Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/MBhsPfsHvGUN9AvGZBNjkoLW8oQ.roa
File: MBhsPfsHvGUN9AvGZBNjkoLW8oQ.roa (raw, json)
Hash identifier: o3/mlBkiPEqG6gX7oyKeyc2d6sx/o9H7D/kJxQN613Q=
Subject key identifier: 30:18:6C:3D:FB:07:BC:65:0D:F4:0B:C6:64:13:63:92:82:D6:F2:84
Certificate issuer: /CN=4d3b82290c2e8090924a9efd9c517ca14a5c3704
Certificate serial: 36483A07
Authority key identifier: 4D:3B:82:29:0C:2E:80:90:92:4A:9E:FD:9C:51:7C:A1:4A:5C:37:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTuCKQwugJCSSp79nFF8oUpcNwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/MBhsPfsHvGUN9AvGZBNjkoLW8oQ.roa
Signing time: Sat 01 Jan 2022 11:00:12 +0000
ROA not before: Sat 01 Jan 2022 11:00:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196733
IP address blocks: 93.89.64.0/21 maxlen: 21
93.89.72.0/21 maxlen: 21
193.109.134.0/23 maxlen: 23
2a01:ad80::/32 maxlen: 32
2a01:ad80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 910703111 (0x36483a07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d3b82290c2e8090924a9efd9c517ca14a5c3704
Validity
Not Before: Jan 1 11:00:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30186c3dfb07bc650df40bc66413639282d6f284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:05:b2:f7:87:a5:51:d3:65:15:e5:d0:e9:c4:
51:30:fc:85:fa:43:7b:a6:16:46:42:14:06:a2:e2:
65:ee:57:bf:17:83:14:52:a0:64:4f:1f:82:48:28:
be:48:69:a2:b9:7a:3f:64:42:a5:fd:d6:cf:5c:e7:
54:39:82:92:c0:d1:c6:43:a1:b8:9b:ee:43:f0:e4:
21:90:22:0f:6f:70:d2:73:59:7d:82:fb:c7:6a:07:
d2:15:98:45:5d:2e:90:6a:68:ff:ae:a3:93:47:00:
3a:0e:db:7a:d6:59:8f:e4:c9:b9:a1:c5:17:ad:2e:
93:b1:92:f8:27:d3:36:e6:ac:a4:f0:53:fc:f5:5b:
3b:1b:ad:bd:83:d9:24:6c:50:66:20:84:7c:d1:8b:
ee:20:75:a6:2f:73:4c:64:fa:96:d2:ec:6f:87:fa:
a0:dd:d4:0c:d6:54:05:75:7d:f1:b1:25:91:f7:0e:
1e:38:1f:28:f9:f7:ce:e8:8f:ca:0e:b6:00:2b:bd:
a1:42:30:36:64:e4:f9:0a:2b:c7:7b:97:b6:ec:c0:
58:2a:fc:b4:86:de:b2:f5:d2:17:2f:9d:8f:cc:00:
17:80:7a:c7:4b:ae:42:ca:ff:66:78:b4:f6:41:27:
5a:9a:d3:c0:13:51:6b:2a:2a:a6:af:20:6e:fe:22:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:18:6C:3D:FB:07:BC:65:0D:F4:0B:C6:64:13:63:92:82:D6:F2:84
X509v3 Authority Key Identifier:
keyid:4D:3B:82:29:0C:2E:80:90:92:4A:9E:FD:9C:51:7C:A1:4A:5C:37:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTuCKQwugJCSSp79nFF8oUpcNwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/MBhsPfsHvGUN9AvGZBNjkoLW8oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/TTuCKQwugJCSSp79nFF8oUpcNwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.64.0/20
193.109.134.0/23
IPv6:
2a01:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
6a:a1:a7:27:0f:bd:9d:d6:f8:74:c4:a0:59:dd:be:71:41:47:
8f:6b:57:97:0f:76:f0:13:e5:df:60:13:71:fd:54:90:7b:b4:
0f:55:2e:5a:bf:49:2e:2d:d2:45:8c:3f:e5:10:03:84:33:ce:
a7:df:9a:95:56:ec:5d:85:7c:3d:79:0f:bd:b5:35:8a:3d:92:
4a:58:77:66:98:92:61:bd:f0:16:ae:0c:8c:64:83:bc:3d:48:
f1:b3:a0:9e:6a:90:16:94:87:dd:18:cb:f8:0c:27:92:cd:85:
fd:ec:59:45:47:3c:6f:04:8d:78:f7:cd:3c:73:52:28:f8:5e:
f5:b1:4e:22:b1:1e:7b:ec:de:72:0e:10:10:cd:d3:ec:59:81:
85:38:ef:7d:29:b5:77:5c:d5:8d:89:06:ff:37:2a:ed:60:7f:
82:34:e4:6d:7c:f3:4e:48:5b:e8:71:42:f5:d3:b0:79:eb:1a:
1d:00:63:aa:fd:0d:3c:83:96:e2:e0:24:89:ab:7d:15:44:5e:
eb:a5:3f:dd:28:27:69:2f:b7:8f:8c:5c:f6:3d:0a:a9:bb:8f:
d4:ba:ae:6c:a8:8a:e1:71:d5:51:2d:2e:65:0a:bf:bc:82:49:
8e:9b:99:ab:84:fa:ef:6f:e9:f5:08:20:91:ac:d3:f6:95:66:
87:6a:12:ea
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENkg6BzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDNiODIyOTBjMmU4MDkwOTI0YTllZmQ5YzUxN2NhMTRhNWMzNzA0MB4XDTIyMDEw
MTExMDAxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAxODZjM2RmYjA3
YmM2NTBkZjQwYmM2NjQxMzYzOTI4MmQ2ZjI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUFsveHpVHTZRXl0OnEUTD8hfpDe6YWRkIUBqLiZe5XvxeD
FFKgZE8fgkgovkhporl6P2RCpf3Wz1znVDmCksDRxkOhuJvuQ/DkIZAiD29w0nNZ
fYL7x2oH0hWYRV0ukGpo/66jk0cAOg7betZZj+TJuaHFF60uk7GS+CfTNuaspPBT
/PVbOxutvYPZJGxQZiCEfNGL7iB1pi9zTGT6ltLsb4f6oN3UDNZUBXV98bElkfcO
HjgfKPn3zuiPyg62ACu9oUIwNmTk+Qorx3uXtuzAWCr8tIbesvXSFy+dj8wAF4B6
x0uuQsr/Zni09kEnWprTwBNRayoqpq8gbv4ivSMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQwGGw9+we8ZQ30C8ZkE2OSgtbyhDAfBgNVHSMEGDAWgBRNO4IpDC6AkJJK
nv2cUXyhSlw3BDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RUdUNLUXd1Z0pDU1NwNzluRkY4b1VwY053US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvYzVjY2Q4LThmMGQtNDg2Mi04NmFhLWQ5NzllY2U5MzI4NS8x
L01CaHNQZnNIdkdVTjlBdkdaQk5qa29MVzhvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
YzVjY2Q4LThmMGQtNDg2Mi04NmFhLWQ5NzllY2U5MzI4NS8xL1RUdUNLUXd1Z0pD
U1NwNzluRkY4b1VwY053US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBF1ZQAMEAcFthjANBAIAAjAHAwUA
KgGtgDANBgkqhkiG9w0BAQsFAAOCAQEAaqGnJw+9ndb4dMSgWd2+cUFHj2tXlw92
8BPl32ATcf1UkHu0D1UuWr9JLi3SRYw/5RADhDPOp9+alVbsXYV8PXkPvbU1ij2S
Slh3ZpiSYb3wFq4MjGSDvD1I8bOgnmqQFpSH3RjL+Awnks2F/exZRUc8bwSNePfN
PHNSKPhe9bFOIrEee+zecg4QEM3T7FmBhTjvfSm1d1zVjYkG/zcq7WB/gjTkbXzz
Tkhb6HFC9dOweesaHQBjqv0NPIOW4uAkiat9FURe66U/3SgnaS+3j4xc9j0KqbuP
1LqubKiK4XHVUS0uZQq/vIJJjpuZq4T672/p9QggkazT9pVmh2oS6g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:39 2025 by rpki-client