Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/MOKQTZ0cDU4aqpmKK1I-ZpvdLbQ.roa
File: MOKQTZ0cDU4aqpmKK1I-ZpvdLbQ.roa (raw, json)
Hash identifier: oBhWMjUf7TyY8fl4QPjSKizOm8njS9ix4ml6eVSNxr0=
Subject key identifier: 30:E2:90:4D:9D:1C:0D:4E:1A:AA:99:8A:2B:52:3E:66:9B:DD:2D:B4
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 044BEFB4
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/MOKQTZ0cDU4aqpmKK1I-ZpvdLbQ.roa
Signing time: Sat 01 Jan 2022 12:57:22 +0000
ROA not before: Sat 01 Jan 2022 12:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41998
IP address blocks: 185.108.230.0/23 maxlen: 23
185.36.120.0/22 maxlen: 22
217.78.160.0/20 maxlen: 20
217.66.136.0/21 maxlen: 21
31.25.40.0/21 maxlen: 21
37.25.48.0/21 maxlen: 21
185.3.80.0/22 maxlen: 22
145.14.192.0/20 maxlen: 20
83.242.36.0/22 maxlen: 22
83.242.48.0/20 maxlen: 20
153.92.80.0/20 maxlen: 20
171.33.176.0/22 maxlen: 22
213.153.68.0/22 maxlen: 22
213.153.76.0/22 maxlen: 22
171.33.180.0/22 maxlen: 22
213.153.84.0/22 maxlen: 22
213.153.80.0/22 maxlen: 22
213.153.88.0/22 maxlen: 22
94.176.240.0/20 maxlen: 20
213.153.92.0/22 maxlen: 22
94.124.208.0/21 maxlen: 21
188.244.100.0/22 maxlen: 22
194.140.112.0/20 maxlen: 20
91.103.112.0/21 maxlen: 21
212.86.176.0/22 maxlen: 22
212.86.184.0/22 maxlen: 22
5.42.136.0/22 maxlen: 22
5.42.140.0/22 maxlen: 22
185.61.28.0/22 maxlen: 22
2a00:79c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72085428 (0x44befb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Jan 1 12:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30e2904d9d1c0d4e1aaa998a2b523e669bdd2db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f8:8b:16:35:0c:a9:49:45:bd:2b:e5:48:9a:
f9:b3:46:9d:9d:ca:8d:4f:bf:76:3f:18:1c:a0:07:
97:6a:69:ac:76:f9:68:15:c5:a5:99:9a:3a:13:60:
f5:99:46:da:bc:e4:d6:fb:66:99:de:4e:bb:56:76:
67:d5:6b:9b:0f:7e:8f:86:51:05:fd:89:11:2b:eb:
8e:d3:2a:b3:44:87:a4:5b:55:fd:75:d8:1c:f8:56:
5e:1c:2d:84:fd:b0:da:79:5a:38:6b:a7:b1:1c:b4:
65:63:e5:e2:2b:92:12:88:5f:2a:fe:f8:3b:e8:76:
4e:85:2e:7b:7a:77:5c:69:92:0b:d1:87:fb:73:f9:
cc:67:80:e4:42:b2:4d:3d:7a:c0:d1:4c:46:f9:f4:
2e:55:d7:50:ca:5f:eb:eb:87:bb:93:c9:1e:98:ab:
af:2a:85:1b:bb:2d:6d:2a:a5:25:45:25:a4:15:3f:
78:9c:80:6b:a4:1d:30:b8:5a:06:33:96:7f:dd:e6:
ac:4e:1e:1c:47:8d:85:52:39:31:77:bc:3a:dc:2f:
b6:5b:42:6f:78:8d:07:f7:99:9a:1c:48:97:c3:37:
7d:f2:c9:3b:7a:09:1e:16:fa:0d:5d:fd:49:f9:5b:
53:ff:3d:54:a5:cd:99:b6:e1:48:aa:bb:20:d8:a1:
d9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E2:90:4D:9D:1C:0D:4E:1A:AA:99:8A:2B:52:3E:66:9B:DD:2D:B4
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/MOKQTZ0cDU4aqpmKK1I-ZpvdLbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.136.0/21
31.25.40.0/21
37.25.48.0/21
83.242.36.0/22
83.242.48.0/20
91.103.112.0/21
94.124.208.0/21
94.176.240.0/20
145.14.192.0/20
153.92.80.0/20
171.33.176.0/21
185.3.80.0/22
185.36.120.0/22
185.61.28.0/22
185.108.230.0/23
188.244.100.0/22
194.140.112.0/20
212.86.176.0/22
212.86.184.0/22
213.153.68.0/22
213.153.76.0-213.153.95.255
217.66.136.0/21
217.78.160.0/20
IPv6:
2a00:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
95:29:ec:03:91:60:93:0a:24:cb:54:7a:b8:7b:d1:37:94:23:
37:ef:01:93:6f:93:ad:c4:bc:64:bd:9b:b3:ab:02:c5:f3:a4:
c5:51:c5:fc:21:3a:d8:16:5b:83:76:b4:b2:1c:e4:e1:9a:62:
c0:c1:8f:0c:3d:b2:2a:dc:aa:78:f1:fe:a4:c1:ff:32:4b:19:
0b:dc:95:45:25:ab:9f:a7:cd:a5:e0:4b:01:cc:07:68:1e:ec:
42:db:32:30:5f:48:1c:2b:9a:07:3b:e8:f4:a2:be:fd:c9:2a:
49:fd:68:a2:de:11:19:5a:fe:9d:0a:15:53:48:cb:a8:72:26:
97:23:8c:0e:fb:ae:f0:f3:72:95:0c:d4:42:49:98:01:5b:f2:
f6:d9:60:c0:a1:83:af:f4:ab:f7:f7:13:82:d7:83:22:01:0e:
c6:cc:92:34:72:76:e4:e7:4d:24:a2:37:39:55:05:ff:8d:72:
4d:2a:05:27:84:88:8d:be:43:ea:2c:9d:35:64:bc:41:14:d5:
8b:9a:bb:45:93:cd:0a:36:c9:d1:af:a1:db:1e:74:aa:6b:ed:
35:7b:72:64:ab:f7:d8:78:76:d9:4b:ac:a1:06:30:71:eb:38:
48:91:0c:54:51:e2:79:e4:63:af:c7:81:86:a0:40:e7:be:53:
24:99:88:e7
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIEBEvvtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDRhMDk2NTA0Y2RiYjlmMmZiN2ZkMGU2NjQwNmQ1MjZmZTEwYjVhMB4XDTIyMDEw
MTEyNTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBlMjkwNGQ5ZDFj
MGQ0ZTFhYWE5OThhMmI1MjNlNjY5YmRkMmRiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKn4ixY1DKlJRb0r5Uia+bNGnZ3KjU+/dj8YHKAHl2pprHb5
aBXFpZmaOhNg9ZlG2rzk1vtmmd5Ou1Z2Z9Vrmw9+j4ZRBf2JESvrjtMqs0SHpFtV
/XXYHPhWXhwthP2w2nlaOGunsRy0ZWPl4iuSEohfKv74O+h2ToUue3p3XGmSC9GH
+3P5zGeA5EKyTT16wNFMRvn0LlXXUMpf6+uHu5PJHpirryqFG7stbSqlJUUlpBU/
eJyAa6QdMLhaBjOWf93mrE4eHEeNhVI5MXe8OtwvtltCb3iNB/eZmhxIl8M3ffLJ
O3oJHhb6DV39SflbU/89VKXNmbbhSKq7INih2W8CAwEAAaOCAqkwggKlMB0GA1Ud
DgQWBBQw4pBNnRwNThqqmYorUj5mm90ttDAfBgNVHSMEGDAWgBQgSgllBM27ny+3
/Q5mQG1Sb+ELWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lFb0paUVROdTU4dnRfME9aa0J0VW1faEMxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvZTI1MWRjLThiMmItNGYzZC1iNjM2LTE1NDIyNDc4ODAwYi8x
L01PS1FUWjBjRFU0YXFwbUtLMUktWnB2ZExiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
ZTI1MWRjLThiMmItNGYzZC1iNjM2LTE1NDIyNDc4ODAwYi8xL0lFb0paUVROdTU4
dnRfME9aa0J0VW1faEMxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vgYIKwYBBQUHAQcBAf8Ega4wgaswgZkEAgABMIGSAwQDBSqIAwQDHxkoAwQDJRkw
AwQCU/IkAwQEU/IwAwQDW2dwAwQDXnzQAwQEXrDwAwQEkQ7AAwQEmVxQAwQDqyGw
AwQCuQNQAwQCuSR4AwQCuT0cAwQBuWzmAwQCvPRkAwQEwoxwAwQC1FawAwQC1Fa4
AwQC1ZlEMAwDBALVmUwDBAXVmUADBAPZQogDBATZTqAwDQQCAAIwBwMFACoAecAw
DQYJKoZIhvcNAQELBQADggEBAJUp7AORYJMKJMtUerh70TeUIzfvAZNvk63EvGS9
m7OrAsXzpMVRxfwhOtgWW4N2tLIc5OGaYsDBjww9sircqnjx/qTB/zJLGQvclUUl
q5+nzaXgSwHMB2ge7ELbMjBfSBwrmgc76PSivv3JKkn9aKLeERla/p0KFVNIy6hy
JpcjjA77rvDzcpUM1EJJmAFb8vbZYMChg6/0q/f3E4LXgyIBDsbMkjRyduTnTSSi
NzlVBf+Nck0qBSeEiI2+Q+osnTVkvEEU1Yuau0WTzQo2ydGvodsedKpr7TV7cmSr
99h4dtlLrKEGMHHrOEiRDFRR4nnkY6/HgYagQOe+UySZiOc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:27 2025 by rpki-client