Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/Mah5JzL8CHUKU_TQlR5DrDQzeVQ.roa
File: Mah5JzL8CHUKU_TQlR5DrDQzeVQ.roa (raw, json)
Hash identifier: KXil1cUemdh/cS2TXeicZPfIb0q7iZC9fLfGXfQKnS8=
Subject key identifier: 31:A8:79:27:32:FC:08:75:0A:53:F4:D0:95:1E:43:AC:34:33:79:54
Certificate issuer: /CN=749ea3b1e58ba060b41fc2a078f6016264759664
Certificate serial: 174F4914
Authority key identifier: 74:9E:A3:B1:E5:8B:A0:60:B4:1F:C2:A0:78:F6:01:62:64:75:96:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ6jseWLoGC0H8KgePYBYmR1lmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/Mah5JzL8CHUKU_TQlR5DrDQzeVQ.roa
Signing time: Sat 01 Jan 2022 13:05:53 +0000
ROA not before: Sat 01 Jan 2022 13:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59767
IP address blocks: 185.34.4.0/22 maxlen: 22
2a04:5d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391072020 (0x174f4914)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749ea3b1e58ba060b41fc2a078f6016264759664
Validity
Not Before: Jan 1 13:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31a8792732fc08750a53f4d0951e43ac34337954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:26:a2:05:45:2c:6e:ca:7d:6a:fc:d5:05:4d:
60:fa:92:88:d2:8a:10:01:59:2d:62:b5:66:5a:f4:
b3:3b:cc:23:88:62:45:1b:7d:5e:62:c3:67:73:90:
e7:c2:3b:54:03:fe:f2:cb:17:a1:e3:eb:74:ad:f2:
74:aa:fd:d2:6c:83:49:4c:db:55:b4:19:f2:26:8a:
11:c3:e5:cc:ee:dc:9a:0d:e5:1b:c6:a8:05:7d:af:
2c:02:a6:65:8c:d9:e1:08:4d:52:ed:22:8a:bf:9f:
64:42:50:eb:10:b1:b1:dc:83:39:8a:81:ad:b7:c1:
0a:1c:f7:c6:99:83:be:01:e5:41:e8:d6:d3:cb:a4:
df:8b:03:99:b3:03:d8:bf:6a:75:d8:74:dd:61:86:
f1:60:b7:f0:0e:f6:17:ad:29:d5:9d:59:c0:b3:36:
eb:1f:85:96:34:75:55:27:9a:53:ec:7a:48:8e:19:
99:1f:de:3f:0d:18:e7:50:db:60:1c:99:c7:1f:1e:
2d:a8:a5:00:e2:98:ad:fa:88:a4:a2:54:f3:f0:d2:
e7:9f:dd:08:ae:f7:da:b8:d7:94:95:bd:9c:3d:d6:
8b:37:ff:67:ad:c3:26:fc:5b:42:9e:9a:f2:b6:53:
dc:f8:de:dc:8d:51:63:8d:f4:55:d5:e4:55:ff:9d:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A8:79:27:32:FC:08:75:0A:53:F4:D0:95:1E:43:AC:34:33:79:54
X509v3 Authority Key Identifier:
keyid:74:9E:A3:B1:E5:8B:A0:60:B4:1F:C2:A0:78:F6:01:62:64:75:96:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ6jseWLoGC0H8KgePYBYmR1lmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/Mah5JzL8CHUKU_TQlR5DrDQzeVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/86246a-f033-4e48-b7dd-2f4242a13d00/1/dJ6jseWLoGC0H8KgePYBYmR1lmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.4.0/22
IPv6:
2a04:5d40::/29
Signature Algorithm: sha256WithRSAEncryption
68:bb:6d:61:ac:8c:85:b9:c6:7d:bf:99:cb:a0:66:b2:4e:4b:
26:d6:24:d2:a0:40:45:8f:bb:e7:03:1d:3f:22:80:7e:29:f3:
a2:c3:6f:64:68:2e:b1:cf:30:d2:d5:48:36:8f:18:6c:da:b4:
9a:d3:91:36:10:f8:7a:94:3a:e7:4d:69:89:94:d8:e5:7f:58:
f4:8d:9f:b5:22:a6:97:75:43:a3:fb:e1:5d:07:67:3e:25:5e:
39:3f:75:a6:ec:3a:70:10:35:14:c0:c8:f2:a9:31:70:03:98:
2d:db:c8:16:be:29:89:37:18:71:bd:8d:ca:9a:81:95:63:ac:
25:5d:f1:b9:b5:a8:b6:cf:1f:6e:ca:1f:e7:6c:6e:ff:b0:d9:
a5:28:83:09:32:06:71:9d:64:21:74:08:f4:28:aa:0e:15:91:
65:c3:6d:21:cb:44:48:a0:43:3f:7b:08:74:47:98:0a:ac:c0:
87:ac:30:35:d3:a5:d6:75:7c:8d:7b:2b:dc:70:15:88:e3:0a:
b6:79:81:7a:0e:95:c0:c5:7b:12:8d:85:5d:f9:dc:6a:c6:ec:
70:d2:7d:a4:95:7c:b9:34:03:cb:40:a3:56:cf:93:77:23:65:
5f:44:62:11:d5:13:c1:fa:48:5e:e1:62:e4:5d:40:18:fa:0c:
b5:08:f5:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEF09JFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDllYTNiMWU1OGJhMDYwYjQxZmMyYTA3OGY2MDE2MjY0NzU5NjY0MB4XDTIyMDEw
MTEzMDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFhODc5MjczMmZj
MDg3NTBhNTNmNGQwOTUxZTQzYWMzNDMzNzk1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgmogVFLG7KfWr81QVNYPqSiNKKEAFZLWK1Zlr0szvMI4hi
RRt9XmLDZ3OQ58I7VAP+8ssXoePrdK3ydKr90myDSUzbVbQZ8iaKEcPlzO7cmg3l
G8aoBX2vLAKmZYzZ4QhNUu0iir+fZEJQ6xCxsdyDOYqBrbfBChz3xpmDvgHlQejW
08uk34sDmbMD2L9qddh03WGG8WC38A72F60p1Z1ZwLM26x+FljR1VSeaU+x6SI4Z
mR/ePw0Y51DbYByZxx8eLailAOKYrfqIpKJU8/DS55/dCK732rjXlJW9nD3Wizf/
Z63DJvxbQp6a8rZT3Pje3I1RY430VdXkVf+dIO0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQxqHknMvwIdQpT9NCVHkOsNDN5VDAfBgNVHSMEGDAWgBR0nqOx5YugYLQf
wqB49gFiZHWWZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKNmpzZVdMb0dDMEg4S2dlUFlCWW1SMWxtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvODYyNDZhLWYwMzMtNGU0OC1iN2RkLTJmNDI0MmExM2QwMC8x
L01haDVKekw4Q0hVS1VfVFFsUjVEckRRemVWUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
ODYyNDZhLWYwMzMtNGU0OC1iN2RkLTJmNDI0MmExM2QwMC8xL2RKNmpzZVdMb0dD
MEg4S2dlUFlCWW1SMWxtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkiBDANBAIAAjAHAwUDKgRdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAaLttYayMhbnGfb+Zy6Bmsk5LJtYk0qBARY+75wMd
PyKAfinzosNvZGgusc8w0tVINo8YbNq0mtORNhD4epQ6501piZTY5X9Y9I2ftSKm
l3VDo/vhXQdnPiVeOT91puw6cBA1FMDI8qkxcAOYLdvIFr4piTcYcb2NypqBlWOs
JV3xubWots8fbsof52xu/7DZpSiDCTIGcZ1kIXQI9CiqDhWRZcNtIctESKBDP3sI
dEeYCqzAh6wwNdOl1nV8jXsr3HAViOMKtnmBeg6VwMV7Eo2FXfncasbscNJ9pJV8
uTQDy0CjVs+TdyNlX0RiEdUTwfpIXuFi5F1AGPoMtQj1DQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:53 2025 by rpki-client