3Y7S4XGn/tPe5oKha4nuiw1ySPAP95fZP6TN/PkpGSbHxli
wICtQ3C7gzimH92bj2Y/mxLUHSbDk4hXCCJB4gQHvAE4LZbQAWvohX4LQBCAUCF8
JVF3BpQE4ujK0W/W1srPe/2KlJHTZXv6xRt9VjyfWKaOJT9G7iMeVICqTIoh+QM5
cB470VDDqTggdC7we0UVR5bEVSfUL0NrnUxrWVa17Lh3tzRoR3A+UseAnwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFJsU0qrpMh1wBAUISGCWiI1X6V0EMB8GA1UdIwQY
MBaAFOrXmQJglNYFFrUn2EK2FmgFZo6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgt
MzBjOWUyMDJlOTk1LzEvbXhUU3F1a3lIWEFFQlFoSVlKYUlqVmZwWFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgtMzBjOWUyMDJlOTk1
LzEvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAKfZfQD
AwGfZDANBgkqhkiG9w0BAQsFAAOCAQEAiMEpiEPpZvCWPpLxCyoXpOeevF3kwEyo
dyz0/IbkS6+TZYe9p4sA7FfNQ6bYrQSUNp9PMD2e6PMhLspKXJYwhDVaSmujYmT5
ZwbjNds5rDR/NevdLJ91MPGVF6sj7sHQyDqM0+2WzXmKlH2Ml/EZpRzuqBx9++SG
CwiHo2iL1spqQIhkyKqh04rNIEKCQdtItnUWrjn/6DE86Nr4zwd+/d1YyzYpVULp
5KzKI74Z1nIIE7ZHm91i4+LthBJB7AHAVjjrzOwPIxCLZvumR8GgkPWdHGpqR7pn
ksW0E6d+pJcwdbmDahIfubmXB16azu8ixckQbayszhhJIdOHRLe8mw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:33 2025 by rpki-client