Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/95_MjwyBHstwHtPoaIn2beQ1SLE.roa
File: 95_MjwyBHstwHtPoaIn2beQ1SLE.roa (raw, json)
Hash identifier: GCL8xvcWw9P58S3gb7NfuvCp1x7jm8Glq/gSz/dDMo8=
Subject key identifier: F7:9F:CC:8F:0C:81:1E:CB:70:1E:D3:E8:68:89:F6:6D:E4:35:48:B1
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 01869820B456BC289D52DCEF479DCF9BD72B
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/95_MjwyBHstwHtPoaIn2beQ1SLE.roa
Signing time: Tue 28 Feb 2023 13:05:25 +0000
ROA not before: Tue 28 Feb 2023 13:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.128.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:20:b4:56:bc:28:9d:52:dc:ef:47:9d:cf:9b:d7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Feb 28 13:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f79fcc8f0c811ecb701ed3e86889f66de43548b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:a8:d0:0d:a7:76:30:5e:6d:dd:be:ae:41:
f9:93:06:03:ac:a7:47:a0:6c:0b:c3:82:90:54:e0:
bc:1f:91:88:67:7a:6b:d1:b0:28:9a:bc:69:a8:e9:
37:be:2c:f4:2c:23:02:55:ef:96:08:88:bb:09:cd:
a9:c4:61:60:b4:8f:80:05:d5:73:f0:7a:5e:0d:be:
b7:b9:29:a0:4d:a3:b7:2e:4b:f1:ae:3b:08:1f:65:
12:5a:f7:9e:ec:ea:26:fc:c7:63:f7:a9:5c:31:ea:
fe:7c:7b:94:1d:8a:88:f1:7b:b2:1e:fa:2b:43:ba:
74:82:34:85:53:1c:94:f6:c3:da:12:ad:8c:97:a2:
f5:02:e3:82:8a:83:f5:ec:4b:be:f7:c0:92:7a:40:
ad:63:ee:92:cb:d7:8f:37:9f:17:ba:65:0c:0e:64:
f1:d9:48:d7:be:e7:5f:a6:6e:da:e8:84:00:17:09:
4b:d8:98:37:73:41:79:b1:11:fc:da:bb:c8:5b:09:
9b:70:52:78:c8:82:ce:55:15:a0:03:a4:28:d0:10:
5f:cd:15:e4:05:d0:11:b9:83:41:fc:d8:61:4e:7b:
6a:f2:b6:23:fb:96:93:bb:34:7c:e0:f7:9f:08:9b:
c3:68:63:d0:55:97:e4:74:f8:79:1c:14:33:35:16:
c4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9F:CC:8F:0C:81:1E:CB:70:1E:D3:E8:68:89:F6:6D:E4:35:48:B1
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/95_MjwyBHstwHtPoaIn2beQ1SLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.135.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:69:1f:91:cf:5b:b5:c0:d5:ee:20:34:29:14:35:9c:4a:df:
2c:73:fa:4e:28:b8:08:2a:f1:93:f3:91:aa:d9:b1:0d:1d:4f:
fe:f8:aa:be:58:cc:12:ab:98:f0:13:93:38:f7:e3:d5:30:84:
2f:f5:81:a5:a1:9f:27:be:bf:8f:78:91:0c:fe:4e:16:a4:98:
81:c1:3d:92:60:57:c7:d9:2c:98:a1:ba:d5:0f:f9:f4:00:42:
07:32:41:e2:68:3a:f2:5c:b2:50:c2:17:ea:a9:d0:22:47:51:
b9:9a:6d:87:ad:dd:d1:77:4b:21:d7:e3:9b:15:c2:cc:4c:41:
87:0f:b9:35:c2:37:78:78:51:a4:56:e4:e1:26:db:b3:10:02:
32:d1:2f:6d:b0:6d:ad:c4:5a:82:23:3c:f4:b1:93:01:d4:2c:
33:5e:38:67:9c:b5:da:cc:75:0b:2f:10:48:74:80:36:19:be:
dd:04:6a:98:6d:b7:98:dc:24:9d:57:91:91:f6:81:fc:98:16:
04:17:44:43:d6:5c:2c:9e:2f:95:3d:be:44:3a:99:fc:91:9e:
6f:7d:4b:1f:be:13:be:aa:ad:9d:44:0b:69:ac:78:9b:e9:4c:
95:7e:70:cf:cf:ee:c5:f4:4f:a8:3c:6c:58:8d:b6:3a:3b:2a:
ca:1a:9a:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaYILRWvCidUtzvR53Pm9crMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwMjI4MTMwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzlmY2M4ZjBjODExZWNiNzAxZWQzZTg2ODg5ZjY2ZGU0MzU0OGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm6o0A2ndjBebd2+rkH5kwYDrKdH
oGwLw4KQVOC8H5GIZ3pr0bAomrxpqOk3viz0LCMCVe+WCIi7Cc2pxGFgtI+ABdVz
8HpeDb63uSmgTaO3LkvxrjsIH2USWvee7Oom/Mdj96lcMer+fHuUHYqI8XuyHvor
Q7p0gjSFUxyU9sPaEq2Ml6L1AuOCioP17Eu+98CSekCtY+6Sy9ePN58XumUMDmTx
2UjXvudfpm7a6IQAFwlL2Jg3c0F5sRH82rvIWwmbcFJ4yILOVRWgA6Qo0BBfzRXk
BdARuYNB/NhhTntq8rYj+5aTuzR84PefCJvDaGPQVZfkdPh5HBQzNRbEhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPefzI8MgR7LcB7T6GiJ9m3kNUixMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvOTVfTWp3eUJIc3R3SHRQb2FJbjJiZVExU0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYCHMA0G
CSqGSIb3DQEBCwUAA4IBAQBOaR+Rz1u1wNXuIDQpFDWcSt8sc/pOKLgIKvGT85Gq
2bENHU/++Kq+WMwSq5jwE5M49+PVMIQv9YGloZ8nvr+PeJEM/k4WpJiBwT2SYFfH
2SyYobrVD/n0AEIHMkHiaDryXLJQwhfqqdAiR1G5mm2Hrd3Rd0sh1+ObFcLMTEGH
D7k1wjd4eFGkVuThJtuzEAIy0S9tsG2txFqCIzz0sZMB1CwzXjhnnLXazHULLxBI
dIA2Gb7dBGqYbbeY3CSdV5GR9oH8mBYEF0RD1lwsni+VPb5EOpn8kZ5vfUsfvhO+
qq2dRAtprHib6UyVfnDPz+7F9E+oPGxYjbY6OyrKGppk
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:23:19 2025 by rpki-client