Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/MuTJ1qzsr9e_U4P6Fj8MjagUKaI.roa
File: MuTJ1qzsr9e_U4P6Fj8MjagUKaI.roa (raw, json)
Hash identifier: P2bdQdAj8NOzvjnlbpJtkBvl/vYwXFYSFG9QXiE7hag=
Subject key identifier: 32:E4:C9:D6:AC:EC:AF:D7:BF:53:83:FA:16:3F:0C:8D:A8:14:29:A2
Certificate issuer: /CN=afab1e48def14b29d21d34234c448ea808e618bf
Certificate serial: 01892B963DD0D1F9C903941ECBFBE4D73BD7
Authority key identifier: AF:AB:1E:48:DE:F1:4B:29:D2:1D:34:23:4C:44:8E:A8:08:E6:18:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6seSN7xSynSHTQjTESOqAjmGL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/MuTJ1qzsr9e_U4P6Fj8MjagUKaI.roa
Signing time: Thu 06 Jul 2023 14:23:33 +0000
ROA not before: Thu 06 Jul 2023 14:23:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 193.246.28.0/24 maxlen: 24
193.246.31.0/24 maxlen: 24
193.246.30.0/24 maxlen: 24
193.246.29.0/24 maxlen: 24
193.246.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:96:3d:d0:d1:f9:c9:03:94:1e:cb:fb:e4:d7:3b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afab1e48def14b29d21d34234c448ea808e618bf
Validity
Not Before: Jul 6 14:23:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32e4c9d6acecafd7bf5383fa163f0c8da81429a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6b:ad:9c:1a:1e:80:b5:a8:27:48:47:2f:a3:
b6:c0:17:0a:94:e0:76:7d:2c:ed:02:3c:c9:55:4f:
85:2b:13:75:1a:42:2e:99:c4:3e:cf:b7:24:4c:79:
f3:07:58:6a:67:ef:97:93:dd:b7:3f:df:b5:76:b2:
f8:cb:e8:80:06:b9:f5:f2:b2:1f:c4:c6:81:93:b3:
9e:b8:53:b3:cf:79:6a:e0:c0:d4:71:f2:14:10:a7:
d1:02:01:8d:0d:c9:e8:aa:10:f5:00:59:cc:2c:60:
2f:b3:87:3f:0b:37:1a:a5:c5:1f:f8:9e:b3:ba:fa:
60:be:25:21:11:99:81:4e:b4:d1:4e:cc:7a:58:d9:
f2:eb:5e:e5:0d:91:11:76:a7:ba:e1:82:64:6e:d1:
d8:36:04:e7:d2:78:08:ba:50:5b:04:98:b7:e5:ea:
0c:55:8d:4d:70:62:0d:39:d0:bb:a6:50:c5:05:f4:
a0:09:47:f0:74:a8:6b:31:b1:96:ee:ad:90:96:b0:
e4:bf:b2:30:4a:72:db:36:94:72:a0:dc:86:da:19:
67:91:28:85:bd:98:d9:25:c2:36:55:87:d5:ee:d1:
da:5a:20:07:ad:88:d8:40:ff:dc:54:39:b6:9e:26:
f6:32:02:3b:00:6b:7c:3b:e9:1e:a6:7f:56:32:be:
f2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E4:C9:D6:AC:EC:AF:D7:BF:53:83:FA:16:3F:0C:8D:A8:14:29:A2
X509v3 Authority Key Identifier:
keyid:AF:AB:1E:48:DE:F1:4B:29:D2:1D:34:23:4C:44:8E:A8:08:E6:18:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6seSN7xSynSHTQjTESOqAjmGL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/MuTJ1qzsr9e_U4P6Fj8MjagUKaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/r6seSN7xSynSHTQjTESOqAjmGL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.24.0/24
193.246.28.0/22
Signature Algorithm: sha256WithRSAEncryption
90:1a:fd:41:d5:a8:9e:10:72:4c:41:7e:27:ab:e7:2b:a4:53:
73:34:51:c9:3c:9a:77:0d:1b:08:5b:05:5e:44:7d:83:25:89:
8a:04:41:94:35:0b:e7:5d:5d:0b:1d:45:9b:4f:7d:89:1e:f1:
0c:59:6f:c9:3f:de:cc:b2:4e:6b:94:1e:e7:2c:03:70:b8:4b:
07:78:4d:a1:ca:30:1b:09:34:73:73:e5:52:01:02:97:0e:a6:
4c:bb:ff:b4:1e:66:fd:b5:64:ea:83:00:92:72:97:a5:e7:12:
ed:0a:f3:cc:84:a0:5a:7c:ff:58:ee:82:15:1d:22:46:70:6c:
33:95:d5:6f:11:f8:2f:3c:5f:cb:e5:b6:57:db:07:8b:6c:bc:
ec:02:f6:55:e3:f1:73:be:d2:9f:35:7c:0a:e8:e7:4f:7e:f5:
fd:99:0b:83:2f:68:ee:3b:be:41:40:00:e3:73:65:78:56:9a:
c5:13:aa:27:71:dd:c1:da:c2:d7:e4:f1:fd:61:34:e0:13:6e:
ef:52:da:36:6e:92:36:d0:83:e5:bc:52:0b:0f:48:15:9f:e5:
b3:b9:7d:2f:be:03:90:df:fc:0c:98:7f:38:5a:de:b3:b7:ce:
ad:ee:ac:10:50:bf:c7:ee:5f:9c:03:d3:33:2b:d4:57:3c:43:
e7:91:c5:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkrlj3Q0fnJA5Qey/vk1zvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYWIxZTQ4ZGVmMTRiMjlkMjFkMzQyMzRjNDQ4ZWE4MDhl
NjE4YmYwHhcNMjMwNzA2MTQyMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmU0YzlkNmFjZWNhZmQ3YmY1MzgzZmExNjNmMGM4ZGE4MTQyOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmutnBoegLWoJ0hHL6O2wBcKlOB2
fSztAjzJVU+FKxN1GkIumcQ+z7ckTHnzB1hqZ++Xk923P9+1drL4y+iABrn18rIf
xMaBk7OeuFOzz3lq4MDUcfIUEKfRAgGNDcnoqhD1AFnMLGAvs4c/CzcapcUf+J6z
uvpgviUhEZmBTrTRTsx6WNny617lDZERdqe64YJkbtHYNgTn0ngIulBbBJi35eoM
VY1NcGINOdC7plDFBfSgCUfwdKhrMbGW7q2QlrDkv7IwSnLbNpRyoNyG2hlnkSiF
vZjZJcI2VYfV7tHaWiAHrYjYQP/cVDm2nib2MgI7AGt8O+kepn9WMr7yNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDLkydas7K/Xv1OD+hY/DI2oFCmiMB8GA1UdIwQY
MBaAFK+rHkje8Usp0h00I0xEjqgI5hi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZzZVNON3hTeW5TSFRRalRFU09xQWptR0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wZTYwN2YtZTIxZi00Y2ZhLWEzMzYt
OTMxNDg2MGMyYzdmLzEvTXVUSjFxenNyOWVfVTRQNkZqOE1qYWdVS2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wZTYwN2YtZTIxZi00Y2ZhLWEzMzYtOTMxNDg2MGMyYzdm
LzEvcjZzZVNON3hTeW5TSFRRalRFU09xQWptR0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwfYYAwQC
wfYcMA0GCSqGSIb3DQEBCwUAA4IBAQCQGv1B1aieEHJMQX4nq+crpFNzNFHJPJp3
DRsIWwVeRH2DJYmKBEGUNQvnXV0LHUWbT32JHvEMWW/JP97Msk5rlB7nLANwuEsH
eE2hyjAbCTRzc+VSAQKXDqZMu/+0Hmb9tWTqgwCScpel5xLtCvPMhKBafP9Y7oIV
HSJGcGwzldVvEfgvPF/L5bZX2weLbLzsAvZV4/FzvtKfNXwK6OdPfvX9mQuDL2ju
O75BQADjc2V4VprFE6oncd3B2sLX5PH9YTTgE27vUto2bpI20IPlvFILD0gVn+Wz
uX0vvgOQ3/wMmH84Wt6zt86t7qwQUL/H7l+cA9MzK9RXPEPnkcXi
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:55:54 2025 by rpki-client