Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/0cMUGHESjGK3AagZfwjeVEmgTUM.roa
File: 0cMUGHESjGK3AagZfwjeVEmgTUM.roa (raw, json)
Hash identifier: jwRNWygyZrZ5cOh1DH5NbudrzKiVQkZRD8+5Y8l3nG0=
Subject key identifier: D1:C3:14:18:71:12:8C:62:B7:01:A8:19:7F:08:DE:54:49:A0:4D:43
Certificate issuer: /CN=9d8ada352982a319b54d5e483d34426346733ea4
Certificate serial: 05282E6C
Authority key identifier: 9D:8A:DA:35:29:82:A3:19:B5:4D:5E:48:3D:34:42:63:46:73:3E:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/0cMUGHESjGK3AagZfwjeVEmgTUM.roa
Signing time: Sat 01 Jan 2022 07:59:31 +0000
ROA not before: Sat 01 Jan 2022 07:59:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202862
IP address blocks: 194.146.90.0/23 maxlen: 23
194.146.88.0/22 maxlen: 22
194.146.88.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86519404 (0x5282e6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8ada352982a319b54d5e483d34426346733ea4
Validity
Not Before: Jan 1 07:59:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1c3141871128c62b701a8197f08de5449a04d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:8a:16:38:37:db:f4:0b:a6:40:ec:d5:77:
82:71:7f:a6:25:05:9a:62:7d:7c:73:3e:53:e6:39:
f3:a7:55:c6:c9:4d:d3:42:2b:47:5b:0a:c9:37:18:
99:57:73:f4:24:31:51:71:3b:02:96:61:b0:84:3d:
42:6b:ba:b3:81:1c:e4:07:ab:bc:d4:df:9c:a0:14:
3f:69:aa:38:12:e9:fc:93:c8:4f:e1:56:c5:2a:c6:
18:38:8b:42:e1:58:ed:4f:ec:a9:88:aa:8e:b1:0c:
8a:27:8b:50:2b:48:f1:7e:d4:53:18:b2:a5:60:d6:
ab:0e:6e:98:ff:1f:97:60:a3:89:fa:4b:e7:4e:ef:
d0:ed:de:c3:ce:ff:97:d9:7c:16:a8:6a:10:cf:4c:
55:7b:3f:22:43:a7:67:16:9e:79:90:96:d4:e6:92:
b1:7b:46:ae:9e:38:38:a2:c3:7c:bd:d7:14:ff:71:
d9:d8:55:b6:07:d5:31:b8:6e:5a:f3:70:88:ae:b6:
c5:ad:16:f6:c8:b1:e7:51:32:fe:d9:d1:a0:25:0e:
5a:38:21:e6:cb:2e:de:f3:43:2a:c7:cc:2e:bb:be:
e0:ba:e2:eb:7a:37:7e:ba:78:9c:73:6d:dc:38:69:
2d:94:16:60:f2:78:03:b2:e4:2d:74:cf:1c:c3:83:
34:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C3:14:18:71:12:8C:62:B7:01:A8:19:7F:08:DE:54:49:A0:4D:43
X509v3 Authority Key Identifier:
keyid:9D:8A:DA:35:29:82:A3:19:B5:4D:5E:48:3D:34:42:63:46:73:3E:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/0cMUGHESjGK3AagZfwjeVEmgTUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:85:1f:d2:a1:91:40:dc:4b:3d:14:8c:69:8f:9a:2d:44:61:
46:89:51:12:30:70:f6:b5:fa:fc:44:40:ad:c5:c0:11:9e:93:
ac:55:2d:e7:f2:b3:ae:ab:a0:78:f5:30:82:cc:55:5b:7f:77:
a5:d3:a8:48:15:53:f3:04:de:48:bd:a4:d3:4a:9c:dc:1c:bc:
8b:0f:cc:d5:84:33:af:37:68:0d:74:db:f8:70:55:05:33:e0:
ac:23:53:e7:09:4b:12:07:57:7d:28:ca:ab:98:c7:0f:76:89:
94:1d:57:ec:16:07:06:d5:e5:fa:d7:e8:7d:2c:2e:b0:11:58:
ac:cf:1d:4f:37:b5:c2:08:94:45:e5:0f:dc:15:89:e4:3a:40:
91:92:48:28:6a:f8:f2:f0:06:99:97:4d:5f:4e:7d:cb:36:34:
f0:aa:5b:43:28:b9:5e:6c:81:43:c2:85:63:f8:bd:42:37:b4:
b6:7d:35:e6:2f:6e:31:aa:34:78:74:fc:26:95:a1:68:5c:3b:
43:9e:dd:2d:54:32:81:39:57:eb:dc:77:e6:e5:4f:42:a2:52:
11:e4:ca:42:92:1d:48:d1:17:ab:90:2a:08:ff:84:e1:71:0e:
61:3a:ea:f2:e0:00:9d:0c:0b:75:a3:f3:89:e3:05:8e:f8:a8:
5d:2a:5b:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSgubDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDhhZGEzNTI5ODJhMzE5YjU0ZDVlNDgzZDM0NDI2MzQ2NzMzZWE0MB4XDTIyMDEw
MTA3NTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFjMzE0MTg3MTEy
OGM2MmI3MDFhODE5N2YwOGRlNTQ0OWEwNGQ0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfdihY4N9v0C6ZA7NV3gnF/piUFmmJ9fHM+U+Y586dVxslN
00IrR1sKyTcYmVdz9CQxUXE7ApZhsIQ9Qmu6s4Ec5AervNTfnKAUP2mqOBLp/JPI
T+FWxSrGGDiLQuFY7U/sqYiqjrEMiieLUCtI8X7UUxiypWDWqw5umP8fl2CjifpL
507v0O3ew87/l9l8FqhqEM9MVXs/IkOnZxaeeZCW1OaSsXtGrp44OKLDfL3XFP9x
2dhVtgfVMbhuWvNwiK62xa0W9six51Ey/tnRoCUOWjgh5ssu3vNDKsfMLru+4Lri
63o3frp4nHNt3DhpLZQWYPJ4A7LkLXTPHMODNJMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRwxQYcRKMYrcBqBl/CN5USaBNQzAfBgNVHSMEGDAWgBSdito1KYKjGbVN
Xkg9NEJjRnM+pDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25ZcmFOU21Db3htMVRWNUlQVFJDWTBaelBxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvZjQ4NjNhLWFlYWUtNDJmNy1iYTE0LWVkNGExMzhjNDExMy8x
LzBjTVVHSEVTakdLM0FhZ1pmd2plVkVtZ1RVTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
ZjQ4NjNhLWFlYWUtNDJmNy1iYTE0LWVkNGExMzhjNDExMy8xL25ZcmFOU21Db3ht
MVRWNUlQVFJDWTBaelBxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsKSWDANBgkqhkiG9w0BAQsFAAOC
AQEAnoUf0qGRQNxLPRSMaY+aLURhRolREjBw9rX6/ERArcXAEZ6TrFUt5/Kzrqug
ePUwgsxVW393pdOoSBVT8wTeSL2k00qc3By8iw/M1YQzrzdoDXTb+HBVBTPgrCNT
5wlLEgdXfSjKq5jHD3aJlB1X7BYHBtXl+tfofSwusBFYrM8dTze1wgiUReUP3BWJ
5DpAkZJIKGr48vAGmZdNX059yzY08KpbQyi5XmyBQ8KFY/i9Qje0tn015i9uMao0
eHT8JpWhaFw7Q57dLVQygTlX69x35uVPQqJSEeTKQpIdSNEXq5AqCP+E4XEOYTrq
8uAAnQwLdaPzieMFjvioXSpbPw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:12:55 2025 by rpki-client