Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/MXog3GYDmrLqCjTw-nG-uHwdVFw.roa
File: MXog3GYDmrLqCjTw-nG-uHwdVFw.roa (raw, json)
Hash identifier: c3rxWTi4GS7l7NO0bfrxh3PClViHvZVKcoMLdEfwibs=
Subject key identifier: 31:7A:20:DC:66:03:9A:B2:EA:0A:34:F0:FA:71:BE:B8:7C:1D:54:5C
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 138C4204
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/MXog3GYDmrLqCjTw-nG-uHwdVFw.roa
Signing time: Sat 01 Jan 2022 04:58:54 +0000
ROA not before: Sat 01 Jan 2022 04:58:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14907
IP address blocks: 91.198.174.0/24 maxlen: 24
185.15.56.0/24 maxlen: 24
185.15.57.0/24 maxlen: 24
185.15.58.0/24 maxlen: 24
185.15.59.0/24 maxlen: 24
2a02:ec80:600::/48 maxlen: 48
2a02:ec80:500::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327959044 (0x138c4204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Jan 1 04:58:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=317a20dc66039ab2ea0a34f0fa71beb87c1d545c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:1a:44:64:ed:17:0e:a7:16:ec:4b:c7:a4:
b2:eb:66:0f:2a:7a:d8:15:16:0c:b5:52:73:02:48:
46:db:73:d4:59:01:36:e3:8e:d0:f9:89:a9:8f:ca:
ad:0b:ec:75:fe:a9:fd:87:4e:3b:e7:5b:66:44:84:
03:59:77:b1:7e:15:4f:fb:32:70:8b:1f:e6:49:c3:
cf:c5:c4:5f:9a:e2:90:2f:2e:ed:c4:6b:8c:19:08:
0f:1c:1a:30:ba:a8:b9:d8:54:5c:4d:4e:66:ef:26:
7b:e3:f5:61:c3:48:5e:b0:20:62:3a:9e:cc:b9:b2:
ec:73:47:4c:da:62:3e:6c:46:85:57:d9:a4:bb:ae:
00:b0:f4:20:c4:ff:55:e5:82:22:ec:d5:a7:ce:c8:
20:4b:68:a5:5c:38:90:c7:7a:e1:f4:f6:fd:26:bd:
04:01:bd:3a:bd:44:9b:1a:b6:33:91:8c:d0:38:6f:
98:65:63:31:94:be:db:7d:d3:75:81:5e:40:b5:a6:
ca:66:59:5c:f3:26:64:17:4d:5b:ef:33:e5:35:32:
1b:9d:a0:5b:e8:9d:7f:18:7b:a9:a5:e5:89:48:76:
b9:7c:72:47:5a:76:bf:1a:47:e5:5a:cf:1d:a1:7e:
7c:f9:d9:e1:77:2b:ac:52:32:a4:01:39:47:8f:bb:
f5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7A:20:DC:66:03:9A:B2:EA:0A:34:F0:FA:71:BE:B8:7C:1D:54:5C
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/MXog3GYDmrLqCjTw-nG-uHwdVFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.174.0/24
185.15.56.0/22
IPv6:
2a02:ec80:500::/48
2a02:ec80:600::/48
Signature Algorithm: sha256WithRSAEncryption
9c:6f:d7:57:0c:e6:fd:36:7a:5f:41:b8:31:12:ee:3c:a2:0f:
1a:93:1f:3c:12:bc:0d:d9:7b:05:f0:95:41:9c:18:a7:e7:af:
12:ea:58:c4:ed:f0:5b:c9:b0:b8:a8:61:d0:9c:e3:ee:fd:6a:
31:b6:f6:86:62:b3:df:02:da:e2:c1:7c:53:04:bb:e1:a5:60:
f8:c9:05:50:47:9e:74:a1:7c:8a:2e:37:1c:08:9b:c6:c1:5f:
d5:e8:c6:22:79:fc:6a:57:72:32:9a:3f:03:23:e5:af:bb:27:
c6:4e:c5:7e:25:33:c6:24:c1:f1:66:b9:7d:13:16:4f:2e:94:
d4:8d:47:b6:52:aa:57:d2:83:73:e2:0c:6e:24:64:a7:79:50:
77:00:5d:6c:c9:48:49:59:43:44:01:7f:b3:fb:ff:25:1d:bf:
a4:6a:52:7d:1b:d2:d9:4a:c5:66:0b:2f:53:e3:09:14:22:6b:
cd:36:a8:61:20:a9:5f:9b:71:6c:29:76:83:02:45:fa:17:8f:
fd:7b:c0:bb:26:99:30:cb:ef:7f:0c:4d:51:a8:db:e9:a9:1f:
cf:e1:4b:5d:8f:fb:b8:a5:70:b8:31:60:11:9f:fe:93:95:d1:
6a:27:09:36:b5:67:09:4d:6b:e2:ef:88:68:d9:f0:fa:66:cb:
10:19:6b:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEE4xCBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWE4ZTQ0ZTU3M2M1M2M3MTkyMzEyZmNjNzIxNTBkMmRlMzc3ZDZkMB4XDTIyMDEw
MTA0NTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE3YTIwZGM2NjAz
OWFiMmVhMGEzNGYwZmE3MWJlYjg3YzFkNTQ1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpyGkRk7RcOpxbsS8eksutmDyp62BUWDLVScwJIRttz1FkB
NuOO0PmJqY/KrQvsdf6p/YdOO+dbZkSEA1l3sX4VT/sycIsf5knDz8XEX5rikC8u
7cRrjBkIDxwaMLqoudhUXE1OZu8me+P1YcNIXrAgYjqezLmy7HNHTNpiPmxGhVfZ
pLuuALD0IMT/VeWCIuzVp87IIEtopVw4kMd64fT2/Sa9BAG9Or1Emxq2M5GM0Dhv
mGVjMZS+233TdYFeQLWmymZZXPMmZBdNW+8z5TUyG52gW+idfxh7qaXliUh2uXxy
R1p2vxpH5VrPHaF+fPnZ4XcrrFIypAE5R4+79WcCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQxeiDcZgOasuoKNPD6cb64fB1UXDAfBgNVHSMEGDAWgBSpqOROVzxTxxkj
EvzHIVDS3jd9bTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FhamtUbGM4VThjWkl4TDh4eUZRMHQ0M2ZXMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNDUyZGQ1LWQwZTQtNGQ0Yi04YWU2LTE5NTEzNDVjZWEzMy8x
L01Yb2czR1lEbXJMcUNqVHctbkctdUh3ZFZGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NDUyZGQ1LWQwZTQtNGQ0Yi04YWU2LTE5NTEzNDVjZWEzMy8xL3FhamtUbGM4VThj
Wkl4TDh4eUZRMHQ0M2ZXMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAFvGrgMEArkPODAYBAIAAjASAwcA
KgLsgAUAAwcAKgLsgAYAMA0GCSqGSIb3DQEBCwUAA4IBAQCcb9dXDOb9NnpfQbgx
Eu48og8akx88ErwN2XsF8JVBnBin568S6ljE7fBbybC4qGHQnOPu/WoxtvaGYrPf
AtriwXxTBLvhpWD4yQVQR550oXyKLjccCJvGwV/V6MYiefxqV3Iymj8DI+WvuyfG
TsV+JTPGJMHxZrl9ExZPLpTUjUe2UqpX0oNz4gxuJGSneVB3AF1syUhJWUNEAX+z
+/8lHb+kalJ9G9LZSsVmCy9T4wkUImvNNqhhIKlfm3FsKXaDAkX6F4/9e8C7Jpkw
y+9/DE1RqNvpqR/P4Utdj/u4pXC4MWARn/6TldFqJwk2tWcJTWvi74ho2fD6ZssQ
GWup
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:21 2025 by rpki-client