Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/MbfAdlVQHADnaa84-gEdNoQcWZQ.roa
File: MbfAdlVQHADnaa84-gEdNoQcWZQ.roa (raw, json)
Hash identifier: H5cwRHeAoLfNJRCSW8Mx2aAfYKNtGbOVVPLgNZ70GPs=
Subject key identifier: 31:B7:C0:76:55:50:1C:00:E7:69:AF:38:FA:01:1D:36:84:1C:59:94
Certificate issuer: /CN=50d4ac320965ab4991108501a0602a6893e63fec
Certificate serial: 01856D01C1FABCDCD3696845087E0DBE52E1
Authority key identifier: 50:D4:AC:32:09:65:AB:49:91:10:85:01:A0:60:2A:68:93:E6:3F:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNSsMgllq0mREIUBoGAqaJPmP-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/MbfAdlVQHADnaa84-gEdNoQcWZQ.roa
Signing time: Sun 01 Jan 2023 11:05:09 +0000
ROA not before: Sun 01 Jan 2023 11:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24953
IP address blocks: 185.34.196.0/22 maxlen: 22
185.167.240.0/22 maxlen: 24
185.213.124.0/22 maxlen: 22
2a0b:c200::/29 maxlen: 29
2001:1ad0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c1:fa:bc:dc:d3:69:68:45:08:7e:0d:be:52:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d4ac320965ab4991108501a0602a6893e63fec
Validity
Not Before: Jan 1 11:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31b7c07655501c00e769af38fa011d36841c5994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:59:31:34:09:71:9b:fa:b8:4a:fe:ca:51:d4:
23:1c:a9:22:b5:66:2b:70:0a:49:42:6f:98:7d:37:
82:b2:9d:20:67:0b:94:52:17:77:a6:5a:64:5b:6f:
3e:03:8d:c0:04:ca:c3:61:a8:a1:1f:c3:ac:bc:9f:
36:40:cc:83:cf:b7:28:7c:f4:52:4a:67:a5:73:85:
10:61:17:f1:66:82:4d:7d:d9:06:de:a8:4a:41:d1:
1b:97:6b:94:13:7e:8f:36:df:1f:e1:bd:98:b8:3b:
6d:2e:05:e1:a3:b7:d8:c9:d8:9b:25:46:03:5f:41:
2c:e1:51:37:0b:b5:7a:5b:cd:d8:fd:fa:bc:63:bd:
ef:05:eb:20:3c:9f:78:19:f4:94:53:1a:b3:36:88:
7c:2b:8b:b9:5e:f5:40:93:ec:53:22:40:3a:62:fd:
30:11:a7:18:9e:73:77:2a:81:1f:c5:ae:1d:e2:d6:
54:e6:c5:12:88:a2:fc:54:00:19:a1:39:16:7c:b4:
dc:6e:2c:c3:63:d4:26:18:79:3b:33:3f:1f:8b:ef:
14:40:8a:61:1f:83:56:b1:c0:4c:6e:7d:ec:a1:84:
4d:8b:fa:17:5e:cf:1a:90:6f:ea:45:9b:d8:d6:fa:
bb:dc:e9:0a:ed:03:de:55:40:94:a9:50:b7:31:7f:
98:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B7:C0:76:55:50:1C:00:E7:69:AF:38:FA:01:1D:36:84:1C:59:94
X509v3 Authority Key Identifier:
keyid:50:D4:AC:32:09:65:AB:49:91:10:85:01:A0:60:2A:68:93:E6:3F:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNSsMgllq0mREIUBoGAqaJPmP-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/MbfAdlVQHADnaa84-gEdNoQcWZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/UNSsMgllq0mREIUBoGAqaJPmP-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.196.0/22
185.167.240.0/22
185.213.124.0/22
IPv6:
2001:1ad0::/32
2a0b:c200::/29
Signature Algorithm: sha256WithRSAEncryption
c2:f2:4e:66:8b:75:5f:f5:1b:03:4a:b9:77:2e:d4:75:c3:21:
bb:36:80:67:57:3f:f8:60:56:9f:03:f0:9f:70:34:f5:fa:47:
07:a9:a2:5b:b9:8f:b5:91:5a:65:c8:81:57:8e:4f:03:54:a7:
ea:51:9d:36:9f:f6:ae:26:7f:58:8a:55:2d:ae:33:42:27:f5:
2e:d9:35:5f:48:b0:68:d3:04:4e:e8:2a:79:39:32:b4:40:f7:
2e:6a:de:cd:5b:1a:f3:da:d4:55:5a:66:c0:96:cc:22:aa:90:
e6:e6:2f:56:8c:05:6a:e3:6a:e2:60:48:5e:65:fc:00:f8:48:
cb:6e:79:68:c8:ea:38:8a:10:a6:33:e0:e8:c8:e6:b6:2e:ca:
37:d6:f6:02:bf:2a:23:00:9e:d8:dc:d0:eb:50:0e:ed:70:22:
51:35:7d:f8:b0:37:e4:07:3e:3e:2d:74:13:42:d0:5d:e2:74:
19:d9:28:23:be:42:4b:2b:33:af:86:c6:61:12:4d:ff:f7:09:
91:92:1b:98:86:56:48:a8:2c:3f:28:74:09:2f:84:31:f2:3a:
fe:0d:98:49:4b:c3:0a:ec:07:2f:30:48:29:a9:df:b2:ff:60:
6b:c4:65:2d:8a:83:63:0f:9b:23:b6:d0:e3:29:93:9b:a8:29:
61:2b:c3:cf
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVtAcH6vNzTaWhFCH4NvlLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDRhYzMyMDk2NWFiNDk5MTEwODUwMWEwNjAyYTY4OTNl
NjNmZWMwHhcNMjMwMTAxMTEwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI3YzA3NjU1NTAxYzAwZTc2OWFmMzhmYTAxMWQzNjg0MWM1OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVkxNAlxm/q4Sv7KUdQjHKkitWYr
cApJQm+YfTeCsp0gZwuUUhd3plpkW28+A43ABMrDYaihH8OsvJ82QMyDz7cofPRS
Smelc4UQYRfxZoJNfdkG3qhKQdEbl2uUE36PNt8f4b2YuDttLgXho7fYydibJUYD
X0Es4VE3C7V6W83Y/fq8Y73vBesgPJ94GfSUUxqzNoh8K4u5XvVAk+xTIkA6Yv0w
EacYnnN3KoEfxa4d4tZU5sUSiKL8VAAZoTkWfLTcbizDY9QmGHk7Mz8fi+8UQIph
H4NWscBMbn3soYRNi/oXXs8akG/qRZvY1vq73OkK7QPeVUCUqVC3MX+YvwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDG3wHZVUBwA52mvOPoBHTaEHFmUMB8GA1UdIwQY
MBaAFFDUrDIJZatJkRCFAaBgKmiT5j/sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5Tc01nbGxxMG1SRUlVQm9HQXFhSlBtUC13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80MDM1MjgtOWU3Yy00YjY0LTk1OTkt
YmEwMzIzMjM3NDRjLzEvTWJmQWRsVlFIQURuYWE4NC1nRWROb1FjV1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80MDM1MjgtOWU3Yy00YjY0LTk1OTktYmEwMzIzMjM3NDRj
LzEvVU5Tc01nbGxxMG1SRUlVQm9HQXFhSlBtUC13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuSLEAwQC
uafwAwQCudV8MBQEAgACMA4DBQAgARrQAwUDKgvCADANBgkqhkiG9w0BAQsFAAOC
AQEAwvJOZot1X/UbA0q5dy7UdcMhuzaAZ1c/+GBWnwPwn3A09fpHB6miW7mPtZFa
ZciBV45PA1Sn6lGdNp/2riZ/WIpVLa4zQif1Ltk1X0iwaNMETugqeTkytED3Lmre
zVsa89rUVVpmwJbMIqqQ5uYvVowFauNq4mBIXmX8APhIy255aMjqOIoQpjPg6Mjm
ti7KN9b2Ar8qIwCe2NzQ61AO7XAiUTV9+LA35Ac+Pi10E0LQXeJ0GdkoI75CSysz
r4bGYRJN//cJkZIbmIZWSKgsPyh0CS+EMfI6/g2YSUvDCuwHLzBIKanfsv9ga8Rl
LYqDYw+bI7bQ4ymTm6gpYSvDzw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:52 2025 by rpki-client