Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/mZNlDlQdpBaAX7h5MV9VBfvyexY.roa
File: mZNlDlQdpBaAX7h5MV9VBfvyexY.roa (raw, json)
Hash identifier: 3AL5IC/4FnY4/x2te1fpu9g4KUJO1ET97Lrp3XOvZ2U=
Subject key identifier: 99:93:65:0E:54:1D:A4:16:80:5F:B8:79:31:5F:55:05:FB:F2:7B:16
Certificate issuer: /CN=1ab70e3488dc831d45a75744e2f8bba267fd31d6
Certificate serial: 01856F429845DA7C940608F870C0E2B4E2DB
Authority key identifier: 1A:B7:0E:34:88:DC:83:1D:45:A7:57:44:E2:F8:BB:A2:67:FD:31:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrcONIjcgx1Fp1dE4vi7omf9MdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/mZNlDlQdpBaAX7h5MV9VBfvyexY.roa
Signing time: Sun 01 Jan 2023 21:35:13 +0000
ROA not before: Sun 01 Jan 2023 21:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198463
IP address blocks: 185.117.104.0/22 maxlen: 24
2a06:8400::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:98:45:da:7c:94:06:08:f8:70:c0:e2:b4:e2:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab70e3488dc831d45a75744e2f8bba267fd31d6
Validity
Not Before: Jan 1 21:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9993650e541da416805fb879315f5505fbf27b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:66:91:6d:8a:29:38:78:77:c1:b3:76:be:08:
26:be:dd:36:8a:07:88:11:e7:0d:d9:bf:4d:11:66:
0a:74:30:66:5e:15:f9:71:d8:69:3c:b8:b9:b1:25:
a3:d9:5e:b9:f9:f2:cc:e0:bf:e7:16:69:d8:50:36:
4e:28:6d:21:d9:de:c9:bb:b5:4d:a8:e3:7a:90:2b:
fc:7d:bf:83:0a:16:75:86:f5:ec:09:80:f7:b6:44:
80:94:da:2a:48:df:80:e1:71:83:d7:5f:c4:5f:1f:
91:1d:8b:3f:21:b1:f6:f4:23:23:c9:eb:4b:2d:13:
b4:62:3e:97:73:1a:2f:87:a2:49:8e:ff:21:d1:4d:
af:89:e7:1c:40:45:79:a8:8f:13:af:7f:e2:5b:22:
b1:d5:ab:a1:fa:1a:96:be:11:26:44:9b:d3:d5:5d:
6f:45:b3:ca:66:a9:ca:55:ff:8a:db:e4:db:f5:c2:
3b:ad:a0:66:d5:39:3b:1b:80:65:32:51:3f:3e:0f:
c7:51:56:ee:8c:e2:73:2c:da:90:97:79:54:50:12:
d2:17:cf:ae:50:18:dd:52:d7:84:6b:00:93:d7:74:
32:3c:ce:7a:27:89:02:6f:a6:3c:7b:6d:4a:15:4e:
0b:38:f7:6c:ba:41:91:d8:a9:62:34:eb:1a:4b:bd:
c1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:93:65:0E:54:1D:A4:16:80:5F:B8:79:31:5F:55:05:FB:F2:7B:16
X509v3 Authority Key Identifier:
keyid:1A:B7:0E:34:88:DC:83:1D:45:A7:57:44:E2:F8:BB:A2:67:FD:31:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrcONIjcgx1Fp1dE4vi7omf9MdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/mZNlDlQdpBaAX7h5MV9VBfvyexY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/GrcONIjcgx1Fp1dE4vi7omf9MdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.104.0/22
IPv6:
2a06:8400::/29
Signature Algorithm: sha256WithRSAEncryption
1b:9d:ec:06:1c:90:80:a3:a0:6a:ec:86:6a:8a:e3:1b:13:3a:
d1:45:80:18:9a:36:54:95:32:a3:7d:97:da:aa:29:a6:c3:5a:
97:94:50:88:3c:fe:33:f4:8e:98:65:d9:b0:a4:31:8a:ac:3a:
e9:cd:3b:26:40:ad:82:db:3d:c5:34:6e:03:19:f2:71:bb:c8:
e0:05:5b:77:5d:82:18:ab:bd:38:fc:e8:99:78:d4:9f:19:92:
9a:95:cb:dd:7c:de:07:d5:49:11:a7:44:37:47:7c:79:b4:9b:
bf:46:a1:cc:0e:26:ba:54:1b:5d:b8:1b:dd:32:d2:84:3d:db:
a0:f9:f9:8f:a3:14:09:59:d4:62:90:50:3d:3f:2c:fc:e3:d3:
e9:b6:c8:d7:a7:2a:76:f4:02:8d:22:a4:5a:74:60:dd:f8:1d:
94:2f:cf:07:9d:a7:69:5d:50:37:53:ba:4f:ef:01:b4:11:e5:
c7:54:c9:fd:e9:60:e0:32:bb:5d:f8:2f:ba:6c:2d:31:16:1a:
ab:e6:82:f5:f5:08:d7:3e:eb:ad:97:bd:29:02:7d:c6:a3:e7:
37:f3:7c:a5:b3:db:c6:95:72:31:68:d0:1a:5f:10:1e:d1:45:
38:8d:fc:a1:53:32:db:a1:21:9f:e1:49:c2:76:4a:3c:b5:ae:
1f:5c:e0:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQphF2nyUBgj4cMDitOLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjcwZTM0ODhkYzgzMWQ0NWE3NTc0NGUyZjhiYmEyNjdm
ZDMxZDYwHhcNMjMwMTAxMjEzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTkzNjUwZTU0MWRhNDE2ODA1ZmI4NzkzMTVmNTUwNWZiZjI3YjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGaRbYopOHh3wbN2vggmvt02igeI
EecN2b9NEWYKdDBmXhX5cdhpPLi5sSWj2V65+fLM4L/nFmnYUDZOKG0h2d7Ju7VN
qON6kCv8fb+DChZ1hvXsCYD3tkSAlNoqSN+A4XGD11/EXx+RHYs/IbH29CMjyetL
LRO0Yj6Xcxovh6JJjv8h0U2vieccQEV5qI8Tr3/iWyKx1auh+hqWvhEmRJvT1V1v
RbPKZqnKVf+K2+Tb9cI7raBm1Tk7G4BlMlE/Pg/HUVbujOJzLNqQl3lUUBLSF8+u
UBjdUteEawCT13QyPM56J4kCb6Y8e21KFU4LOPdsukGR2KliNOsaS73BbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJmTZQ5UHaQWgF+4eTFfVQX78nsWMB8GA1UdIwQY
MBaAFBq3DjSI3IMdRadXROL4u6Jn/THWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JjT05JamNneDFGcDFkRTR2aTdvbWY5TWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hYjkwMTItYmZhZS00NzI5LWI5OTMt
MDk3MzNjYjAyNjllLzEvbVpObERsUWRwQmFBWDdoNU1WOVZCZnZ5ZXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hYjkwMTItYmZhZS00NzI5LWI5OTMtMDk3MzNjYjAyNjll
LzEvR3JjT05JamNneDFGcDFkRTR2aTdvbWY5TWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXVoMA0E
AgACMAcDBQMqBoQAMA0GCSqGSIb3DQEBCwUAA4IBAQAbnewGHJCAo6Bq7IZqiuMb
EzrRRYAYmjZUlTKjfZfaqimmw1qXlFCIPP4z9I6YZdmwpDGKrDrpzTsmQK2C2z3F
NG4DGfJxu8jgBVt3XYIYq704/OiZeNSfGZKalcvdfN4H1UkRp0Q3R3x5tJu/RqHM
Dia6VBtduBvdMtKEPdug+fmPoxQJWdRikFA9Pyz849PptsjXpyp29AKNIqRadGDd
+B2UL88HnadpXVA3U7pP7wG0EeXHVMn96WDgMrtd+C+6bC0xFhqr5oL19QjXPuut
l70pAn3Go+c383yls9vGlXIxaNAaXxAe0UU4jfyhUzLboSGf4UnCdko8ta4fXOBT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:23 2025 by rpki-client