Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/MqfBEzuvi0_Rwd-e4sAg7qJawEw.roa
File: MqfBEzuvi0_Rwd-e4sAg7qJawEw.roa (raw, json)
Hash identifier: A5lpKsNP8cbRLDYfvSAKHtNVKjD1r5ifugnQZ7y7UsE=
Subject key identifier: 32:A7:C1:13:3B:AF:8B:4F:D1:C1:DF:9E:E2:C0:20:EE:A2:5A:C0:4C
Certificate issuer: /CN=b425771f992fd74dfb0736e695aeb59c6af67e93
Certificate serial: 018B27D02B19FBD1C95D63058D69074ECD76
Authority key identifier: B4:25:77:1F:99:2F:D7:4D:FB:07:36:E6:95:AE:B5:9C:6A:F6:7E:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCV3H5kv1037Bzbmla61nGr2fpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/MqfBEzuvi0_Rwd-e4sAg7qJawEw.roa
Signing time: Fri 13 Oct 2023 06:53:55 +0000
ROA not before: Fri 13 Oct 2023 06:53:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51438
IP address blocks: 194.77.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:d0:2b:19:fb:d1:c9:5d:63:05:8d:69:07:4e:cd:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b425771f992fd74dfb0736e695aeb59c6af67e93
Validity
Not Before: Oct 13 06:53:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32a7c1133baf8b4fd1c1df9ee2c020eea25ac04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9c:17:98:58:5a:63:d0:25:a8:0c:7f:d9:09:
54:59:b7:1e:aa:be:48:1a:88:5a:b7:2e:e3:a4:8a:
f4:c3:fa:89:4e:0d:a8:45:be:2c:d3:01:6b:a1:c9:
3c:ef:65:b1:f9:a9:25:e5:9f:57:3d:bc:96:da:00:
23:ad:ca:dd:d3:01:a3:40:e5:bb:76:52:15:e5:b5:
3b:32:11:6e:eb:e4:68:c4:f5:fc:04:ed:8e:23:a5:
04:69:e4:5d:0a:82:12:20:a1:ce:68:10:d1:ba:a2:
5b:3a:f0:4a:c5:b6:bb:63:16:7f:9f:23:7e:db:d1:
ab:22:45:9c:a4:b2:23:df:55:93:d7:5b:5c:d4:31:
59:d8:23:0a:33:5e:84:61:41:f0:c0:1a:a7:58:7c:
88:dc:4b:2c:cd:6e:45:93:b7:e3:d6:55:80:40:07:
b9:35:8e:20:38:0b:a0:f8:98:10:33:0d:e5:37:39:
07:71:32:54:9b:46:69:7d:75:f0:4f:49:28:e4:0f:
ac:a9:41:a9:3c:9b:35:d6:9e:ca:cc:4d:1f:65:5a:
2e:2e:4c:d6:cb:cd:67:9b:a2:b2:aa:76:4e:a7:97:
23:1b:d8:19:7b:74:e2:8d:69:23:a7:64:f2:18:67:
17:1f:03:fe:cd:0d:4a:48:24:12:9e:e1:6d:08:49:
18:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A7:C1:13:3B:AF:8B:4F:D1:C1:DF:9E:E2:C0:20:EE:A2:5A:C0:4C
X509v3 Authority Key Identifier:
keyid:B4:25:77:1F:99:2F:D7:4D:FB:07:36:E6:95:AE:B5:9C:6A:F6:7E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCV3H5kv1037Bzbmla61nGr2fpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/MqfBEzuvi0_Rwd-e4sAg7qJawEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/tCV3H5kv1037Bzbmla61nGr2fpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.77.158.0/24
Signature Algorithm: sha256WithRSAEncryption
23:a6:85:eb:30:03:ed:86:fd:a2:de:78:db:82:a1:0e:17:8d:
15:ee:db:c8:a2:67:41:96:1b:30:78:24:0c:f9:c3:c6:f0:d5:
c3:57:ab:28:00:e6:ab:14:1b:03:2a:b5:30:6e:d1:7f:5f:22:
9e:9a:e7:3f:3f:95:0e:6c:b5:13:fe:8c:0f:4a:b2:c4:b1:5c:
68:cf:e9:be:64:bf:a2:9b:62:2a:5a:95:1d:66:fc:7f:b8:48:
2b:55:11:4a:58:53:a2:37:d6:67:88:c5:6d:26:2c:ce:77:4e:
84:c2:3d:9e:5b:70:8a:da:14:66:7c:60:08:56:9e:00:4b:4e:
cd:49:8d:0a:2a:11:65:d3:ce:5d:d0:4b:92:ac:b2:6f:20:dd:
79:64:9f:71:f5:fa:bb:e0:a7:7d:28:63:da:a7:99:76:d2:8f:
21:9f:e9:1b:f6:28:f9:80:4c:28:4d:ce:09:d4:6e:03:ea:34:
af:3f:cd:6b:3e:97:fe:49:a2:40:c0:4d:fa:fe:c4:f0:d7:f2:
20:1e:35:c7:cc:ce:43:0c:95:3c:ca:94:2c:52:de:da:22:57:
9d:b8:f2:e9:b8:86:f9:8c:8c:f8:9f:1e:f7:ee:44:ad:06:19:
5b:ae:c7:a8:cb:64:7e:48:92:4d:79:af:12:86:22:03:6c:37:
9e:9f:fa:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsn0CsZ+9HJXWMFjWkHTs12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjU3NzFmOTkyZmQ3NGRmYjA3MzZlNjk1YWViNTljNmFm
NjdlOTMwHhcNMjMxMDEzMDY1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmE3YzExMzNiYWY4YjRmZDFjMWRmOWVlMmMwMjBlZWEyNWFjMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5wXmFhaY9AlqAx/2QlUWbceqr5I
Gohaty7jpIr0w/qJTg2oRb4s0wFrock872Wx+akl5Z9XPbyW2gAjrcrd0wGjQOW7
dlIV5bU7MhFu6+RoxPX8BO2OI6UEaeRdCoISIKHOaBDRuqJbOvBKxba7YxZ/nyN+
29GrIkWcpLIj31WT11tc1DFZ2CMKM16EYUHwwBqnWHyI3EsszW5Fk7fj1lWAQAe5
NY4gOAug+JgQMw3lNzkHcTJUm0ZpfXXwT0ko5A+sqUGpPJs11p7KzE0fZVouLkzW
y81nm6KyqnZOp5cjG9gZe3TijWkjp2TyGGcXHwP+zQ1KSCQSnuFtCEkYDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKnwRM7r4tP0cHfnuLAIO6iWsBMMB8GA1UdIwQY
MBaAFLQldx+ZL9dN+wc25pWutZxq9n6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENWM0g1a3YxMDM3QnpibWxhNjFuR3IyZnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9lOGY5NWQtYWQzOC00YjVjLWIwOTAt
OGE4NTY0YmEzYzhjLzEvTXFmQkV6dXZpMF9Sd2QtZTRzQWc3cUphd0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9lOGY5NWQtYWQzOC00YjVjLWIwOTAtOGE4NTY0YmEzYzhj
LzEvdENWM0g1a3YxMDM3QnpibWxhNjFuR3IyZnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwk2eMA0G
CSqGSIb3DQEBCwUAA4IBAQAjpoXrMAPthv2i3njbgqEOF40V7tvIomdBlhsweCQM
+cPG8NXDV6soAOarFBsDKrUwbtF/XyKemuc/P5UObLUT/owPSrLEsVxoz+m+ZL+i
m2IqWpUdZvx/uEgrVRFKWFOiN9ZniMVtJizOd06Ewj2eW3CK2hRmfGAIVp4AS07N
SY0KKhFl085d0EuSrLJvIN15ZJ9x9fq74Kd9KGPap5l20o8hn+kb9ij5gEwoTc4J
1G4D6jSvP81rPpf+SaJAwE36/sTw1/IgHjXHzM5DDJU8ypQsUt7aIleduPLpuIb5
jIz4nx737kStBhlbrseoy2R+SJJNea8ShiIDbDeen/pH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:56 2025 by rpki-client