Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/MqpkKe3oKdiha37kSdneOrqUz5c.roa
File: MqpkKe3oKdiha37kSdneOrqUz5c.roa (raw, json)
Hash identifier: cnzgHVWzdKzYY+ea692vg2FCcnSdPA1sq2mtK+SFAyw=
Subject key identifier: 32:AA:64:29:ED:E8:29:D8:A1:6B:7E:E4:49:D9:DE:3A:BA:94:CF:97
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 018CA1D4CC4D4089926335B2BD440BCD63F9
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/MqpkKe3oKdiha37kSdneOrqUz5c.roa
Signing time: Mon 25 Dec 2023 16:35:26 +0000
ROA not before: Mon 25 Dec 2023 16:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 89.252.184.0/24 maxlen: 24
45.84.189.0/24 maxlen: 24
2a0f:e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:d4:cc:4d:40:89:92:63:35:b2:bd:44:0b:cd:63:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Dec 25 16:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32aa6429ede829d8a16b7ee449d9de3aba94cf97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:58:3c:06:c7:09:e8:24:c5:9d:88:c5:d7:a3:
36:fe:94:e0:e0:33:d9:b9:4e:1e:c2:58:5c:eb:7e:
94:cc:13:59:50:22:cb:a4:4a:1a:9a:e4:62:bd:7b:
7f:b4:31:8f:b7:37:6b:4e:30:04:9e:d1:4e:3c:8c:
92:07:a6:30:50:66:d9:f6:23:81:0e:a0:69:7d:79:
79:0b:a6:2f:09:f4:19:22:a2:62:da:5f:45:9f:43:
08:14:04:a1:22:c7:d0:47:04:cb:5c:f2:1a:fa:f0:
8d:8f:95:aa:57:83:a5:21:75:fd:ca:db:c6:ca:c3:
73:47:fc:68:e2:f7:bb:2c:e6:ef:7f:6e:3a:7a:8b:
58:0b:71:0a:fb:c5:30:e4:9d:9c:3e:2f:6c:67:fd:
31:13:9f:2a:1e:a5:91:a9:e1:bc:b8:57:c7:a3:b2:
b5:71:c2:33:e4:f6:ba:52:89:e0:1a:b7:57:6e:32:
ca:16:3a:c3:52:d8:bf:90:d7:36:d6:4f:6a:15:c4:
0c:21:da:2b:db:70:81:1c:a6:06:65:d9:21:a8:51:
68:3e:a2:30:f7:a8:a8:06:e2:c2:8b:8d:a1:27:f8:
6f:01:cd:89:c6:67:7c:bb:3e:cf:32:b5:72:19:5a:
c1:51:57:60:c3:50:95:76:56:cf:69:79:fd:52:10:
68:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AA:64:29:ED:E8:29:D8:A1:6B:7E:E4:49:D9:DE:3A:BA:94:CF:97
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/MqpkKe3oKdiha37kSdneOrqUz5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.189.0/24
89.252.184.0/24
IPv6:
2a0f:e80::/29
Signature Algorithm: sha256WithRSAEncryption
af:6e:26:3f:1a:9b:dc:77:be:e4:9a:18:cc:67:c9:f9:72:f4:
6b:2a:7c:b9:33:10:99:74:69:ff:61:38:72:e7:06:8d:ca:99:
50:17:65:0f:8d:06:8a:46:26:ed:16:3e:fc:39:f6:ab:85:99:
e7:65:a8:f0:ed:2d:2b:56:0e:37:79:eb:7d:63:10:bf:a0:63:
ad:4e:47:85:f5:14:0a:48:1a:62:f8:ad:11:67:de:a4:80:16:
ec:1e:c2:b7:66:63:92:10:e7:ae:64:bc:99:8b:ed:bf:1b:e2:
9f:8a:38:f1:0d:66:c7:79:12:1b:26:3d:2e:5a:8c:42:96:8d:
0b:af:06:3f:24:c1:38:e2:fe:ba:8f:46:e4:68:68:eb:46:66:
eb:85:6b:4e:51:b2:7d:2c:be:b8:ad:b3:3b:e3:4f:8c:8c:61:
be:c6:86:a5:4d:99:54:c4:5c:68:d8:54:4b:10:b1:85:bf:cd:
af:33:8e:73:b4:e3:38:1b:e0:e5:73:98:0f:f9:7d:b3:ba:05:
a3:26:04:40:27:c9:b5:35:19:fa:56:e1:c1:83:b1:fd:47:23:
68:2d:58:cb:f9:b0:e3:4d:bc:0f:3f:b4:ef:e6:07:70:88:d8:
a3:1f:f5:a6:f3:61:b5:cc:38:46:1b:4d:68:98:e8:7f:b1:d5:
fd:98:33:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyh1MxNQImSYzWyvUQLzWP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjMxMjI1MTYzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFhNjQyOWVkZTgyOWQ4YTE2YjdlZTQ0OWQ5ZGUzYWJhOTRjZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1g8BscJ6CTFnYjF16M2/pTg4DPZ
uU4ewlhc636UzBNZUCLLpEoamuRivXt/tDGPtzdrTjAEntFOPIySB6YwUGbZ9iOB
DqBpfXl5C6YvCfQZIqJi2l9Fn0MIFAShIsfQRwTLXPIa+vCNj5WqV4OlIXX9ytvG
ysNzR/xo4ve7LObvf246eotYC3EK+8Uw5J2cPi9sZ/0xE58qHqWRqeG8uFfHo7K1
ccIz5Pa6UongGrdXbjLKFjrDUti/kNc21k9qFcQMIdor23CBHKYGZdkhqFFoPqIw
96ioBuLCi42hJ/hvAc2Jxmd8uz7PMrVyGVrBUVdgw1CVdlbPaXn9UhBoFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDKqZCnt6CnYoWt+5EnZ3jq6lM+XMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvTXFwa0tlM29LZGloYTM3a1NkbmVPcnFVejVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVS9AwQA
Wfy4MA0EAgACMAcDBQMqDw6AMA0GCSqGSIb3DQEBCwUAA4IBAQCvbiY/Gpvcd77k
mhjMZ8n5cvRrKny5MxCZdGn/YThy5waNyplQF2UPjQaKRibtFj78OfarhZnnZajw
7S0rVg43eet9YxC/oGOtTkeF9RQKSBpi+K0RZ96kgBbsHsK3ZmOSEOeuZLyZi+2/
G+KfijjxDWbHeRIbJj0uWoxClo0LrwY/JME44v66j0bkaGjrRmbrhWtOUbJ9LL64
rbM740+MjGG+xoalTZlUxFxo2FRLELGFv82vM45ztOM4G+Dlc5gP+X2zugWjJgRA
J8m1NRn6VuHBg7H9RyNoLVjL+bDjTbwPP7Tv5gdwiNijH/Wm82G1zDhGG01omOh/
sdX9mDO1
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:37:41 2025 by rpki-client