Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mUMocozkayzXOb5fiBcTvRrLzXU.roa
File: mUMocozkayzXOb5fiBcTvRrLzXU.roa (raw, json)
Hash identifier: BtnP81Qmpxs/ebcsCI92lUDpwm5Ztgfyisg2QEb4ydc=
Subject key identifier: 99:43:28:72:8C:E4:6B:2C:D7:39:BE:5F:88:17:13:BD:1A:CB:CD:75
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 425396D1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mUMocozkayzXOb5fiBcTvRrLzXU.roa
Signing time: Sat 01 Jan 2022 14:02:56 +0000
ROA not before: Sat 01 Jan 2022 14:02:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3399
IP address blocks: 194.71.217.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
193.180.23.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
193.182.111.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112774353 (0x425396d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:02:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=994328728ce46b2cd739be5f881713bd1acbcd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:10:f6:a0:3f:e7:dd:07:52:46:71:09:58:16:
6d:23:44:9d:b9:7f:cc:e0:37:96:5d:2e:22:22:fe:
e1:c3:8c:d8:4d:cb:78:1d:a3:02:32:aa:0d:16:d5:
fa:9d:04:b9:34:53:db:9b:88:9e:97:f8:cb:6f:03:
cc:59:0b:69:aa:31:32:27:8b:c6:43:60:0c:25:e8:
9a:f3:28:e0:74:db:4f:0e:07:92:13:d6:8e:61:ce:
90:d3:52:89:b5:d6:75:12:0a:43:e2:4b:13:5e:c3:
65:0a:97:52:44:1e:70:74:d4:58:e5:ce:2c:c6:4e:
4a:c9:29:b4:93:82:41:4b:f0:0c:84:4f:fc:4e:3a:
37:e8:f4:8c:c7:9a:a5:26:bd:51:56:cd:9e:b9:28:
e4:71:89:a8:9e:4e:3e:86:3a:19:7b:ac:16:04:89:
84:0f:b4:86:ed:db:d0:57:9d:d5:08:6d:99:fe:10:
ae:2f:65:3f:d9:a8:1a:85:45:65:a7:ed:eb:08:4b:
77:35:51:0b:89:31:57:e7:cd:c5:9d:33:7b:2d:e2:
f5:8b:b5:04:e5:e6:49:80:37:f7:2d:cd:e6:f2:5f:
d2:92:f1:59:9e:18:cf:e3:28:fe:97:db:ce:c8:aa:
21:4f:2d:85:cf:94:7a:84:24:f4:14:94:15:49:80:
13:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:43:28:72:8C:E4:6B:2C:D7:39:BE:5F:88:17:13:BD:1A:CB:CD:75
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mUMocozkayzXOb5fiBcTvRrLzXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.164.0/23
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.71.216.0/23
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b8:34:a4:f6:de:b2:26:3f:78:de:53:95:a3:39:34:33:c3:
5b:79:4f:97:47:9a:de:57:d9:7a:cf:cc:f5:9d:ae:07:41:ab:
fd:ff:29:7c:a7:a2:61:77:5c:77:a8:ee:89:45:59:57:ee:7c:
44:e6:3b:4a:0f:1c:1e:ae:4a:ba:8b:0e:91:6c:de:ea:94:d5:
b5:29:9f:6c:41:69:3a:44:3f:27:91:f1:3b:ef:cd:d3:e3:39:
9a:63:a1:2a:c4:b4:80:7f:28:01:06:ae:73:fc:7d:80:db:31:
64:10:c7:2e:8b:67:86:98:eb:a2:fe:df:06:90:04:ab:a4:04:
df:ac:5c:f1:8e:b1:65:e4:9b:8d:6f:ff:4d:7a:45:f0:e1:8c:
59:b6:2e:ff:51:5a:7e:fb:92:54:b3:d6:e1:34:c2:16:81:ca:
43:49:44:56:6b:c4:bb:d6:7e:b0:e1:ed:e1:b0:3c:5f:62:1d:
64:7b:a0:3b:4a:61:7c:e5:83:af:b5:dc:7d:08:1b:a7:4e:61:
72:5d:35:e6:0d:03:c7:ce:f6:c5:7f:19:9b:a1:40:53:25:d7:
f6:d6:05:e3:5c:90:ae:d8:a3:c3:e8:d9:19:07:bf:55:56:93:
75:38:08:fd:0d:09:85:6c:69:fa:7a:7f:2b:05:a9:5d:cd:46:
cf:c0:c6:92
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEQlOW0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk0MzI4NzI4Y2U0
NmIyY2Q3MzliZTVmODgxNzEzYmQxYWNiY2Q3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcQ9qA/590HUkZxCVgWbSNEnbl/zOA3ll0uIiL+4cOM2E3L
eB2jAjKqDRbV+p0EuTRT25uInpf4y28DzFkLaaoxMieLxkNgDCXomvMo4HTbTw4H
khPWjmHOkNNSibXWdRIKQ+JLE17DZQqXUkQecHTUWOXOLMZOSskptJOCQUvwDIRP
/E46N+j0jMeapSa9UVbNnrko5HGJqJ5OPoY6GXusFgSJhA+0hu3b0Fed1Qhtmf4Q
ri9lP9moGoVFZaft6whLdzVRC4kxV+fNxZ0zey3i9Yu1BOXmSYA39y3N5vJf0pLx
WZ4Yz+Mo/pfbzsiqIU8thc+UeoQk9BSUFUmAExECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSZQyhyjORrLNc5vl+IFxO9GsvNdTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L21VTW9jb3prYXl6WE9iNWZpQmNUdlJyTHpYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAMAk0AMEAcClsgMEAMG0FwMEAcG0
pAMEAMG2bwMEAMG3dAMEAcJEqgMEAcJH2AMEAMKECTANBgkqhkiG9w0BAQsFAAOC
AQEAE7g0pPbesiY/eN5TlaM5NDPDW3lPl0ea3lfZes/M9Z2uB0Gr/f8pfKeiYXdc
d6juiUVZV+58ROY7Sg8cHq5KuosOkWze6pTVtSmfbEFpOkQ/J5HxO+/N0+M5mmOh
KsS0gH8oAQauc/x9gNsxZBDHLotnhpjrov7fBpAEq6QE36xc8Y6xZeSbjW//TXpF
8OGMWbYu/1FafvuSVLPW4TTCFoHKQ0lEVmvEu9Z+sOHt4bA8X2IdZHugO0phfOWD
r7XcfQgbp05hcl015g0Dx872xX8Zm6FAUyXX9tYF41yQrtijw+jZGQe/VVaTdTgI
/Q0JhWxp+np/KwWpXc1Gz8DGkg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:28 2025 by rpki-client