Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/MTzxFt5c_SFOsdFOCtTSuRDAEpk.roa
File: MTzxFt5c_SFOsdFOCtTSuRDAEpk.roa (raw, json)
Hash identifier: V1z/ap5Q78iLiEoG3y4hb8FlZ0DJEEeT+viDdTArYIE=
Subject key identifier: 31:3C:F1:16:DE:5C:FD:21:4E:B1:D1:4E:0A:D4:D2:B9:10:C0:12:99
Certificate issuer: /CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Certificate serial: 0185700277F2B51E8E13F4B1B308442B2B85
Authority key identifier: 9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/MTzxFt5c_SFOsdFOCtTSuRDAEpk.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24951
IP address blocks: 89.45.84.0/22 maxlen: 22
185.39.228.0/22 maxlen: 22
2a01:4aa0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:77:f2:b5:1e:8e:13:f4:b1:b3:08:44:2b:2b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=313cf116de5cfd214eb1d14e0ad4d2b910c01299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:1a:14:b3:4b:40:d2:b4:af:af:02:69:8c:
d6:65:eb:4f:35:a7:30:21:b0:39:8b:66:92:08:8a:
2a:76:ed:c3:46:f9:73:25:0f:b6:12:0f:aa:bf:81:
be:2b:a6:ff:6e:02:a3:6c:df:76:8b:a4:8f:35:fc:
39:81:78:cd:ca:47:16:7d:7e:70:e7:34:90:31:31:
3a:bc:ea:3d:03:19:7c:8f:12:40:24:60:51:8d:aa:
ff:56:a7:bb:c7:b9:78:75:62:3a:16:9a:7f:a2:7d:
c0:4d:8c:67:68:b4:e9:1d:ee:7a:96:7a:18:f5:74:
81:94:c5:b4:ca:02:eb:13:81:57:de:7a:13:20:d0:
f1:b6:4c:f2:05:69:c2:84:e7:3e:af:f5:f9:95:87:
a9:60:d9:d1:4f:92:97:0d:4b:96:6a:ea:7f:cf:67:
eb:c8:09:ea:44:64:99:3d:2a:46:c3:2e:d9:61:93:
ae:cb:b0:c1:64:51:75:dd:84:97:10:9a:bb:e1:dd:
7a:d5:62:18:00:b9:4b:64:1d:f8:23:a7:a0:2d:ab:
0b:73:1d:f9:a1:a7:f5:72:e0:92:62:d5:e0:8f:85:
c4:10:59:35:98:ac:84:75:39:ba:c8:58:dd:c4:4c:
25:fc:0b:64:95:f2:32:32:1b:9b:10:2e:ec:8d:81:
da:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3C:F1:16:DE:5C:FD:21:4E:B1:D1:4E:0A:D4:D2:B9:10:C0:12:99
X509v3 Authority Key Identifier:
keyid:9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/MTzxFt5c_SFOsdFOCtTSuRDAEpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/mufWYa_KPTNwuOY0SU1SRrg9WF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.84.0/22
185.39.228.0/22
IPv6:
2a01:4aa0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:dd:58:00:a6:9b:ce:95:6d:3a:e0:9f:f1:f9:6c:57:d1:ad:
f5:6e:29:ec:9e:58:72:19:1c:46:18:1e:42:24:52:c5:ac:01:
a0:93:3d:4c:70:bf:1a:87:5e:f1:f0:93:db:da:15:fa:ec:ed:
8a:b5:c1:db:dd:bb:bc:ad:7f:5e:e6:36:a2:bc:b0:47:9d:bb:
c3:44:55:0f:ed:49:6a:28:f0:d1:a4:51:b9:3a:e9:ae:f6:1f:
b1:59:4d:39:0c:4b:79:55:92:d3:b3:67:1e:2f:37:6b:2c:b0:
55:f6:f8:91:a1:26:f0:b7:67:43:dd:b1:62:d6:26:0f:9e:5c:
84:8d:49:c4:ec:9c:1a:80:9c:bf:5a:06:0f:9c:fa:df:3d:44:
4e:34:1b:ef:06:0a:87:c0:bf:18:ec:9b:b3:e8:a6:37:58:9d:
4b:2c:4c:60:ea:93:84:6d:f3:40:00:95:21:cc:90:e4:07:ba:
d1:67:7a:dd:2f:7a:a9:44:87:fe:aa:e7:fe:ac:c7:7b:fc:9b:
81:51:18:37:1f:d0:26:39:39:ef:95:31:ce:d6:b6:ba:de:d0:
f1:b1:3f:8b:72:f0:fb:8d:e1:70:a7:5f:8d:01:5c:dc:8b:3c:
d7:01:ce:c7:3d:f0:40:6f:0c:88:13:a5:69:1c:98:b2:06:4f:
4a:d2:ae:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwAnfytR6OE/SxswhEKyuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTdkNjYxYWZjYTNkMzM3MGI4ZTYzNDQ5NGQ1MjQ2Yjgz
ZDU4NWYwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNjZjExNmRlNWNmZDIxNGViMWQxNGUwYWQ0ZDJiOTEwYzAxMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUAaFLNLQNK0r68CaYzWZetPNacw
IbA5i2aSCIoqdu3DRvlzJQ+2Eg+qv4G+K6b/bgKjbN92i6SPNfw5gXjNykcWfX5w
5zSQMTE6vOo9Axl8jxJAJGBRjar/Vqe7x7l4dWI6Fpp/on3ATYxnaLTpHe56lnoY
9XSBlMW0ygLrE4FX3noTINDxtkzyBWnChOc+r/X5lYepYNnRT5KXDUuWaup/z2fr
yAnqRGSZPSpGwy7ZYZOuy7DBZFF13YSXEJq74d161WIYALlLZB34I6egLasLcx35
oaf1cuCSYtXgj4XEEFk1mKyEdTm6yFjdxEwl/AtklfIyMhubEC7sjYHaJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDE88RbeXP0hTrHRTgrU0rkQwBKZMB8GA1UdIwQY
MBaAFJrn1mGvyj0zcLjmNElNUka4PVhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMt
M2I2OGE0OWRjMDQyLzEvTVR6eEZ0NWNfU0ZPc2RGT0N0VFN1UkRBRXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMtM2I2OGE0OWRjMDQy
LzEvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWS1UAwQC
uSfkMA0EAgACMAcDBQAqAUqgMA0GCSqGSIb3DQEBCwUAA4IBAQCb3VgAppvOlW06
4J/x+WxX0a31binsnlhyGRxGGB5CJFLFrAGgkz1McL8ah17x8JPb2hX67O2KtcHb
3bu8rX9e5jaivLBHnbvDRFUP7UlqKPDRpFG5Oumu9h+xWU05DEt5VZLTs2ceLzdr
LLBV9viRoSbwt2dD3bFi1iYPnlyEjUnE7JwagJy/WgYPnPrfPURONBvvBgqHwL8Y
7Juz6KY3WJ1LLExg6pOEbfNAAJUhzJDkB7rRZ3rdL3qpRIf+quf+rMd7/JuBURg3
H9AmOTnvlTHO1ra63tDxsT+LcvD7jeFwp1+NAVzcizzXAc7HPfBAbwyIE6VpHJiy
Bk9K0q7j
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:11 2025 by rpki-client