Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/3b7c43-4241-44d4-8534-409d0f9c8a04/1/mlkcAymn308_N54gggYIYuFORcA.roa
File: mlkcAymn308_N54gggYIYuFORcA.roa (raw, json)
Hash identifier: hFIF93BGA1w1/DVi21X5bxivBlvSj5Eo+7zCttINcAA=
Subject key identifier: 9A:59:1C:03:29:A7:DF:4F:3F:37:9E:20:82:06:08:62:E1:4E:45:C0
Certificate issuer: /CN=bd8f133d1095cd31205c7a3462248cc9941203ac
Certificate serial: 01856F300041FA58C339428B812B4CC3B841
Authority key identifier: BD:8F:13:3D:10:95:CD:31:20:5C:7A:34:62:24:8C:C9:94:12:03:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vY8TPRCVzTEgXHo0YiSMyZQSA6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/3b7c43-4241-44d4-8534-409d0f9c8a04/1/mlkcAymn308_N54gggYIYuFORcA.roa
Signing time: Sun 01 Jan 2023 21:14:54 +0000
ROA not before: Sun 01 Jan 2023 21:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29551
IP address blocks: 195.200.80.0/23 maxlen: 24
185.37.16.0/22 maxlen: 22
2a00:f520::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:00:41:fa:58:c3:39:42:8b:81:2b:4c:c3:b8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd8f133d1095cd31205c7a3462248cc9941203ac
Validity
Not Before: Jan 1 21:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a591c0329a7df4f3f379e2082060862e14e45c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3a:c0:bf:34:1c:9f:2f:89:05:2c:11:c5:6d:
f3:a7:cf:a3:bf:a5:d2:83:1d:44:35:a2:d2:21:76:
42:4f:9a:ce:d1:0d:fa:4b:f3:9d:25:36:9e:5e:25:
32:7f:aa:ad:f7:23:11:85:de:9e:de:f8:fc:79:f7:
79:9b:46:e5:5f:9e:68:0c:f3:13:cc:a6:2f:a4:cb:
5b:6f:a0:08:ad:63:ea:72:24:23:ad:a8:5e:0d:8b:
4d:ae:93:54:20:49:ba:1b:ac:2f:e7:9e:0b:d5:2a:
cd:1f:72:ae:1b:e6:21:5e:89:f1:6d:86:47:c3:43:
a0:32:61:b5:a9:93:c9:87:b2:85:27:9c:fc:fa:ac:
51:0f:47:d7:f7:6c:55:63:c4:24:26:fe:66:df:68:
d9:fc:83:65:43:03:c2:ab:5f:63:f1:3a:e0:33:1b:
05:b2:59:a3:47:41:2a:16:9c:d1:e6:86:1e:03:f1:
e1:e4:b7:9e:b9:87:d5:44:30:b5:68:06:e2:32:07:
da:4a:70:82:c7:8a:72:43:10:3c:0c:0a:54:b2:6f:
8a:cc:95:7f:60:23:72:c8:5e:10:bc:51:9a:eb:87:
3f:0e:46:35:9c:9d:16:df:5e:3b:4b:be:66:c6:6f:
73:1c:a5:81:92:42:73:59:0d:86:2a:37:a0:4f:5e:
c2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:59:1C:03:29:A7:DF:4F:3F:37:9E:20:82:06:08:62:E1:4E:45:C0
X509v3 Authority Key Identifier:
keyid:BD:8F:13:3D:10:95:CD:31:20:5C:7A:34:62:24:8C:C9:94:12:03:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vY8TPRCVzTEgXHo0YiSMyZQSA6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/3b7c43-4241-44d4-8534-409d0f9c8a04/1/mlkcAymn308_N54gggYIYuFORcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/3b7c43-4241-44d4-8534-409d0f9c8a04/1/vY8TPRCVzTEgXHo0YiSMyZQSA6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.16.0/22
195.200.80.0/23
IPv6:
2a00:f520::/32
Signature Algorithm: sha256WithRSAEncryption
81:06:33:62:f5:a2:77:e7:3d:e7:be:18:9a:29:12:11:01:a3:
e7:33:a9:de:ab:d8:62:4f:a6:86:1b:3a:5e:da:e9:cd:dd:3e:
58:d6:20:40:f9:b9:6d:c6:f7:0c:61:a8:2b:1d:27:be:68:02:
a8:32:04:93:5e:6a:11:c4:ea:10:cc:50:00:69:14:c7:86:45:
94:78:d9:6c:42:e2:0e:cd:51:5d:64:93:71:27:2f:61:cb:f8:
98:8c:31:9f:81:b7:24:41:36:e8:6c:26:50:79:db:b5:58:b2:
74:d4:cd:af:ee:dc:ab:80:c2:c2:a9:93:6c:af:78:58:d2:61:
78:4f:9a:9f:14:be:71:7b:49:b9:e0:78:53:d4:10:70:c6:81:
0a:5c:b4:2a:49:75:51:ed:a9:00:c7:7e:ac:c2:95:ea:1e:14:
68:11:66:3e:c5:7f:99:95:2d:96:ba:85:10:da:48:d5:3d:55:
b7:05:63:0c:99:bf:ab:2f:80:15:2e:07:0d:94:3e:3d:85:20:
94:0b:6b:b9:5c:16:e2:d3:20:b5:39:55:f7:59:8e:1c:6d:a9:
cb:13:0b:62:19:0c:29:36:6d:99:a9:13:2a:c7:44:6d:16:9f:
f0:c4:e1:a4:8e:33:32:98:e4:c3:5d:2a:54:fa:28:f2:d0:67:
ec:ee:61:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvMABB+ljDOUKLgStMw7hBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOGYxMzNkMTA5NWNkMzEyMDVjN2EzNDYyMjQ4Y2M5OTQx
MjAzYWMwHhcNMjMwMTAxMjExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTU5MWMwMzI5YTdkZjRmM2YzNzllMjA4MjA2MDg2MmUxNGU0NWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDrAvzQcny+JBSwRxW3zp8+jv6XS
gx1ENaLSIXZCT5rO0Q36S/OdJTaeXiUyf6qt9yMRhd6e3vj8efd5m0blX55oDPMT
zKYvpMtbb6AIrWPqciQjraheDYtNrpNUIEm6G6wv554L1SrNH3KuG+YhXonxbYZH
w0OgMmG1qZPJh7KFJ5z8+qxRD0fX92xVY8QkJv5m32jZ/INlQwPCq19j8TrgMxsF
slmjR0EqFpzR5oYeA/Hh5LeeuYfVRDC1aAbiMgfaSnCCx4pyQxA8DApUsm+KzJV/
YCNyyF4QvFGa64c/DkY1nJ0W3147S75mxm9zHKWBkkJzWQ2GKjegT17CHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJpZHAMpp99PPzeeIIIGCGLhTkXAMB8GA1UdIwQY
MBaAFL2PEz0Qlc0xIFx6NGIkjMmUEgOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlk4VFBSQ1Z6VEVnWEhvMFlpU015WlFTQTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8zYjdjNDMtNDI0MS00NGQ0LTg1MzQt
NDA5ZDBmOWM4YTA0LzEvbWxrY0F5bW4zMDhfTjU0Z2dnWUlZdUZPUmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8zYjdjNDMtNDI0MS00NGQ0LTg1MzQtNDA5ZDBmOWM4YTA0
LzEvdlk4VFBSQ1Z6VEVnWEhvMFlpU015WlFTQTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSUQAwQB
w8hQMA0EAgACMAcDBQAqAPUgMA0GCSqGSIb3DQEBCwUAA4IBAQCBBjNi9aJ35z3n
vhiaKRIRAaPnM6neq9hiT6aGGzpe2unN3T5Y1iBA+bltxvcMYagrHSe+aAKoMgST
XmoRxOoQzFAAaRTHhkWUeNlsQuIOzVFdZJNxJy9hy/iYjDGfgbckQTbobCZQedu1
WLJ01M2v7tyrgMLCqZNsr3hY0mF4T5qfFL5xe0m54HhT1BBwxoEKXLQqSXVR7akA
x36swpXqHhRoEWY+xX+ZlS2WuoUQ2kjVPVW3BWMMmb+rL4AVLgcNlD49hSCUC2u5
XBbi0yC1OVX3WY4cbanLEwtiGQwpNm2ZqRMqx0RtFp/wxOGkjjMymOTDXSpU+ijy
0Gfs7mFL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:36 2025 by rpki-client