Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/cMbMS_IF6y83ZfdguHZCiSZSJAs.roa
File: cMbMS_IF6y83ZfdguHZCiSZSJAs.roa (raw, json)
Hash identifier: jDuZbC0+MJRiHWTvEv7Y1q8yi8LIKO7rhAfzTYs+Kg0=
Subject key identifier: 70:C6:CC:4B:F2:05:EB:2F:37:65:F7:60:B8:76:42:89:26:52:24:0B
Certificate issuer: /CN=0dc2061405956993cc63a60db0f963525d357731
Certificate serial: 018570150EE5D83F497B8619F3F77C905308
Authority key identifier: 0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/cMbMS_IF6y83ZfdguHZCiSZSJAs.roa
Signing time: Mon 02 Jan 2023 01:25:06 +0000
ROA not before: Mon 02 Jan 2023 01:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24853
IP address blocks: 185.139.80.0/22 maxlen: 22
193.111.162.0/24 maxlen: 24
2a07:1400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:0e:e5:d8:3f:49:7b:86:19:f3:f7:7c:90:53:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dc2061405956993cc63a60db0f963525d357731
Validity
Not Before: Jan 2 01:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70c6cc4bf205eb2f3765f760b87642892652240b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7f:b4:9f:42:34:9c:10:a1:a2:d0:7c:73:60:
88:6a:7b:92:c9:2b:50:9b:ea:ad:61:f4:76:96:41:
b7:48:1f:9f:83:b3:e2:a0:07:48:4e:29:38:2b:b1:
fc:53:2a:09:b6:b6:42:99:9b:3d:18:ea:36:7f:27:
eb:38:85:41:c5:d9:0e:6e:af:c4:e3:01:9a:08:ce:
7c:68:f1:7e:f0:45:fd:4c:74:39:05:63:e1:48:28:
41:6a:ba:17:89:9b:0b:e7:8d:2f:9c:c7:dd:df:8e:
b5:b1:80:7a:56:92:f0:7d:ae:59:c1:91:c4:a3:4f:
53:3c:d0:95:2f:ba:a8:64:45:0f:33:07:cc:c4:3a:
b0:d8:f7:98:98:08:3a:ef:0d:56:96:65:af:8c:6b:
99:9a:cc:0e:c7:ef:13:53:2b:ee:3b:36:a7:35:0a:
bd:96:73:0b:b5:75:3b:7c:a9:7e:0f:00:83:a6:2a:
eb:13:2f:02:4b:3d:c6:3d:32:22:09:4b:ce:69:b9:
da:d8:5d:55:a7:6a:07:f2:56:01:31:ee:9f:ef:2a:
e8:d3:7c:2b:bf:e0:6a:c2:9e:4f:3d:98:a7:de:3a:
cf:df:0f:41:f8:98:73:24:44:75:27:a1:57:78:7d:
dd:31:73:77:78:82:c3:6f:97:57:a0:e2:6a:d0:d8:
5b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C6:CC:4B:F2:05:EB:2F:37:65:F7:60:B8:76:42:89:26:52:24:0B
X509v3 Authority Key Identifier:
keyid:0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/cMbMS_IF6y83ZfdguHZCiSZSJAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/DcIGFAWVaZPMY6YNsPljUl01dzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.80.0/22
193.111.162.0/24
IPv6:
2a07:1400::/29
Signature Algorithm: sha256WithRSAEncryption
61:e1:7f:90:ad:44:29:fe:4a:b9:7e:4f:b3:84:d3:90:52:12:
0f:03:9e:c7:36:7a:19:b0:3e:94:d6:a8:00:e8:68:d2:0a:df:
3b:6f:af:86:e4:a5:cf:b5:34:1d:6f:fb:04:41:04:4c:81:7e:
7e:c4:64:91:45:35:08:6c:c8:24:9f:33:aa:b8:da:ce:f7:ee:
90:0a:d0:93:cf:cf:c2:8b:7b:44:0d:1f:01:8f:f2:7b:01:4e:
5b:dd:d0:b7:ba:5b:bf:1b:ba:47:78:b8:ef:cb:88:6e:f7:a8:
f3:3b:69:9e:b0:00:5b:a3:10:74:6e:21:4e:25:5d:30:c2:40:
14:31:99:80:a2:76:1e:9c:c8:39:a8:92:73:f5:ca:0e:05:ba:
d7:3e:41:c3:9c:c6:8d:b1:05:7f:f4:f6:6b:72:2e:51:df:9d:
ca:c0:4a:41:92:28:dd:41:81:76:c1:cf:14:fe:07:af:e5:be:
7a:7f:6a:a1:bd:c4:6b:c8:04:b5:88:b7:61:d8:bf:b4:a5:f3:
e2:a6:86:e3:b1:86:dc:f1:c2:0b:c6:d8:77:84:3b:a5:59:67:
3c:e3:93:89:69:61:e4:80:4f:b0:99:cd:d5:0a:f1:a8:c5:bc:
d9:b0:49:f9:ff:e9:07:94:6a:f9:89:75:37:2c:07:7f:b6:4a:
d1:d3:d4:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwFQ7l2D9Je4YZ8/d8kFMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzIwNjE0MDU5NTY5OTNjYzYzYTYwZGIwZjk2MzUyNWQz
NTc3MzEwHhcNMjMwMTAyMDEyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM2Y2M0YmYyMDVlYjJmMzc2NWY3NjBiODc2NDI4OTI2NTIyNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX+0n0I0nBChotB8c2CIanuSyStQ
m+qtYfR2lkG3SB+fg7PioAdITik4K7H8UyoJtrZCmZs9GOo2fyfrOIVBxdkObq/E
4wGaCM58aPF+8EX9THQ5BWPhSChBaroXiZsL540vnMfd3461sYB6VpLwfa5ZwZHE
o09TPNCVL7qoZEUPMwfMxDqw2PeYmAg67w1WlmWvjGuZmswOx+8TUyvuOzanNQq9
lnMLtXU7fKl+DwCDpirrEy8CSz3GPTIiCUvOabna2F1Vp2oH8lYBMe6f7yro03wr
v+Bqwp5PPZin3jrP3w9B+JhzJER1J6FXeH3dMXN3eILDb5dXoOJq0NhbIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHDGzEvyBesvN2X3YLh2QokmUiQLMB8GA1UdIwQY
MBaAFA3CBhQFlWmTzGOmDbD5Y1JdNXcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNJR0ZBV1ZhWlBNWTZZTnNQbGpVbDAxZHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85ZGU3NjctM2EyOC00OWFiLWFlMjgt
MjM0OGJhNmZiNGMzLzEvY01iTVNfSUY2eTgzWmZkZ3VIWkNpU1pTSkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85ZGU3NjctM2EyOC00OWFiLWFlMjgtMjM0OGJhNmZiNGMz
LzEvRGNJR0ZBV1ZhWlBNWTZZTnNQbGpVbDAxZHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYtQAwQA
wW+iMA0EAgACMAcDBQMqBxQAMA0GCSqGSIb3DQEBCwUAA4IBAQBh4X+QrUQp/kq5
fk+zhNOQUhIPA57HNnoZsD6U1qgA6GjSCt87b6+G5KXPtTQdb/sEQQRMgX5+xGSR
RTUIbMgknzOquNrO9+6QCtCTz8/Ci3tEDR8Bj/J7AU5b3dC3ulu/G7pHeLjvy4hu
96jzO2mesABboxB0biFOJV0wwkAUMZmAonYenMg5qJJz9coOBbrXPkHDnMaNsQV/
9PZrci5R353KwEpBkijdQYF2wc8U/gev5b56f2qhvcRryAS1iLdh2L+0pfPipobj
sYbc8cILxth3hDulWWc845OJaWHkgE+wmc3VCvGoxbzZsEn5/+kHlGr5iXU3LAd/
tkrR09T5
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:26:21 2025 by rpki-client