Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/MHexy0AQ_QpUkwSJm8g3ee3YzdU.roa
File: MHexy0AQ_QpUkwSJm8g3ee3YzdU.roa (raw, json)
Hash identifier: d3AOuDw2Adu/bTrjPgYeXDL2kfgWKFcKVkkapE2vXoQ=
Subject key identifier: 30:77:B1:CB:40:10:FD:0A:54:93:04:89:9B:C8:37:79:ED:D8:CD:D5
Certificate issuer: /CN=0c6fa156c57c4e885b9e6af8230b654d796a5611
Certificate serial: 018872099B5704CB3A32F5B388EFEBE63B13
Authority key identifier: 0C:6F:A1:56:C5:7C:4E:88:5B:9E:6A:F8:23:0B:65:4D:79:6A:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/MHexy0AQ_QpUkwSJm8g3ee3YzdU.roa
Signing time: Wed 31 May 2023 13:40:12 +0000
ROA not before: Wed 31 May 2023 13:40:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48391
IP address blocks: 185.115.168.0/24 maxlen: 24
185.115.171.0/24 maxlen: 24
185.115.170.0/24 maxlen: 24
185.115.169.0/24 maxlen: 24
185.23.128.0/24 maxlen: 24
185.23.131.0/24 maxlen: 24
185.23.130.0/24 maxlen: 24
185.23.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:09:9b:57:04:cb:3a:32:f5:b3:88:ef:eb:e6:3b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6fa156c57c4e885b9e6af8230b654d796a5611
Validity
Not Before: May 31 13:40:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3077b1cb4010fd0a549304899bc83779edd8cdd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:12:ed:4a:56:e4:62:ee:06:a3:ce:9c:27:28:
65:cd:d6:90:b8:eb:6b:44:ac:a9:a3:bd:5a:d5:b3:
6d:dd:9c:26:ef:65:b9:1a:4f:35:63:8f:1c:08:4d:
3f:da:5b:dd:ec:ca:6d:72:83:4c:75:fc:b1:65:72:
2b:3b:5f:96:4e:a6:46:e0:f3:8c:1b:73:e9:79:03:
7a:64:03:71:a3:d6:00:d2:2f:c6:5c:55:d5:05:b1:
21:2a:f7:ba:b3:b3:be:35:09:1b:43:be:ae:40:6a:
f2:e6:aa:50:92:3a:a6:83:b3:d1:c0:ff:f9:6f:47:
63:0e:19:f8:bb:cd:9c:28:6d:70:23:5b:a1:d2:f2:
43:60:0a:33:fe:e1:55:f9:ac:29:ea:9c:e1:a3:86:
39:9e:f2:08:f8:2c:14:ca:c4:4b:f7:66:56:0d:01:
f7:b5:19:db:67:9c:42:9b:77:b3:7a:e9:29:c6:bf:
a2:3f:71:cd:af:4d:48:09:b5:d1:f3:66:fd:d3:57:
35:b9:f5:04:10:6c:d3:7b:58:a0:cc:60:b5:c8:f1:
b3:de:bd:49:f4:47:c5:4e:1c:64:3b:de:d0:bc:74:
4a:2d:a9:18:64:02:2d:9d:45:aa:c1:5d:af:76:95:
cc:b6:e8:b1:71:19:c7:3e:e7:62:2e:9a:d6:d8:7c:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:77:B1:CB:40:10:FD:0A:54:93:04:89:9B:C8:37:79:ED:D8:CD:D5
X509v3 Authority Key Identifier:
keyid:0C:6F:A1:56:C5:7C:4E:88:5B:9E:6A:F8:23:0B:65:4D:79:6A:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/MHexy0AQ_QpUkwSJm8g3ee3YzdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.128.0/22
185.115.168.0/22
Signature Algorithm: sha256WithRSAEncryption
71:d4:27:01:3d:6d:39:b2:40:11:3a:a0:95:10:dc:eb:f7:af:
9c:39:1d:42:98:b7:01:93:90:9f:95:6b:be:48:70:a6:38:4d:
e5:40:32:df:4c:b1:2f:f9:93:d3:a8:1d:45:a1:da:71:9d:0a:
e4:60:02:23:2e:99:d2:5e:1b:68:fd:71:73:ce:95:f7:06:84:
8a:68:c1:7b:e9:4d:ef:5c:d0:5b:09:9c:09:04:05:89:3d:94:
fb:49:d9:f5:35:74:3d:41:77:26:2b:40:af:c1:42:39:4a:89:
2f:ca:11:65:07:f4:16:55:d7:73:b8:76:2c:00:f4:ba:c3:5e:
2c:94:14:80:22:1c:69:c0:32:ef:3e:8f:9b:51:7a:9e:c8:33:
8a:82:e3:02:50:43:60:2d:1d:e1:46:98:8f:a3:20:86:16:0d:
fa:99:9c:e3:6b:75:37:69:6e:30:19:70:bc:f2:a1:b7:3b:c0:
09:a3:b5:79:4d:7e:83:ba:3d:4b:20:b1:24:d4:e2:dd:ab:df:
35:da:3e:80:6f:5b:3c:ee:ba:8c:65:fb:67:6a:3a:bb:1e:2d:
ba:6c:09:a4:83:85:b7:61:67:78:2f:3b:2c:14:9f:66:86:15:
e3:c5:94:44:b0:d9:9d:7f:08:eb:80:11:ba:8c:3a:40:0a:74:
50:04:4b:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhyCZtXBMs6MvWziO/r5jsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNmZhMTU2YzU3YzRlODg1YjllNmFmODIzMGI2NTRkNzk2
YTU2MTEwHhcNMjMwNTMxMTM0MDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDc3YjFjYjQwMTBmZDBhNTQ5MzA0ODk5YmM4Mzc3OWVkZDhjZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRLtSlbkYu4Go86cJyhlzdaQuOtr
RKypo71a1bNt3Zwm72W5Gk81Y48cCE0/2lvd7MptcoNMdfyxZXIrO1+WTqZG4POM
G3PpeQN6ZANxo9YA0i/GXFXVBbEhKve6s7O+NQkbQ76uQGry5qpQkjqmg7PRwP/5
b0djDhn4u82cKG1wI1uh0vJDYAoz/uFV+awp6pzho4Y5nvII+CwUysRL92ZWDQH3
tRnbZ5xCm3ezeukpxr+iP3HNr01ICbXR82b901c1ufUEEGzTe1igzGC1yPGz3r1J
9EfFThxkO97QvHRKLakYZAItnUWqwV2vdpXMtuixcRnHPudiLprW2Hy3pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDB3sctAEP0KVJMEiZvIN3nt2M3VMB8GA1UdIwQY
MBaAFAxvoVbFfE6IW55q+CMLZU15alYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREctaFZzVjhUb2hibm1yNEl3dGxUWGxxVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80OGM1NmQtNTcyNy00MmJhLTgwYzQt
YjhjMzZlY2VkYWQ4LzEvTUhleHkwQVFfUXBVa3dTSm04ZzNlZTNZemRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80OGM1NmQtNTcyNy00MmJhLTgwYzQtYjhjMzZlY2VkYWQ4
LzEvREctaFZzVjhUb2hibm1yNEl3dGxUWGxxVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuReAAwQC
uXOoMA0GCSqGSIb3DQEBCwUAA4IBAQBx1CcBPW05skAROqCVENzr96+cOR1CmLcB
k5CflWu+SHCmOE3lQDLfTLEv+ZPTqB1FodpxnQrkYAIjLpnSXhto/XFzzpX3BoSK
aMF76U3vXNBbCZwJBAWJPZT7Sdn1NXQ9QXcmK0CvwUI5SokvyhFlB/QWVddzuHYs
APS6w14slBSAIhxpwDLvPo+bUXqeyDOKguMCUENgLR3hRpiPoyCGFg36mZzja3U3
aW4wGXC88qG3O8AJo7V5TX6Duj1LILEk1OLdq9812j6Ab1s87rqMZftnajq7Hi26
bAmkg4W3YWd4LzssFJ9mhhXjxZREsNmdfwjrgBG6jDpACnRQBEur
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:33:02 2025 by rpki-client