Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/MKT11H45S6y3Ss9qaID3R7uX5fo.roa
File: MKT11H45S6y3Ss9qaID3R7uX5fo.roa (raw, json)
Hash identifier: 17hcik7fAko3OD+KOfX+prqx82H9G/9jc3cCN97ODus=
Subject key identifier: 30:A4:F5:D4:7E:39:4B:AC:B7:4A:CF:6A:68:80:F7:47:BB:97:E5:FA
Certificate issuer: /CN=93b91eefa6d8046d918e364045604952640bc15d
Certificate serial: 01856B00B5A3D6170D0C86A7EBD49E9380EA
Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/MKT11H45S6y3Ss9qaID3R7uX5fo.roa
Signing time: Sun 01 Jan 2023 01:44:46 +0000
ROA not before: Sun 01 Jan 2023 01:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208017
IP address blocks: 139.28.158.0/23 maxlen: 23
139.28.156.0/24 maxlen: 24
139.28.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:b5:a3:d6:17:0d:0c:86:a7:eb:d4:9e:93:80:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d
Validity
Not Before: Jan 1 01:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a4f5d47e394bacb74acf6a6880f747bb97e5fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:91:34:60:b9:48:0a:02:9b:bf:46:fd:ba:
3f:61:69:69:26:f7:e5:25:dd:a0:71:61:bc:33:f3:
bf:c7:f4:34:51:3d:f0:14:8d:19:c9:3d:70:44:57:
59:24:2f:b3:5a:1b:3a:5a:97:bb:26:23:b3:2d:c1:
a0:a1:31:5d:3e:d7:27:61:90:d7:e3:8a:13:1d:c5:
af:8e:c7:e3:8c:8e:dd:74:8f:ac:f5:a6:6a:d3:73:
85:be:23:ea:71:ea:fd:e4:ba:09:0a:d9:a6:b9:d7:
b0:63:3b:44:82:d2:33:f3:68:35:2c:1a:93:a1:82:
2a:24:b3:cd:41:9a:83:aa:c6:75:48:b6:b4:08:aa:
1e:00:6e:86:c2:9e:d3:37:58:59:73:3f:7b:2c:2a:
35:56:18:33:29:d7:b2:3f:22:34:4d:d3:61:1f:63:
1f:0d:90:b9:f2:c3:2e:33:84:15:bd:65:90:30:db:
e0:ce:2c:93:95:bd:e9:9c:05:f7:fe:a8:61:01:8a:
ba:c0:ac:49:a7:c8:cd:28:db:41:f9:9b:81:02:5d:
4c:6a:3f:bf:68:1d:42:fd:06:3c:8c:13:d0:24:83:
6c:59:46:1d:90:76:8f:67:5d:45:b6:28:6c:9f:ad:
ac:76:d2:6a:e6:a5:73:46:53:e9:7c:cc:62:f2:cd:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A4:F5:D4:7E:39:4B:AC:B7:4A:CF:6A:68:80:F7:47:BB:97:E5:FA
X509v3 Authority Key Identifier:
keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/MKT11H45S6y3Ss9qaID3R7uX5fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.156.0/22
Signature Algorithm: sha256WithRSAEncryption
57:a7:96:97:b3:2b:3e:b5:20:e0:1a:65:99:9f:87:4a:47:d8:
2f:d8:fa:4b:7d:a7:ec:05:c6:a3:bc:32:f0:c7:5a:c3:09:60:
ee:ff:51:03:4f:ab:13:6f:d4:8b:e3:cd:2e:bf:f0:85:a7:e5:
26:6f:b3:19:7e:a4:48:f3:04:29:ba:2a:fd:c0:a4:25:f0:5a:
f5:5b:0b:66:46:5d:bd:c7:0c:d2:ba:05:80:6b:1f:e8:18:a2:
53:73:11:66:eb:b9:48:3a:d4:64:fc:0f:66:62:70:f3:ce:cc:
1f:d4:c7:8f:e7:f5:c9:84:9d:9b:a5:d6:59:1c:2d:a2:6e:6f:
f7:ca:18:f9:ba:0b:30:5c:d9:fe:4e:28:4c:c9:fb:09:1b:b7:
50:61:29:8f:d9:5a:8d:39:2a:98:20:b2:9e:45:25:b2:4f:1f:
59:da:7f:7b:81:58:2d:bf:24:a2:a8:47:c5:8e:72:69:37:35:
92:80:51:47:be:fa:6d:be:50:0a:7e:0c:e4:a5:5c:c6:41:14:
80:1d:eb:01:3f:2e:1b:d9:34:a5:73:02:97:13:35:8b:e0:ec:
bc:1b:9c:d6:c5:af:d4:a4:98:2b:14:46:63:1e:2b:4d:fd:0f:
5c:98:36:4c:51:43:68:7d:ab:1a:59:f9:ef:a1:d3:a3:77:8f:
88:54:8d:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrALWj1hcNDIan69Sek4DqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw
YmMxNWQwHhcNMjMwMTAxMDE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE0ZjVkNDdlMzk0YmFjYjc0YWNmNmE2ODgwZjc0N2JiOTdlNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhmRNGC5SAoCm79G/bo/YWlpJvfl
Jd2gcWG8M/O/x/Q0UT3wFI0ZyT1wRFdZJC+zWhs6Wpe7JiOzLcGgoTFdPtcnYZDX
44oTHcWvjsfjjI7ddI+s9aZq03OFviPqcer95LoJCtmmudewYztEgtIz82g1LBqT
oYIqJLPNQZqDqsZ1SLa0CKoeAG6Gwp7TN1hZcz97LCo1VhgzKdeyPyI0TdNhH2Mf
DZC58sMuM4QVvWWQMNvgziyTlb3pnAX3/qhhAYq6wKxJp8jNKNtB+ZuBAl1Maj+/
aB1C/QY8jBPQJINsWUYdkHaPZ11Ftihsn62sdtJq5qVzRlPpfMxi8s2IOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCk9dR+OUust0rPamiA90e7l+X6MB8GA1UdIwQY
MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt
MzU4NmFhZTEzZGE3LzEvTUtUMTFINDVTNnkzU3M5cWFJRDNSN3VYNWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3
LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixycMA0G
CSqGSIb3DQEBCwUAA4IBAQBXp5aXsys+tSDgGmWZn4dKR9gv2PpLfafsBcajvDLw
x1rDCWDu/1EDT6sTb9SL480uv/CFp+Umb7MZfqRI8wQpuir9wKQl8Fr1WwtmRl29
xwzSugWAax/oGKJTcxFm67lIOtRk/A9mYnDzzswf1MeP5/XJhJ2bpdZZHC2ibm/3
yhj5ugswXNn+TihMyfsJG7dQYSmP2VqNOSqYILKeRSWyTx9Z2n97gVgtvySiqEfF
jnJpNzWSgFFHvvptvlAKfgzkpVzGQRSAHesBPy4b2TSlcwKXEzWL4Oy8G5zWxa/U
pJgrFEZjHitN/Q9cmDZMUUNofasaWfnvodOjd4+IVI14
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:40 2025 by rpki-client