Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/MSS-LZUQaCbaMwwDPPbFcp-yMD0.roa
File: MSS-LZUQaCbaMwwDPPbFcp-yMD0.roa (raw, json)
Hash identifier: ojaYayIKhIYgQdrCN/OtjcdWm8CiWIUKoxJUldRjUYM=
Subject key identifier: 31:24:BE:2D:95:10:68:26:DA:33:0C:03:3C:F6:C5:72:9F:B2:30:3D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0187D67D31DA880D6122B7DFBCF12D01262C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/MSS-LZUQaCbaMwwDPPbFcp-yMD0.roa
Signing time: Mon 01 May 2023 08:45:41 +0000
ROA not before: Mon 01 May 2023 08:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
85.209.162.0/24 maxlen: 24
85.209.161.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.3.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d6:7d:31:da:88:0d:61:22:b7:df:bc:f1:2d:01:26:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 1 08:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3124be2d95106826da330c033cf6c5729fb2303d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:08:f9:15:a5:0f:d6:46:b1:d0:53:f2:00:25:
bc:b6:20:e6:c7:98:28:2a:3c:8c:31:0a:71:2b:22:
98:07:2d:b0:ba:2b:0e:c3:56:a5:88:6e:f1:b8:1d:
24:71:26:ea:00:b8:80:9a:07:b4:9c:aa:9b:6b:77:
b1:22:08:6b:34:d2:e3:e7:57:60:31:fe:06:b6:fa:
8e:9b:06:1f:db:77:13:ce:2d:67:42:e9:c2:64:53:
b1:53:a6:ad:06:21:e4:42:e0:0a:9a:c7:98:10:3e:
dd:55:16:0e:ea:3d:69:15:74:88:a9:9e:ff:79:43:
ed:6e:0b:5a:6f:ec:30:6f:62:e9:c1:b9:eb:6e:9f:
d3:20:1d:ba:b4:e5:e3:36:58:da:82:5f:a5:a6:7f:
32:06:20:fd:7a:66:bd:74:9c:d3:bd:f6:18:77:48:
b6:44:d9:af:12:fe:e2:7d:7f:9a:c9:c0:af:91:8a:
78:61:c9:b8:21:1c:ec:e0:87:82:b3:60:4d:db:19:
e4:31:df:3e:96:26:30:93:40:b9:91:0c:a2:25:23:
da:2e:b7:64:a7:3d:a8:9e:ca:1c:a5:e6:ff:be:78:
7f:e0:f7:41:a2:74:95:41:a2:e2:09:98:27:04:ed:
f7:ee:71:84:5b:4a:5c:2a:86:a7:2f:26:e6:81:43:
49:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:24:BE:2D:95:10:68:26:DA:33:0C:03:3C:F6:C5:72:9F:B2:30:3D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/MSS-LZUQaCbaMwwDPPbFcp-yMD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/24
5.180.50.0/23
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.39.0/24
5.253.44.0/22
45.8.184.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.1.255
45.9.3.0-45.9.4.255
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0-85.209.162.255
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
93:e4:de:5b:6b:01:c7:fa:a2:12:8f:1c:b6:0f:66:4b:77:5d:
db:97:96:10:a7:41:a0:16:55:69:dc:17:2c:18:cf:94:6b:4e:
c8:22:0e:0f:0d:3e:b9:f2:37:12:c8:5a:2f:34:a1:7c:55:7f:
fb:f3:39:b0:d4:94:67:c1:c9:fb:82:6e:f4:59:5f:83:50:c5:
17:2e:ff:c7:15:bc:3f:21:26:b3:17:67:f7:4a:e8:57:dc:42:
3e:ca:83:5a:cd:eb:46:5f:88:2f:f8:5d:4d:12:82:b7:ee:77:
69:eb:6b:e0:6f:d9:5d:e7:63:71:04:be:cb:75:f8:b8:db:65:
53:84:30:a0:59:c4:dd:5c:e9:aa:f4:fe:bc:df:d6:2f:3a:bf:
5f:b3:c8:3f:24:45:ac:31:0d:c2:bd:32:03:62:33:5b:12:fd:
8d:be:b9:6f:a4:78:51:ab:81:20:a6:91:1e:ba:52:f0:7c:93:
ad:f0:8f:0e:56:7e:01:c0:dd:47:f9:0d:8b:f1:4f:96:50:0d:
a9:57:15:5d:3e:3b:c2:62:76:ec:26:fd:c6:d0:4a:15:99:0b:
05:6b:94:b6:b1:9f:9f:44:75:05:f2:a3:1d:7b:dc:b7:81:58:
64:1d:a0:6e:0a:81:0d:0f:ec:1d:72:a1:57:ed:8e:d5:9f:35:
e5:46:f7:81
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYfWfTHaiA1hIrffvPEtASYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNTAxMDg0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI0YmUyZDk1MTA2ODI2ZGEzMzBjMDMzY2Y2YzU3MjlmYjIzMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAj5FaUP1kax0FPyACW8tiDmx5go
KjyMMQpxKyKYBy2wuisOw1aliG7xuB0kcSbqALiAmge0nKqba3exIghrNNLj51dg
Mf4GtvqOmwYf23cTzi1nQunCZFOxU6atBiHkQuAKmseYED7dVRYO6j1pFXSIqZ7/
eUPtbgtab+wwb2Lpwbnrbp/TIB26tOXjNljagl+lpn8yBiD9ema9dJzTvfYYd0i2
RNmvEv7ifX+aycCvkYp4Ycm4IRzs4IeCs2BN2xnkMd8+liYwk0C5kQyiJSPaLrdk
pz2onsocpeb/vnh/4PdBonSVQaLiCZgnBO337nGEW0pcKoanLybmgUNJKwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFDEkvi2VEGgm2jMMAzz2xXKfsjA9MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTVNTLUxaVVFhQ2JhTXd3RFBQYkZjcC15TUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAAFtFIDBAIFtOgDBAAF/ScDBAIF/SwwDAME
Ay0IuAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEt
CQAwDAMEAC0JAwMEAC0JBAMEAS0JBgMEAC1CmAMEAS1CmgMEAFXQaQMEAFXQcQME
AFXQczAMAwQFVdGgAwQAVdGiAwQCwajQMA0GCSqGSIb3DQEBCwUAA4IBAQCT5N5b
awHH+qISjxy2D2ZLd13bl5YQp0GgFlVp3BcsGM+Ua07IIg4PDT658jcSyFovNKF8
VX/78zmw1JRnwcn7gm70WV+DUMUXLv/HFbw/ISazF2f3SuhX3EI+yoNazetGX4gv
+F1NEoK37ndp62vgb9ld52NxBL7Ldfi422VThDCgWcTdXOmq9P6839YvOr9fs8g/
JEWsMQ3CvTIDYjNbEv2NvrlvpHhRq4EgppEeulLwfJOt8I8OVn4BwN1H+Q2L8U+W
UA2pVxVdPjvCYnbsJv3G0EoVmQsFa5S2sZ+fRHUF8qMde9y3gVhkHaBuCoEND+wd
cqFX7Y7VnzXlRveB
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:11 2025 by rpki-client