Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/MjMtC7ZR2Hhb_nTyts7dMapy4OM.roa
File: MjMtC7ZR2Hhb_nTyts7dMapy4OM.roa (raw, json)
Hash identifier: 4zJc9G1waW2ES61KsQ5tWaxjxEmNOEzrLGSTjy6gdUQ=
Subject key identifier: 32:33:2D:0B:B6:51:D8:78:5B:FE:74:F2:B6:CE:DD:31:AA:72:E0:E3
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018912833CE19FA544FB553755F1EC0EA1B3
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/MjMtC7ZR2Hhb_nTyts7dMapy4OM.roa
Signing time: Sat 01 Jul 2023 17:32:17 +0000
ROA not before: Sat 01 Jul 2023 17:32:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3177
IP address blocks: 195.28.11.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.220.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
2a05:63c0::/29 maxlen: 29
2a10:ef04:1000::/48 maxlen: 48
2a10:ef04:1001::/48 maxlen: 48
2a0f:c040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:12:83:3c:e1:9f:a5:44:fb:55:37:55:f1:ec:0e:a1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jul 1 17:32:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32332d0bb651d8785bfe74f2b6cedd31aa72e0e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:99:56:5a:6e:40:b4:a1:d7:55:04:26:9d:fa:
9b:8d:28:a1:23:50:54:28:b0:71:b9:86:21:b6:46:
7e:a0:10:65:fa:20:d1:31:32:11:3c:c1:97:f7:6f:
55:c7:e2:f1:8f:1e:53:85:d8:2a:af:cc:31:93:27:
8d:29:65:bf:ac:7c:7c:e0:9d:ac:59:3a:7b:a3:94:
bf:a2:25:f9:44:6c:d8:c6:bc:db:9b:a5:c0:d5:9e:
78:9f:66:5d:f7:9a:9e:56:ef:77:27:00:3c:97:98:
c6:60:59:95:8b:3a:fc:c4:9a:3b:58:7b:cf:24:d7:
d9:3b:4a:dc:7f:62:89:53:91:99:2c:4f:4e:00:7c:
2e:73:6d:84:c8:ac:f6:cc:61:9b:92:15:af:53:05:
0a:d3:77:e0:c2:60:03:57:52:cc:4c:0b:22:bd:11:
18:17:d1:c3:2e:45:16:74:23:ec:0a:7c:c7:22:7f:
24:67:e5:6f:c8:88:8c:b5:f0:5a:ef:da:ad:b1:99:
f7:5c:ad:11:73:2b:ac:34:30:7e:5d:07:ba:c2:28:
e7:9a:4e:0c:0c:b8:e0:27:5e:e6:16:62:6b:e0:7c:
6e:93:d6:d0:08:25:f2:b0:8f:61:f3:11:12:06:ca:
d0:9a:7d:39:c7:cf:a9:b7:f8:6a:67:f2:37:38:07:
96:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:33:2D:0B:B6:51:D8:78:5B:FE:74:F2:B6:CE:DD:31:AA:72:E0:E3
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/MjMtC7ZR2Hhb_nTyts7dMapy4OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
195.28.11.0/24
195.238.231.0/24
IPv6:
2a05:63c0::/29
2a0f:c040::/29
2a10:ef04:1000::/47
Signature Algorithm: sha256WithRSAEncryption
51:15:e8:14:a9:af:09:20:ae:c5:be:70:8a:25:b5:35:ec:91:
07:fb:5e:31:9b:66:c2:7f:26:9f:99:67:48:47:b6:b2:32:ee:
ad:b1:5e:12:5a:35:f1:6c:1e:5b:9b:7c:50:4c:fd:89:f6:fe:
d2:18:9e:70:b9:ec:5a:1f:0d:fd:7c:50:74:1c:18:af:9b:ce:
96:ac:9f:ab:15:38:9b:5d:a5:23:61:05:c9:17:ec:79:c2:63:
a3:eb:84:75:d4:9e:39:41:fc:e4:1a:29:1a:d7:0b:9c:fa:56:
9d:36:e2:3c:a9:90:c0:80:f3:9a:53:fa:b1:2e:91:8a:7b:ad:
ab:b6:4e:5b:7a:a2:1c:22:ad:5c:ce:de:64:ee:10:34:88:16:
62:32:79:ee:e7:3b:19:a2:c2:ca:73:46:e3:24:9b:f2:ae:a2:
47:8b:66:a3:ca:11:38:ff:95:dc:84:44:24:eb:4d:fa:92:3c:
98:bc:78:a6:2e:7a:29:49:03:2c:f4:fe:96:6f:df:4f:d2:82:
8d:b0:cf:01:9f:06:fa:c3:b9:31:44:05:b2:d1:d7:90:64:5b:
5b:86:76:4d:a3:c6:c3:f8:55:d5:f1:f2:3d:a9:ea:72:35:7b:
89:5e:82:54:55:0d:96:83:0a:86:f9:0f:51:09:97:dd:c1:fd:
b7:0d:23:9a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYkSgzzhn6VE+1U3VfHsDqGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwNzAxMTczMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjMzMmQwYmI2NTFkODc4NWJmZTc0ZjJiNmNlZGQzMWFhNzJlMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZlWWm5AtKHXVQQmnfqbjSihI1BU
KLBxuYYhtkZ+oBBl+iDRMTIRPMGX929Vx+Lxjx5Thdgqr8wxkyeNKWW/rHx84J2s
WTp7o5S/oiX5RGzYxrzbm6XA1Z54n2Zd95qeVu93JwA8l5jGYFmVizr8xJo7WHvP
JNfZO0rcf2KJU5GZLE9OAHwuc22EyKz2zGGbkhWvUwUK03fgwmADV1LMTAsivREY
F9HDLkUWdCPsCnzHIn8kZ+VvyIiMtfBa79qtsZn3XK0RcyusNDB+XQe6wijnmk4M
DLjgJ17mFmJr4Hxuk9bQCCXysI9h8xESBsrQmn05x8+pt/hqZ/I3OAeWAQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDIzLQu2Udh4W/508rbO3TGqcuDjMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvTWpNdEM3WlIySGhiX25UeXRzN2RNYXB5NE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQCZ9fcAwQA
wxwLAwQAw+7nMB0EAgACMBcDBQMqBWPAAwUDKg/AQAMHASoQ7wQQADANBgkqhkiG
9w0BAQsFAAOCAQEAURXoFKmvCSCuxb5wiiW1NeyRB/teMZtmwn8mn5lnSEe2sjLu
rbFeElo18WweW5t8UEz9ifb+0hiecLnsWh8N/XxQdBwYr5vOlqyfqxU4m12lI2EF
yRfsecJjo+uEddSeOUH85BopGtcLnPpWnTbiPKmQwIDzmlP6sS6Rinutq7ZOW3qi
HCKtXM7eZO4QNIgWYjJ57uc7GaLCynNG4ySb8q6iR4tmo8oROP+V3IREJOtN+pI8
mLx4pi56KUkDLPT+lm/fT9KCjbDPAZ8G+sO5MUQFstHXkGRbW4Z2TaPGw/hV1fHy
PanqcjV7iV6CVFUNloMKhvkPUQmX3cH9tw0jmg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:18 2025 by rpki-client