Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/M-uEP3P0gmbRKV7R493ODFz00aQ.roa
File: M-uEP3P0gmbRKV7R493ODFz00aQ.roa (raw, json)
Hash identifier: cJj31d+nDNAbgiCP30CKd3izuACfSleh8bWCnvBvA1M=
Subject key identifier: 33:EB:84:3F:73:F4:82:66:D1:29:5E:D1:E3:DD:CE:0C:5C:F4:D1:A4
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 0187B32E31269FEC19C4AD307FCBFC8F73B7
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/M-uEP3P0gmbRKV7R493ODFz00aQ.roa
Signing time: Mon 24 Apr 2023 12:12:41 +0000
ROA not before: Mon 24 Apr 2023 12:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207353
IP address blocks: 195.246.247.0/24 maxlen: 24
195.246.248.0/24 maxlen: 24
217.199.213.0/24 maxlen: 24
193.243.161.0/24 maxlen: 24
89.248.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:2e:31:26:9f:ec:19:c4:ad:30:7f:cb:fc:8f:73:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Apr 24 12:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33eb843f73f48266d1295ed1e3ddce0c5cf4d1a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:77:59:ae:4f:d7:59:e6:3c:26:71:60:93:
b0:8e:5c:02:56:f7:4b:45:3f:c4:ea:e8:71:6d:cc:
1d:d7:f2:f6:7a:02:1e:5b:5f:61:c5:f2:54:ad:01:
bb:b1:b0:d8:73:d5:6a:66:5b:85:92:68:7e:e0:f6:
dd:66:c4:8f:ab:ac:ad:f6:0d:cc:e2:1c:d3:79:47:
8e:2b:b5:ea:97:46:f8:18:9d:15:00:3d:67:f6:e6:
e8:f2:1e:fb:51:b5:d5:a7:a0:4e:36:99:72:bf:29:
f8:29:4a:3b:66:c5:21:52:41:f2:61:c1:7e:d8:a4:
5c:25:ad:29:d9:dd:d6:38:c8:d6:a9:2d:9e:8e:ba:
d2:8b:7e:27:f1:3f:06:c2:73:3d:f5:72:fb:20:b3:
0d:57:d2:b2:e9:86:05:33:f9:3c:e6:09:a1:df:25:
4c:4f:41:5b:ea:05:37:2c:c6:46:33:06:47:aa:9a:
ad:8f:98:76:50:a1:45:6c:0f:9c:4b:2b:ad:72:fb:
28:cd:c0:85:b1:d7:86:94:f9:1e:9f:db:35:28:56:
00:32:99:45:be:96:1f:ed:82:9b:75:fd:61:8d:ee:
8d:17:cc:4f:cc:b3:b8:2a:a0:3c:be:db:02:0d:21:
68:4a:35:34:05:27:2c:9f:b3:f3:72:90:4c:1e:66:
02:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EB:84:3F:73:F4:82:66:D1:29:5E:D1:E3:DD:CE:0C:5C:F4:D1:A4
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/M-uEP3P0gmbRKV7R493ODFz00aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.230.0/24
193.243.161.0/24
195.246.247.0-195.246.248.255
217.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:76:f7:7f:e4:04:92:73:4a:9f:f2:45:27:8f:4e:02:a8:0c:
b4:d3:a9:dc:01:0c:ae:3e:31:ce:98:28:6f:aa:fe:ec:da:4b:
90:5e:1e:4f:0f:fc:d9:b9:fa:3a:8e:b8:f4:34:10:76:5f:04:
d3:82:31:f9:fc:e6:03:fa:5c:06:2e:92:26:f5:3f:35:8d:07:
28:12:36:33:9a:66:85:ba:bf:d1:59:fe:89:80:ce:91:ce:78:
d6:29:ad:35:ef:ea:34:c5:f4:24:32:e0:df:72:dd:52:0b:b7:
bf:e5:ec:1d:b8:cc:bc:5e:7e:19:b7:a6:b9:26:b7:79:a6:7e:
c6:42:7b:1e:31:34:2a:5d:69:93:8e:01:1e:f4:79:44:b6:94:
cb:dc:6c:8b:48:b1:2c:61:c5:3d:64:df:3e:9b:34:96:35:f5:
dc:af:1d:ab:83:42:de:45:8d:9a:98:48:bd:22:5d:0d:8f:88:
6d:cd:45:74:05:0b:9a:e6:a4:c9:fd:86:43:99:7b:84:15:77:
68:a3:12:3a:fc:13:f2:1a:cf:39:e6:f8:89:8b:d6:ce:43:7e:
a4:68:5b:d3:1b:9f:9b:49:e3:9c:b7:37:c9:16:d8:44:48:a8:
45:45:5e:c6:72:4a:91:5d:c0:2e:59:f2:eb:a0:a7:71:e7:40:
45:00:5b:89
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYezLjEmn+wZxK0wf8v8j3O3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjMwNDI0MTIxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2ViODQzZjczZjQ4MjY2ZDEyOTVlZDFlM2RkY2UwYzVjZjRkMWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriJ3Wa5P11nmPCZxYJOwjlwCVvdL
RT/E6uhxbcwd1/L2egIeW19hxfJUrQG7sbDYc9VqZluFkmh+4PbdZsSPq6yt9g3M
4hzTeUeOK7Xql0b4GJ0VAD1n9ubo8h77UbXVp6BONplyvyn4KUo7ZsUhUkHyYcF+
2KRcJa0p2d3WOMjWqS2ejrrSi34n8T8GwnM99XL7ILMNV9Ky6YYFM/k85gmh3yVM
T0Fb6gU3LMZGMwZHqpqtj5h2UKFFbA+cSyutcvsozcCFsdeGlPken9s1KFYAMplF
vpYf7YKbdf1hje6NF8xPzLO4KqA8vtsCDSFoSjU0BScsn7PzcpBMHmYCnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDPrhD9z9IJm0Sle0ePdzgxc9NGkMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvTS11RVAzUDBnbWJSS1Y3UjQ5M09ERnowMGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWfjmAwQA
wfOhMAwDBADD9vcDBADD9vgDBADZx9UwDQYJKoZIhvcNAQELBQADggEBAFt293/k
BJJzSp/yRSePTgKoDLTTqdwBDK4+Mc6YKG+q/uzaS5BeHk8P/Nm5+jqOuPQ0EHZf
BNOCMfn85gP6XAYukib1PzWNBygSNjOaZoW6v9FZ/omAzpHOeNYprTXv6jTF9CQy
4N9y3VILt7/l7B24zLxefhm3prkmt3mmfsZCex4xNCpdaZOOAR70eUS2lMvcbItI
sSxhxT1k3z6bNJY19dyvHauDQt5FjZqYSL0iXQ2PiG3NRXQFC5rmpMn9hkOZe4QV
d2ijEjr8E/Iazznm+ImL1s5DfqRoW9Mbn5tJ45y3N8kW2ERIqEVFXsZySpFdwC5Z
8uugp3HnQEUAW4k=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:58 2025 by rpki-client