Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/MP492Ogd2LScRX_0MjXgqb59xfk.roa
File: MP492Ogd2LScRX_0MjXgqb59xfk.roa (raw, json)
Hash identifier: 9fKo9tO7v7W+qkm7EJPsg7vxE+poquSTG3rUBiBtlO0=
Subject key identifier: 30:FE:3D:D8:E8:1D:D8:B4:9C:45:7F:F4:32:35:E0:A9:BE:7D:C5:F9
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 01856F42BEE328240806BE6E891689EA98CA
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/MP492Ogd2LScRX_0MjXgqb59xfk.roa
Signing time: Sun 01 Jan 2023 21:35:23 +0000
ROA not before: Sun 01 Jan 2023 21:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60077
IP address blocks: 193.151.128.0/20 maxlen: 32
193.151.128.0/19 maxlen: 32
193.151.144.0/20 maxlen: 32
193.151.157.0/24 maxlen: 32
193.151.159.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:be:e3:28:24:08:06:be:6e:89:16:89:ea:98:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 21:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30fe3dd8e81dd8b49c457ff43235e0a9be7dc5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0a:8b:d6:2e:da:35:06:5c:fb:93:d6:de:f3:
b4:61:be:f5:de:30:68:b3:f7:cb:aa:17:a7:38:36:
b7:88:2c:3f:3b:23:2b:c6:e1:3e:b3:70:07:61:bf:
88:f5:5d:66:4f:ac:0c:fa:c7:0b:a2:67:4e:ff:3e:
e9:87:9b:fe:b2:e8:c3:d8:6c:e4:c8:f4:4d:73:ed:
8f:59:23:6b:1e:5c:bb:50:ad:5b:53:74:53:41:71:
e4:6d:55:01:c6:7d:eb:39:8f:fd:f2:31:69:9e:ad:
b9:52:97:a1:fa:d0:31:22:01:b5:29:8d:66:21:61:
b9:61:1d:11:ea:af:92:e8:2a:9a:eb:01:76:bf:5c:
fe:32:9b:4c:c7:42:dc:f6:35:91:67:42:14:09:bc:
6e:cb:72:20:e1:04:67:44:9c:87:11:33:d8:e4:aa:
1c:55:64:c2:79:74:4c:d2:33:f4:1a:2f:de:93:c1:
43:86:76:e4:12:a1:e1:4d:52:ae:b7:86:40:1f:be:
ba:75:e8:d7:5b:5f:05:39:e8:03:dc:6d:52:2d:27:
de:03:e4:1b:79:29:08:0e:e8:f0:43:4a:18:e2:7c:
64:ce:79:ed:92:58:86:3c:7d:a4:d9:8e:3c:f6:d7:
4f:65:db:8c:18:ae:f0:4a:e3:20:ef:f4:21:c3:d0:
39:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FE:3D:D8:E8:1D:D8:B4:9C:45:7F:F4:32:35:E0:A9:BE:7D:C5:F9
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/MP492Ogd2LScRX_0MjXgqb59xfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a0:aa:76:5a:86:da:aa:8d:ea:a7:ce:8d:47:99:9b:7b:98:cf:
64:e7:b3:63:5f:d1:f5:5f:09:9a:13:92:b4:f2:a1:bf:ff:f5:
a4:a8:5e:56:29:72:1f:92:19:b1:c3:48:95:bb:1f:cf:23:fb:
7a:bc:dd:ac:8f:f8:58:95:1e:6c:97:a2:01:e3:63:35:a5:62:
8d:6d:9b:54:f8:ee:bc:07:eb:e0:8a:b4:fa:43:f7:c1:0e:bf:
7a:0e:8b:5a:ff:01:4a:b8:bf:de:52:ca:57:54:69:b5:c5:e4:
f5:d1:81:b5:3e:b5:e1:83:2d:cb:c7:15:e0:1e:1b:e6:bd:47:
b0:af:b8:24:b7:11:d2:56:cb:a2:f6:9b:05:ae:0e:cb:e7:7e:
4f:c2:f8:ed:55:a6:68:54:54:47:dc:9f:95:96:79:5e:b6:dc:
e5:26:17:05:a3:7c:b7:d8:0f:4a:a5:da:7b:1c:f7:61:f5:7c:
e3:38:6a:d5:a6:e9:f8:d8:56:c7:ca:41:b2:2b:9d:23:95:eb:
07:15:d6:cc:2c:20:e1:f0:8c:59:e2:80:51:28:9c:93:db:90:
76:37:62:29:47:02:db:49:03:2b:49:f8:3d:24:a6:be:c2:8e:
fd:ba:67:c0:70:a6:21:35:14:61:bd:6a:72:09:98:19:17:69:
70:6b:01:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQr7jKCQIBr5uiRaJ6pjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwMTAxMjEzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZlM2RkOGU4MWRkOGI0OWM0NTdmZjQzMjM1ZTBhOWJlN2RjNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgqL1i7aNQZc+5PW3vO0Yb713jBo
s/fLqhenODa3iCw/OyMrxuE+s3AHYb+I9V1mT6wM+scLomdO/z7ph5v+sujD2Gzk
yPRNc+2PWSNrHly7UK1bU3RTQXHkbVUBxn3rOY/98jFpnq25Upeh+tAxIgG1KY1m
IWG5YR0R6q+S6Cqa6wF2v1z+MptMx0Lc9jWRZ0IUCbxuy3Ig4QRnRJyHETPY5Koc
VWTCeXRM0jP0Gi/ek8FDhnbkEqHhTVKut4ZAH766dejXW18FOegD3G1SLSfeA+Qb
eSkIDujwQ0oY4nxkznntkliGPH2k2Y489tdPZduMGK7wSuMg7/Qhw9A5OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDD+PdjoHdi0nEV/9DI14Km+fcX5MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvTVA0OTJPZ2QyTFNjUlhfME1qWGdxYjU5eGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwZeAMA0G
CSqGSIb3DQEBCwUAA4IBAQCgqnZahtqqjeqnzo1HmZt7mM9k57NjX9H1XwmaE5K0
8qG///WkqF5WKXIfkhmxw0iVux/PI/t6vN2sj/hYlR5sl6IB42M1pWKNbZtU+O68
B+vgirT6Q/fBDr96Dota/wFKuL/eUspXVGm1xeT10YG1PrXhgy3LxxXgHhvmvUew
r7gktxHSVsui9psFrg7L535PwvjtVaZoVFRH3J+VlnlettzlJhcFo3y32A9Kpdp7
HPdh9XzjOGrVpun42FbHykGyK50jlesHFdbMLCDh8IxZ4oBRKJyT25B2N2IpRwLb
SQMrSfg9JKa+wo79umfAcKYhNRRhvWpyCZgZF2lwawEq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:32 2025 by rpki-client