Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/MzpzilMbbJIFKGBSo6xuuWOtwVs.roa
File: MzpzilMbbJIFKGBSo6xuuWOtwVs.roa (raw, json)
Hash identifier: qHHAyD1pv6Zs8GKaf9FIKTXAYrAWsZ8WAkh1ZY/+5Vk=
Subject key identifier: 33:3A:73:8A:53:1B:6C:92:05:28:60:52:A3:AC:6E:B9:63:AD:C1:5B
Certificate issuer: /CN=caf17800f1943af1c514284cc3be780e9c21dd78
Certificate serial: 0184F2686BB8D8E0AE172B1BAADDF2080432
Authority key identifier: CA:F1:78:00:F1:94:3A:F1:C5:14:28:4C:C3:BE:78:0E:9C:21:DD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvF4APGUOvHFFChMw754Dpwh3Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/MzpzilMbbJIFKGBSo6xuuWOtwVs.roa
Signing time: Thu 08 Dec 2022 15:44:00 +0000
ROA not before: Thu 08 Dec 2022 15:44:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39658
IP address blocks: 194.50.107.0/24 maxlen: 24
2a01:9080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:68:6b:b8:d8:e0:ae:17:2b:1b:aa:dd:f2:08:04:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf17800f1943af1c514284cc3be780e9c21dd78
Validity
Not Before: Dec 8 15:44:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=333a738a531b6c9205286052a3ac6eb963adc15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:61:ef:34:b9:4a:75:74:e6:03:51:c4:7b:d4:
c3:5f:24:eb:53:83:51:4d:5e:3c:ed:5c:37:09:9b:
da:7d:ce:d8:c2:2b:da:30:04:4f:a6:79:b1:b9:e5:
10:be:b0:1c:e4:b5:eb:95:89:ad:7c:3c:2c:b9:d8:
71:8f:11:64:9d:a9:54:ee:03:bf:0c:88:32:16:69:
78:34:28:84:f9:7d:76:c9:74:95:2a:1f:d2:98:a8:
38:a8:14:14:ac:bc:ea:e1:f1:ce:df:23:2a:8d:71:
38:29:c3:9d:f9:62:3c:d6:e9:67:27:29:54:74:9c:
86:93:b4:52:e8:0c:46:30:5e:ed:61:77:bc:d0:37:
d3:ea:0d:a5:7e:52:85:d4:17:61:bf:5e:5d:2a:9a:
3e:e6:fe:af:97:4a:2f:b9:9e:59:f4:c6:5a:16:a5:
3d:8c:6d:db:a4:c6:93:04:b4:45:63:87:2c:8a:9d:
0c:4a:99:d2:15:8b:46:c6:f8:fa:89:d0:ff:5b:31:
47:a8:3e:1f:c6:98:32:3b:40:76:f6:fe:08:e5:b3:
0b:29:f9:b1:74:8d:6e:c0:8f:8c:6c:cf:69:e1:2b:
08:1f:86:4b:d7:4d:94:61:9b:94:0c:6c:bf:58:79:
5e:22:2c:49:39:f4:88:06:f8:77:d5:cd:f7:32:c2:
86:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3A:73:8A:53:1B:6C:92:05:28:60:52:A3:AC:6E:B9:63:AD:C1:5B
X509v3 Authority Key Identifier:
keyid:CA:F1:78:00:F1:94:3A:F1:C5:14:28:4C:C3:BE:78:0E:9C:21:DD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvF4APGUOvHFFChMw754Dpwh3Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/MzpzilMbbJIFKGBSo6xuuWOtwVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/669ace-f864-44d7-a07e-80597eb44426/1/yvF4APGUOvHFFChMw754Dpwh3Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.107.0/24
IPv6:
2a01:9080::/32
Signature Algorithm: sha256WithRSAEncryption
62:a8:d9:47:13:43:8d:fa:06:5a:dd:a7:7f:10:34:f0:4f:cb:
a1:c4:95:a6:59:bf:d9:37:02:66:5c:81:09:45:41:77:5a:a3:
33:c6:e8:02:f7:27:e0:09:b7:56:91:77:92:b0:83:d2:1c:b3:
2c:1b:9f:68:6a:18:a0:1b:28:eb:78:09:15:61:9c:95:98:34:
a4:a0:7c:ec:61:a7:66:b0:c3:d3:1a:3f:c0:67:5b:76:eb:c9:
27:30:03:f1:7e:bb:a8:eb:26:c6:3d:b1:78:3d:55:e4:53:89:
c1:4d:0c:bd:c6:e9:3a:f0:8f:3f:b1:07:04:a1:43:91:70:1b:
69:7e:bf:65:2c:0e:8d:b2:30:16:f5:37:53:a8:dd:bd:21:63:
54:f5:96:8e:08:61:2d:42:0c:55:62:d7:a1:87:64:74:ad:fc:
af:98:3d:ee:e2:bf:66:67:cd:49:a5:63:6f:2e:3c:3e:0f:26:
7a:e9:74:c6:62:d0:3b:1d:60:38:2a:e8:91:2c:12:26:e8:d6:
bd:04:c0:ec:e4:6f:5d:6d:e6:55:2d:e7:fb:d3:42:3e:fc:b3:
f4:2b:fb:ed:36:05:f1:75:07:7e:7c:92:f1:52:fc:52:af:dd:
26:cd:35:e7:63:03:49:cc:11:3f:22:7b:1b:48:a1:6c:8a:84:
b8:1b:d4:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTyaGu42OCuFysbqt3yCAQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjE3ODAwZjE5NDNhZjFjNTE0Mjg0Y2MzYmU3ODBlOWMy
MWRkNzgwHhcNMjIxMjA4MTU0NDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNhNzM4YTUzMWI2YzkyMDUyODYwNTJhM2FjNmViOTYzYWRjMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWHvNLlKdXTmA1HEe9TDXyTrU4NR
TV487Vw3CZvafc7YwivaMARPpnmxueUQvrAc5LXrlYmtfDwsudhxjxFknalU7gO/
DIgyFml4NCiE+X12yXSVKh/SmKg4qBQUrLzq4fHO3yMqjXE4KcOd+WI81ulnJylU
dJyGk7RS6AxGMF7tYXe80DfT6g2lflKF1Bdhv15dKpo+5v6vl0ovuZ5Z9MZaFqU9
jG3bpMaTBLRFY4csip0MSpnSFYtGxvj6idD/WzFHqD4fxpgyO0B29v4I5bMLKfmx
dI1uwI+MbM9p4SsIH4ZL102UYZuUDGy/WHleIixJOfSIBvh31c33MsKG3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDM6c4pTG2ySBShgUqOsbrljrcFbMB8GA1UdIwQY
MBaAFMrxeADxlDrxxRQoTMO+eA6cId14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZGNEFQR1VPdkhGRkNoTXc3NTREcHdoM1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjlhY2UtZjg2NC00NGQ3LWEwN2Ut
ODA1OTdlYjQ0NDI2LzEvTXpwemlsTWJiSklGS0dCU282eHV1V090d1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjlhY2UtZjg2NC00NGQ3LWEwN2UtODA1OTdlYjQ0NDI2
LzEveXZGNEFQR1VPdkhGRkNoTXc3NTREcHdoM1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjJrMA0E
AgACMAcDBQAqAZCAMA0GCSqGSIb3DQEBCwUAA4IBAQBiqNlHE0ON+gZa3ad/EDTw
T8uhxJWmWb/ZNwJmXIEJRUF3WqMzxugC9yfgCbdWkXeSsIPSHLMsG59oahigGyjr
eAkVYZyVmDSkoHzsYadmsMPTGj/AZ1t268knMAPxfruo6ybGPbF4PVXkU4nBTQy9
xuk68I8/sQcEoUORcBtpfr9lLA6NsjAW9TdTqN29IWNU9ZaOCGEtQgxVYtehh2R0
rfyvmD3u4r9mZ81JpWNvLjw+DyZ66XTGYtA7HWA4KuiRLBIm6Na9BMDs5G9dbeZV
Lef700I+/LP0K/vtNgXxdQd+fJLxUvxSr90mzTXnYwNJzBE/InsbSKFsioS4G9Qw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:17 2025 by rpki-client