Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/McsAxQz6KHEbvkpSn9E_QN3aYDs.roa
File: McsAxQz6KHEbvkpSn9E_QN3aYDs.roa (raw, json)
Hash identifier: AeUPEHAWQ/Y5XBxtC/ak12c+0szcuvwQDyL+nAocg5w=
Subject key identifier: 31:CB:00:C5:0C:FA:28:71:1B:BE:4A:52:9F:D1:3F:40:DD:DA:60:3B
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A425F9A8B116BA130E284C9B52FD84
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/McsAxQz6KHEbvkpSn9E_QN3aYDs.roa
Signing time: Mon 12 Dec 2022 09:22:01 +0000
ROA not before: Mon 12 Dec 2022 09:22:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 193.201.228.0/22 maxlen: 24
188.162.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
178.176.227.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:25:f9:a8:b1:16:ba:13:0e:28:4c:9b:52:fd:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31cb00c50cfa28711bbe4a529fd13f40ddda603b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fa:3b:10:04:12:e3:66:b0:d3:65:7e:1b:9f:
a0:06:bc:f1:de:92:f9:77:36:51:37:38:20:9d:fd:
e6:20:aa:cd:eb:2b:00:7a:fe:8f:3d:90:e9:04:d2:
1a:ec:5d:1f:3d:a6:99:4d:e5:93:2a:dc:17:32:5e:
04:e3:e0:a8:69:53:41:ab:34:be:03:22:6f:96:23:
9a:09:a1:3e:a8:c7:87:7b:15:1e:83:9b:56:97:b2:
b5:91:50:86:61:65:be:1d:77:29:07:73:91:13:58:
03:21:e4:f6:84:e6:d1:7e:53:60:9e:9e:da:85:e9:
d6:47:d9:07:6c:6a:cd:8e:62:9e:9b:b0:05:1d:6b:
23:ac:c7:f8:2b:68:51:c2:f2:a5:2c:0d:a2:c9:89:
04:f2:cf:27:7e:26:66:7d:a8:9a:5a:7e:7e:c5:42:
15:b9:a3:3d:4c:0b:e2:c2:b5:5b:b7:3f:e7:cd:a0:
fb:87:2b:97:4e:b9:85:59:05:09:bd:59:e8:1e:34:
9c:ab:fa:de:98:14:6c:49:a8:a6:25:1d:a9:e4:26:
ae:8d:12:cc:62:c7:64:db:27:8f:68:60:4c:83:16:
0c:70:2b:bc:89:ba:7a:c2:c7:ec:ba:ef:bc:2c:74:
57:50:be:84:c9:ae:57:17:43:43:92:53:ae:7b:83:
85:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CB:00:C5:0C:FA:28:71:1B:BE:4A:52:9F:D1:3F:40:DD:DA:60:3B
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/McsAxQz6KHEbvkpSn9E_QN3aYDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.227.0-178.176.229.255
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
66:a9:d3:c8:c4:42:08:59:ec:9d:4d:4b:a2:72:1b:01:63:51:
26:5d:ab:60:ca:1f:18:91:14:f5:54:32:02:04:37:47:63:8f:
90:45:be:8f:ee:8f:0a:c4:62:56:a8:bb:5a:80:53:33:a0:c9:
b9:7c:aa:52:06:a0:20:43:24:71:45:0d:8f:8a:f7:05:70:1e:
16:22:28:34:c2:31:c1:a1:db:86:04:c7:74:58:86:88:e2:c1:
e3:9d:9c:dc:4d:dc:42:50:e6:14:69:e7:06:dc:33:2e:6c:56:
08:7f:83:38:1e:7a:46:f1:6c:d7:cf:0a:b4:69:23:c3:e4:95:
8e:ba:61:e6:bc:1b:ef:8c:bd:72:a5:e3:17:cc:08:08:cf:7f:
c3:54:d2:3a:82:4b:6b:bd:96:bf:3d:81:f9:3a:3c:e7:b3:81:
d0:0c:42:8b:3e:06:11:d9:ee:18:c1:cd:71:7c:6a:75:26:5b:
dd:8c:ce:9e:d4:5e:64:56:7e:67:5e:39:10:45:7b:4f:38:3a:
62:4b:58:70:0b:c8:96:dd:8c:6c:7d:a2:00:b4:0a:83:d6:19:
c4:d0:6c:50:9e:f1:fc:dd:5d:3e:5b:b9:18:2c:bd:df:0d:b6:
4a:9a:cc:d5:be:c2:43:2e:66:a4:ab:7a:59:41:d5:e9:9f:20:
b1:37:f8:6b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYUFpCX5qLEWuhMOKEybUv2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNiMDBjNTBjZmEyODcxMWJiZTRhNTI5ZmQxM2Y0MGRkZGE2MDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvo7EAQS42aw02V+G5+gBrzx3pL5
dzZRNzggnf3mIKrN6ysAev6PPZDpBNIa7F0fPaaZTeWTKtwXMl4E4+CoaVNBqzS+
AyJvliOaCaE+qMeHexUeg5tWl7K1kVCGYWW+HXcpB3ORE1gDIeT2hObRflNgnp7a
henWR9kHbGrNjmKem7AFHWsjrMf4K2hRwvKlLA2iyYkE8s8nfiZmfaiaWn5+xUIV
uaM9TAviwrVbtz/nzaD7hyuXTrmFWQUJvVnoHjScq/remBRsSaimJR2p5CaujRLM
Ysdk2yePaGBMgxYMcCu8ibp6wsfsuu+8LHRXUL6Eya5XF0NDklOue4OFqwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFDHLAMUM+ihxG75KUp/RP0Dd2mA7MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTWNzQXhRejZLSEVidmtwU245RV9RTjNhWURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArMAwDBACysOMD
BAGysOQDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdDANBgkqhkiG9w0BAQsF
AAOCAQEAZqnTyMRCCFnsnU1LonIbAWNRJl2rYMofGJEU9VQyAgQ3R2OPkEW+j+6P
CsRiVqi7WoBTM6DJuXyqUgagIEMkcUUNj4r3BXAeFiIoNMIxwaHbhgTHdFiGiOLB
452c3E3cQlDmFGnnBtwzLmxWCH+DOB56RvFs188KtGkjw+SVjrph5rwb74y9cqXj
F8wICM9/w1TSOoJLa72Wvz2B+To857OB0AxCiz4GEdnuGMHNcXxqdSZb3YzOntRe
ZFZ+Z145EEV7Tzg6YktYcAvIlt2MbH2iALQKg9YZxNBsUJ7x/N1dPlu5GCy93w22
SprM1b7CQy5mpKt6WUHV6Z8gsTf4aw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:25:52 2025 by rpki-client