Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/M9TIgLXtpPotuSyo2sxYqMloucs.roa
File: M9TIgLXtpPotuSyo2sxYqMloucs.roa (raw, json)
Hash identifier: CL2opPOTR/S0AEjVB7++fQyIokq+A0GhL74SN8ym+3M=
Subject key identifier: 33:D4:C8:80:B5:ED:A4:FA:2D:B9:2C:A8:DA:CC:58:A8:C9:68:B9:CB
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 04F800A3
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/M9TIgLXtpPotuSyo2sxYqMloucs.roa
Signing time: Thu 28 Apr 2022 07:37:30 +0000
ROA not before: Thu 28 Apr 2022 07:37:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49352
IP address blocks: 188.93.213.0/24 maxlen: 24
188.93.208.0/23 maxlen: 23
188.93.215.0/24 maxlen: 24
188.93.214.0/24 maxlen: 24
178.21.14.0/23 maxlen: 23
178.21.13.0/24 maxlen: 24
178.21.12.0/22 maxlen: 22
178.21.12.0/24 maxlen: 24
185.38.16.0/24 maxlen: 24
185.38.17.0/24 maxlen: 24
185.38.18.0/24 maxlen: 24
185.38.19.0/24 maxlen: 24
194.67.64.0/24 maxlen: 24
194.67.75.0/24 maxlen: 24
194.67.76.0/23 maxlen: 23
176.99.4.0/24 maxlen: 24
176.99.9.0/24 maxlen: 24
176.99.5.0/24 maxlen: 24
176.99.7.0/24 maxlen: 24
176.99.6.0/24 maxlen: 24
176.99.5.190/32 maxlen: 32
188.93.209.127/32 maxlen: 32
194.67.106.0/24 maxlen: 24
188.93.208.172/32 maxlen: 32
178.21.9.0/24 maxlen: 24
2a02:f20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83361955 (0x4f800a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Apr 28 07:37:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33d4c880b5eda4fa2db92ca8dacc58a8c968b9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:55:1b:91:3f:bc:71:86:6d:49:11:db:ce:2e:
be:19:11:22:9d:ce:68:0b:84:f1:d3:f3:2e:44:a5:
ce:9e:26:0c:dc:6f:a9:64:46:e3:d9:c0:ec:74:7e:
32:35:43:3e:f8:0c:84:21:64:49:c5:86:9b:4c:ee:
d8:cf:61:8f:ad:cd:0d:53:2c:ea:78:0d:2a:c5:2f:
11:66:97:95:ae:66:96:87:aa:ca:eb:1a:af:a9:44:
99:e2:ce:91:9a:bf:32:76:f5:2e:db:b4:26:eb:cd:
9a:ab:20:3e:8a:21:eb:91:02:4c:a4:ca:e9:f6:78:
40:5f:09:41:d3:1a:dd:25:d0:46:45:7d:95:b2:6d:
41:74:55:3f:3d:1b:36:7f:e3:b7:3d:f4:3e:91:18:
f4:b9:07:73:cd:a5:d8:35:dd:87:f0:40:53:1b:49:
b5:dc:03:f9:80:95:9d:c0:b3:75:62:0a:21:fe:d2:
0d:93:1b:7c:db:e5:0d:b6:81:30:ff:f8:3d:0e:6f:
2e:6a:2d:b1:ba:76:80:0c:63:ba:5b:5a:dc:7d:8a:
ca:ae:30:20:b0:ce:a3:70:83:00:21:a6:b8:2c:6a:
0f:0f:c7:2c:44:9c:24:3e:09:7d:86:e7:69:bc:7c:
1d:50:e9:d4:ea:58:9f:ce:ab:0b:1c:ce:8d:3e:46:
f3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D4:C8:80:B5:ED:A4:FA:2D:B9:2C:A8:DA:CC:58:A8:C9:68:B9:CB
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/M9TIgLXtpPotuSyo2sxYqMloucs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.99.4.0/22
176.99.9.0/24
178.21.9.0/24
178.21.12.0/22
185.38.16.0/22
188.93.208.0/23
188.93.213.0-188.93.215.255
194.67.64.0/24
194.67.75.0-194.67.77.255
194.67.106.0/24
IPv6:
2a02:f20::/32
Signature Algorithm: sha256WithRSAEncryption
c5:4c:94:8b:64:72:f1:d8:45:6d:3c:74:7e:08:8d:e3:99:1b:
a5:c8:ae:d2:33:9e:b8:73:3b:fa:fd:6e:bb:bf:10:85:71:d6:
a1:a7:1d:dd:1f:d8:84:f4:db:80:95:48:d6:99:22:74:de:5e:
39:4a:a9:ad:a1:43:ba:f3:cf:4b:a7:ad:75:52:46:75:69:c6:
36:8b:46:c2:42:1e:bf:93:2d:6c:78:0b:2d:66:8e:b8:a5:c1:
ff:f1:2b:4d:9d:76:2f:49:62:bf:90:53:9e:ab:a9:2a:e4:4a:
a4:f4:03:95:ee:d2:12:45:a3:ba:93:d4:61:ce:72:88:63:75:
8e:36:a3:2a:6e:a0:ba:d2:3c:a7:ba:4a:a3:3d:e2:51:b2:a9:
4d:e6:e7:4b:20:f4:10:75:10:de:ef:f8:f7:7c:d3:97:d2:14:
0f:9a:5b:f5:65:34:54:de:b3:8e:bc:84:80:62:e6:31:48:9d:
6f:2b:cb:26:7d:0a:b7:df:d5:79:06:79:30:40:ac:cc:53:c9:
40:51:de:ad:e7:91:1b:38:aa:49:d9:3e:78:8f:84:f7:d5:d4:
dd:f4:23:94:03:bd:65:92:44:d7:1d:8e:88:be:50:d2:2e:e8:
fc:90:84:9b:42:b0:f5:99:6c:d2:d4:fb:c0:1c:98:89:ec:0f:
53:bf:39:71
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIEBPgAozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODMzMjk0YTFjZGMxMzU4YWZjNDM5YzBhNzI3MzNiMDY1YTg2ZjhiMB4XDTIyMDQy
ODA3MzczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNkNGM4ODBiNWVk
YTRmYTJkYjkyY2E4ZGFjYzU4YThjOTY4YjljYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFVG5E/vHGGbUkR284uvhkRIp3OaAuE8dPzLkSlzp4mDNxv
qWRG49nA7HR+MjVDPvgMhCFkScWGm0zu2M9hj63NDVMs6ngNKsUvEWaXla5mloeq
yusar6lEmeLOkZq/Mnb1Ltu0JuvNmqsgPooh65ECTKTK6fZ4QF8JQdMa3SXQRkV9
lbJtQXRVPz0bNn/jtz30PpEY9LkHc82l2DXdh/BAUxtJtdwD+YCVncCzdWIKIf7S
DZMbfNvlDbaBMP/4PQ5vLmotsbp2gAxjulta3H2Kyq4wILDOo3CDACGmuCxqDw/H
LEScJD4JfYbnabx8HVDp1OpYn86rCxzOjT5G81cCAwEAAaOCAl4wggJaMB0GA1Ud
DgQWBBQz1MiAte2k+i25LKjazFioyWi5yzAfBgNVHSMEGDAWgBRYMylKHNwTWK/E
OcCnJzOwZahvizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dETXBTaHpjRTFpdnhEbkFweWN6c0dXb2I0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNGI0MTljLWNmOGYtNGM5YS05NGQ3LWJiNGI2NWI2YTBkMS8x
L005VElnTFh0cFBvdHVTeW8yc3hZcU1sb3Vjcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NGI0MTljLWNmOGYtNGM5YS05NGQ3LWJiNGI2NWI2YTBkMS8xL1dETXBTaHpjRTFp
dnhEbkFweWN6c0dXb2I0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0
BggrBgEFBQcBBwEB/wRlMGMwUgQCAAEwTAMEArBjBAMEALBjCQMEALIVCQMEArIV
DAMEArkmEAMEAbxd0DAMAwQAvF3VAwQDvF3QAwQAwkNAMAwDBADCQ0sDBAHCQ0wD
BADCQ2owDQQCAAIwBwMFACoCDyAwDQYJKoZIhvcNAQELBQADggEBAMVMlItkcvHY
RW08dH4IjeOZG6XIrtIznrhzO/r9bru/EIVx1qGnHd0f2IT024CVSNaZInTeXjlK
qa2hQ7rzz0unrXVSRnVpxjaLRsJCHr+TLWx4Cy1mjrilwf/xK02ddi9JYr+QU56r
qSrkSqT0A5Xu0hJFo7qT1GHOcohjdY42oypuoLrSPKe6SqM94lGyqU3m50sg9BB1
EN7v+Pd805fSFA+aW/VlNFTes468hIBi5jFInW8ryyZ9Crff1XkGeTBArMxTyUBR
3q3nkRs4qknZPniPhPfV1N30I5QDvWWSRNcdjoi+UNIu6PyQhJtCsPWZbNLU+8Ac
mInsD1O/OXE=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:51:58 2025 by rpki-client