Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c5a848-260d-4ad0-aef3-d7b2c93442d3/1/mBvR49zVeK4vK7xVNyWL7M1gW8g.roa
File: mBvR49zVeK4vK7xVNyWL7M1gW8g.roa (raw, json)
Hash identifier: OfRCtDMvi8AdmCmU8+M/WbXjWPBW8hL7V4zI5E9Su18=
Subject key identifier: 98:1B:D1:E3:DC:D5:78:AE:2F:2B:BC:55:37:25:8B:EC:CD:60:5B:C8
Certificate issuer: /CN=371fb85d4f808cb1607a2be4f4a798ca3ead3810
Certificate serial: 018570796C16048A57EF89EDF4A910E7E11F
Authority key identifier: 37:1F:B8:5D:4F:80:8C:B1:60:7A:2B:E4:F4:A7:98:CA:3E:AD:38:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nx-4XU-AjLFgeivk9KeYyj6tOBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c5a848-260d-4ad0-aef3-d7b2c93442d3/1/mBvR49zVeK4vK7xVNyWL7M1gW8g.roa
Signing time: Mon 02 Jan 2023 03:14:43 +0000
ROA not before: Mon 02 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6776
IP address blocks: 193.247.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6c:16:04:8a:57:ef:89:ed:f4:a9:10:e7:e1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=371fb85d4f808cb1607a2be4f4a798ca3ead3810
Validity
Not Before: Jan 2 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981bd1e3dcd578ae2f2bbc5537258beccd605bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f5:69:db:d2:fb:1b:4b:98:f3:88:5d:77:b2:
98:8c:25:5a:29:32:5a:de:e1:85:3a:a6:88:cb:6b:
e4:6a:80:a3:b6:65:e8:dd:df:b6:cb:bc:bb:8f:65:
7c:15:e7:d3:eb:8a:d2:44:49:81:25:3b:84:96:f6:
9a:ec:cc:d7:b7:dc:a8:52:99:8e:c6:e0:15:8e:dd:
16:1e:38:71:b2:e4:de:71:dd:73:57:5c:6f:6d:47:
85:79:f3:a1:55:67:8a:76:b8:fc:61:6a:57:8b:3d:
b8:c5:2d:3c:46:a7:ff:93:63:4a:0e:91:a0:44:ea:
13:cb:0e:07:42:f6:cc:93:66:b0:6a:e6:42:d3:bd:
35:ee:45:33:c5:7e:ac:16:e0:93:d7:f7:45:3e:18:
2e:46:62:2a:3a:34:ed:9e:cf:8d:67:1c:69:50:26:
a6:c8:dc:8c:17:8c:9a:16:52:37:3d:11:14:26:2e:
38:ac:c6:0d:ee:ac:53:4e:67:26:a9:36:97:67:f7:
06:d8:fb:2b:77:09:42:8e:58:5a:dd:a2:47:15:20:
57:e0:5d:b3:e0:37:11:59:c4:84:0e:f1:06:45:fa:
bd:2d:2c:de:59:88:f1:3e:50:52:2a:ac:4d:ab:32:
84:1b:b2:0c:14:a9:48:00:e9:99:5e:c5:32:cf:cf:
11:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1B:D1:E3:DC:D5:78:AE:2F:2B:BC:55:37:25:8B:EC:CD:60:5B:C8
X509v3 Authority Key Identifier:
keyid:37:1F:B8:5D:4F:80:8C:B1:60:7A:2B:E4:F4:A7:98:CA:3E:AD:38:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nx-4XU-AjLFgeivk9KeYyj6tOBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c5a848-260d-4ad0-aef3-d7b2c93442d3/1/mBvR49zVeK4vK7xVNyWL7M1gW8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c5a848-260d-4ad0-aef3-d7b2c93442d3/1/Nx-4XU-AjLFgeivk9KeYyj6tOBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.150.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a2:86:8c:c5:41:73:88:ca:66:35:51:45:ce:cd:5c:32:f7:
1e:61:61:11:38:45:21:f5:1d:69:a1:00:d4:71:25:b6:d1:31:
cf:93:75:e5:06:39:0e:07:c8:31:fa:4b:eb:89:2d:1f:46:4c:
4d:29:02:d6:c8:03:06:9c:fd:16:16:71:51:57:38:58:c1:a4:
c3:a3:5d:27:1d:b5:10:02:f9:29:c1:cc:d7:7b:5a:44:6d:83:
f5:f7:f8:30:75:b5:fa:82:90:ca:99:71:2d:d2:d0:2e:df:f8:
ed:03:10:b2:ff:d4:0b:9c:97:00:b6:36:46:dc:8d:41:cc:01:
63:b3:f7:1b:b0:c9:e1:7c:17:53:f5:6f:6a:cb:b8:9b:f9:af:
19:79:8c:1c:b5:18:32:d6:b4:89:be:9d:b9:f5:3d:89:b6:ae:
59:12:85:e6:1c:a5:ca:d4:31:7a:e8:2d:eb:ae:24:7d:2f:6b:
cb:bc:db:38:6f:d1:0f:e1:a7:b6:66:2d:1a:b3:7c:e1:50:0a:
69:ce:3b:f9:70:25:92:7b:8c:14:12:4e:73:3f:a3:51:e4:6c:
07:7e:ae:51:f4:19:fb:fb:5b:95:dc:d7:7d:0c:9c:66:4f:f4:
5b:a6:32:c8:1e:7a:81:a5:a0:47:59:f1:40:18:13:5f:77:76:
91:64:4c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweWwWBIpX74nt9KkQ5+EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MWZiODVkNGY4MDhjYjE2MDdhMmJlNGY0YTc5OGNhM2Vh
ZDM4MTAwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFiZDFlM2RjZDU3OGFlMmYyYmJjNTUzNzI1OGJlY2NkNjA1YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovVp29L7G0uY84hdd7KYjCVaKTJa
3uGFOqaIy2vkaoCjtmXo3d+2y7y7j2V8FefT64rSREmBJTuElvaa7MzXt9yoUpmO
xuAVjt0WHjhxsuTecd1zV1xvbUeFefOhVWeKdrj8YWpXiz24xS08Rqf/k2NKDpGg
ROoTyw4HQvbMk2awauZC07017kUzxX6sFuCT1/dFPhguRmIqOjTtns+NZxxpUCam
yNyMF4yaFlI3PREUJi44rMYN7qxTTmcmqTaXZ/cG2PsrdwlCjlha3aJHFSBX4F2z
4DcRWcSEDvEGRfq9LSzeWYjxPlBSKqxNqzKEG7IMFKlIAOmZXsUyz88RBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgb0ePc1XiuLyu8VTcli+zNYFvIMB8GA1UdIwQY
MBaAFDcfuF1PgIyxYHor5PSnmMo+rTgQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTngtNFhVLUFqTEZnZWl2azlLZVl5ajZ0T0JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jNWE4NDgtMjYwZC00YWQwLWFlZjMt
ZDdiMmM5MzQ0MmQzLzEvbUJ2UjQ5elZlSzR2Szd4Vk55V0w3TTFnVzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jNWE4NDgtMjYwZC00YWQwLWFlZjMtZDdiMmM5MzQ0MmQz
LzEvTngtNFhVLUFqTEZnZWl2azlLZVl5ajZ0T0JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfeWMA0G
CSqGSIb3DQEBCwUAA4IBAQBKooaMxUFziMpmNVFFzs1cMvceYWEROEUh9R1poQDU
cSW20THPk3XlBjkOB8gx+kvriS0fRkxNKQLWyAMGnP0WFnFRVzhYwaTDo10nHbUQ
AvkpwczXe1pEbYP19/gwdbX6gpDKmXEt0tAu3/jtAxCy/9QLnJcAtjZG3I1BzAFj
s/cbsMnhfBdT9W9qy7ib+a8ZeYwctRgy1rSJvp259T2Jtq5ZEoXmHKXK1DF66C3r
riR9L2vLvNs4b9EP4ae2Zi0as3zhUAppzjv5cCWSe4wUEk5zP6NR5GwHfq5R9Bn7
+1uV3Nd9DJxmT/RbpjLIHnqBpaBHWfFAGBNfd3aRZEwJ
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:42 2025 by rpki-client