Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/mpg7AV4_mnDGbfLdymwoBu-7138.roa
File: mpg7AV4_mnDGbfLdymwoBu-7138.roa (raw, json)
Hash identifier: bVutJ8UfzbyzYG+6B/0E3fG12+70ePmqn9YC6VMYhdg=
Subject key identifier: 9A:98:3B:01:5E:3F:9A:70:C6:6D:F2:DD:CA:6C:28:06:EF:BB:D7:7F
Certificate issuer: /CN=bb22cf4c71a95911bd6046d05c0a8ba1646c9ead
Certificate serial: 01856CEF2B98B4FD14A86DB2881B96547DA0
Authority key identifier: BB:22:CF:4C:71:A9:59:11:BD:60:46:D0:5C:0A:8B:A1:64:6C:9E:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/mpg7AV4_mnDGbfLdymwoBu-7138.roa
Signing time: Sun 01 Jan 2023 10:44:51 +0000
ROA not before: Sun 01 Jan 2023 10:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198721
IP address blocks: 185.199.112.0/22 maxlen: 24
94.140.28.0/22 maxlen: 24
185.29.204.0/22 maxlen: 24
188.214.0.0/22 maxlen: 24
91.238.116.0/22 maxlen: 24
85.209.112.0/22 maxlen: 24
2a00:a9a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:2b:98:b4:fd:14:a8:6d:b2:88:1b:96:54:7d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb22cf4c71a95911bd6046d05c0a8ba1646c9ead
Validity
Not Before: Jan 1 10:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a983b015e3f9a70c66df2ddca6c2806efbbd77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:18:bd:21:cd:1b:4b:48:4d:53:2a:00:7b:53:
d8:40:47:a6:85:0a:bb:a7:22:50:7e:fa:79:c2:91:
83:38:91:42:ee:fe:fa:e9:3e:6b:7d:8e:9d:e9:01:
15:81:5c:ac:e8:f5:d1:83:b8:5b:a1:2a:2e:5e:ee:
14:2f:14:1b:4d:d3:13:48:d2:fe:12:6d:cb:67:ce:
0c:f4:0e:70:cd:be:d7:7e:09:b3:48:6e:ff:bf:c0:
bc:9a:4f:e7:84:cc:a5:12:a1:3f:53:39:01:d6:eb:
98:22:16:e0:c2:7b:a5:0e:2d:5a:59:88:38:05:c3:
03:45:2d:50:e2:cc:27:23:64:7d:9f:54:41:c2:aa:
06:d7:31:f8:f5:33:bc:2f:c8:a8:e9:4a:c6:0d:d3:
6a:44:8e:01:1e:ce:d5:24:d6:49:5d:52:94:a6:6b:
b4:da:c5:d3:6e:03:6f:4f:5a:57:98:9a:5c:4e:da:
c2:70:cc:96:ca:2c:60:f7:12:d7:7d:29:68:a8:09:
2f:84:1f:7d:d2:c1:46:28:bc:a5:0c:d5:46:e0:d7:
e2:8e:10:65:91:c7:fb:85:90:5b:5a:1a:58:57:d2:
78:65:ef:29:88:1c:b9:1c:4d:af:03:6c:d6:08:f2:
78:bc:98:14:63:40:e3:85:21:47:ee:70:bd:69:d6:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:98:3B:01:5E:3F:9A:70:C6:6D:F2:DD:CA:6C:28:06:EF:BB:D7:7F
X509v3 Authority Key Identifier:
keyid:BB:22:CF:4C:71:A9:59:11:BD:60:46:D0:5C:0A:8B:A1:64:6C:9E:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/mpg7AV4_mnDGbfLdymwoBu-7138.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.112.0/22
91.238.116.0/22
94.140.28.0/22
185.29.204.0/22
185.199.112.0/22
188.214.0.0/22
IPv6:
2a00:a9a0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:43:3b:30:c5:25:d9:a6:a4:58:7c:bc:3e:63:15:ca:db:19:
f9:4b:47:41:1e:32:af:11:5a:7d:f9:43:cb:15:87:5c:29:ae:
a3:9e:80:45:8b:4d:82:34:68:18:7d:a1:af:84:2c:7e:b0:fd:
34:1b:e2:50:33:c5:07:0d:ff:f3:39:e8:16:46:c6:ab:7d:4e:
87:21:ce:30:99:30:da:74:6f:7f:b5:63:8d:a0:b8:a7:10:6c:
db:d4:fe:5b:c7:85:1f:be:dd:74:98:f7:a9:21:10:e1:b4:1f:
74:8f:9b:14:23:34:1d:68:c4:ab:e8:24:3c:96:7d:12:4c:8b:
45:b7:3c:3b:89:c0:d9:b0:4e:97:a8:8a:cb:65:0d:2a:18:4f:
b5:15:64:b9:c2:df:87:b1:4e:37:cc:16:a5:d5:ab:3a:fa:97:
94:b6:3a:fd:bc:7c:a3:0c:bc:93:47:15:f3:85:12:2b:01:77:
ff:5a:53:5f:c3:d5:82:8c:ac:7d:ae:20:f7:99:1e:59:cb:7b:
95:62:5c:81:59:f7:d8:11:cd:66:b5:15:84:cd:a8:ed:fa:73:
23:36:da:71:27:2e:20:8c:1a:38:38:41:76:3b:a7:d9:fe:cc:
44:13:77:9b:39:3e:c4:ff:e8:f7:9b:2b:a1:df:34:e9:ba:45:
08:ad:60:de
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVs7yuYtP0UqG2yiBuWVH2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMjJjZjRjNzFhOTU5MTFiZDYwNDZkMDVjMGE4YmExNjQ2
YzllYWQwHhcNMjMwMTAxMTA0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk4M2IwMTVlM2Y5YTcwYzY2ZGYyZGRjYTZjMjgwNmVmYmJkNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxi9Ic0bS0hNUyoAe1PYQEemhQq7
pyJQfvp5wpGDOJFC7v766T5rfY6d6QEVgVys6PXRg7hboSouXu4ULxQbTdMTSNL+
Em3LZ84M9A5wzb7XfgmzSG7/v8C8mk/nhMylEqE/UzkB1uuYIhbgwnulDi1aWYg4
BcMDRS1Q4swnI2R9n1RBwqoG1zH49TO8L8io6UrGDdNqRI4BHs7VJNZJXVKUpmu0
2sXTbgNvT1pXmJpcTtrCcMyWyixg9xLXfSloqAkvhB990sFGKLylDNVG4NfijhBl
kcf7hZBbWhpYV9J4Ze8piBy5HE2vA2zWCPJ4vJgUY0DjhSFH7nC9adY1TwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJqYOwFeP5pwxm3y3cpsKAbvu9d/MB8GA1UdIwQY
MBaAFLsiz0xxqVkRvWBG0FwKi6FkbJ6tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXlMUFRIR3BXUkc5WUViUVhBcUxvV1JzbnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hZTgyNWYtNmY1NC00M2VhLTliODMt
YmJhZWM3NTA1ZDk3LzEvbXBnN0FWNF9tbkRHYmZMZHltd29CdS03MTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hZTgyNWYtNmY1NC00M2VhLTliODMtYmJhZWM3NTA1ZDk3
LzEvdXlMUFRIR3BXUkc5WUViUVhBcUxvV1JzbnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCVdFwAwQC
W+50AwQCXowcAwQCuR3MAwQCucdwAwQCvNYAMA0EAgACMAcDBQAqAKmgMA0GCSqG
SIb3DQEBCwUAA4IBAQB/QzswxSXZpqRYfLw+YxXK2xn5S0dBHjKvEVp9+UPLFYdc
Ka6jnoBFi02CNGgYfaGvhCx+sP00G+JQM8UHDf/zOegWRsarfU6HIc4wmTDadG9/
tWONoLinEGzb1P5bx4Ufvt10mPepIRDhtB90j5sUIzQdaMSr6CQ8ln0STItFtzw7
icDZsE6XqIrLZQ0qGE+1FWS5wt+HsU43zBal1as6+peUtjr9vHyjDLyTRxXzhRIr
AXf/WlNfw9WCjKx9riD3mR5Zy3uVYlyBWffYEc1mtRWEzajt+nMjNtpxJy4gjBo4
OEF2O6fZ/sxEE3ebOT7E/+j3myuh3zTpukUIrWDe
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:11:31 2025 by rpki-client