Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/MnCUq4_I5Lx41BKoyQnVNU4GQxU.roa
File: MnCUq4_I5Lx41BKoyQnVNU4GQxU.roa (raw, json)
Hash identifier: EPI2svX7fYEGsmhbssJRgx8BMioqIxqBqkbxZUe1uLY=
Subject key identifier: 32:70:94:AB:8F:C8:E4:BC:78:D4:12:A8:C9:09:D5:35:4E:06:43:15
Certificate issuer: /CN=bbfa427d42023afda888e8415f4edcf7b7df1b05
Certificate serial: 01886C10DD748459B62CE400ED6D5B1612CC
Authority key identifier: BB:FA:42:7D:42:02:3A:FD:A8:88:E8:41:5F:4E:DC:F7:B7:DF:1B:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_pCfUICOv2oiOhBX07c97ffGwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/MnCUq4_I5Lx41BKoyQnVNU4GQxU.roa
Signing time: Tue 30 May 2023 09:50:24 +0000
ROA not before: Tue 30 May 2023 09:50:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205278
IP address blocks: 195.8.107.0/24 maxlen: 24
2a12:e3c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6c:10:dd:74:84:59:b6:2c:e4:00:ed:6d:5b:16:12:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbfa427d42023afda888e8415f4edcf7b7df1b05
Validity
Not Before: May 30 09:50:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=327094ab8fc8e4bc78d412a8c909d5354e064315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:13:a2:24:28:2b:13:80:e4:40:b6:9e:6a:f6:
df:4f:51:98:41:22:0f:6e:1d:9d:06:ca:64:d5:c1:
bf:f8:f1:01:89:6b:de:f0:46:8a:14:d2:36:7c:cf:
2a:48:23:de:bf:62:d6:e3:e0:9b:58:40:ca:a5:9d:
3d:3a:de:ff:b7:79:e1:60:b3:62:5d:16:78:06:21:
25:c7:c8:51:60:01:6b:69:c4:c4:e4:62:d2:74:a1:
95:32:65:22:84:8e:ec:6e:92:ad:05:99:3d:87:63:
80:95:89:8e:2b:04:36:17:c9:2c:00:75:97:ec:67:
47:8d:fc:d8:bd:c8:05:d1:92:b0:8b:69:77:20:38:
a9:0e:9c:0d:eb:67:9e:d0:95:69:cb:16:86:4f:92:
3c:df:3c:0a:31:80:4c:46:44:71:aa:8a:09:29:d2:
64:e8:92:4f:f2:6b:25:fc:58:58:1c:a2:c7:6a:03:
1f:3a:e5:9b:7e:e4:9e:51:97:9a:13:b5:2d:b7:98:
32:53:f7:c1:7a:fd:5b:09:72:af:ea:4f:82:28:66:
18:13:b9:05:2e:62:20:69:6c:b4:d0:98:ed:52:b3:
a9:fe:53:b1:0b:58:9a:2e:14:cf:91:c0:41:af:8b:
5c:cf:16:8e:ae:cc:a5:1d:97:a4:64:55:ad:1e:58:
8e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:70:94:AB:8F:C8:E4:BC:78:D4:12:A8:C9:09:D5:35:4E:06:43:15
X509v3 Authority Key Identifier:
keyid:BB:FA:42:7D:42:02:3A:FD:A8:88:E8:41:5F:4E:DC:F7:B7:DF:1B:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_pCfUICOv2oiOhBX07c97ffGwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/MnCUq4_I5Lx41BKoyQnVNU4GQxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.107.0/24
IPv6:
2a12:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:a4:7b:3d:e0:18:f3:e0:e5:e4:8d:78:77:4b:2c:cf:79:02:
ca:fb:27:1c:34:88:7a:be:98:da:78:85:f4:cb:92:09:42:65:
69:df:25:82:38:92:60:07:8f:97:53:65:44:26:d2:25:83:39:
da:db:5a:08:3f:63:b7:05:59:6e:04:c1:a0:64:fe:6a:bb:91:
05:3c:fd:64:54:37:c7:43:a3:ea:74:b5:b7:94:2a:51:40:26:
84:d1:36:b4:73:3f:ec:8b:14:bd:65:04:55:b2:47:71:03:9d:
54:e6:8e:b7:04:2c:f5:18:47:2b:d9:75:46:26:9b:5b:cd:a9:
ad:16:5e:cb:00:6c:f5:99:23:ef:fa:a9:96:c8:06:07:b0:4b:
aa:6e:79:83:8a:39:8b:0c:c2:0b:16:81:cf:9d:84:ed:12:7b:
7c:36:18:b5:ca:4a:da:7b:86:f7:9b:24:7e:0b:05:cc:9d:92:
02:ef:6c:62:20:39:69:bf:73:0d:26:dd:9c:21:99:66:af:e2:
a1:63:c2:3b:a9:5a:24:be:86:d2:05:9f:ca:ca:70:02:e4:b3:
5a:ba:5d:c9:c1:07:fc:73:59:b0:4b:67:f5:62:33:0d:70:57:
f7:e3:99:f0:1e:5d:11:ef:5e:1f:c5:9d:6c:67:b5:ae:b9:c5:
74:ee:53:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhsEN10hFm2LOQA7W1bFhLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmE0MjdkNDIwMjNhZmRhODg4ZTg0MTVmNGVkY2Y3Yjdk
ZjFiMDUwHhcNMjMwNTMwMDk1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjcwOTRhYjhmYzhlNGJjNzhkNDEyYThjOTA5ZDUzNTRlMDY0MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhOiJCgrE4DkQLaeavbfT1GYQSIP
bh2dBspk1cG/+PEBiWve8EaKFNI2fM8qSCPev2LW4+CbWEDKpZ09Ot7/t3nhYLNi
XRZ4BiElx8hRYAFracTE5GLSdKGVMmUihI7sbpKtBZk9h2OAlYmOKwQ2F8ksAHWX
7GdHjfzYvcgF0ZKwi2l3IDipDpwN62ee0JVpyxaGT5I83zwKMYBMRkRxqooJKdJk
6JJP8msl/FhYHKLHagMfOuWbfuSeUZeaE7Utt5gyU/fBev1bCXKv6k+CKGYYE7kF
LmIgaWy00JjtUrOp/lOxC1iaLhTPkcBBr4tczxaOrsylHZekZFWtHliOhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDJwlKuPyOS8eNQSqMkJ1TVOBkMVMB8GA1UdIwQY
MBaAFLv6Qn1CAjr9qIjoQV9O3Pe33xsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9wQ2ZVSUNPdjJvaU9oQlgwN2M5N2ZmR3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YTc5YTEtM2QxOS00ZGU0LWJlODkt
OGEyMDA2OTFmNzI0LzEvTW5DVXE0X0k1THg0MUJLb3lRblZOVTRHUXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80YTc5YTEtM2QxOS00ZGU0LWJlODktOGEyMDA2OTFmNzI0
LzEvdV9wQ2ZVSUNPdjJvaU9oQlgwN2M5N2ZmR3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwwhrMA0E
AgACMAcDBQMqEuPAMA0GCSqGSIb3DQEBCwUAA4IBAQBhpHs94Bjz4OXkjXh3SyzP
eQLK+yccNIh6vpjaeIX0y5IJQmVp3yWCOJJgB4+XU2VEJtIlgzna21oIP2O3BVlu
BMGgZP5qu5EFPP1kVDfHQ6PqdLW3lCpRQCaE0Ta0cz/sixS9ZQRVskdxA51U5o63
BCz1GEcr2XVGJptbzamtFl7LAGz1mSPv+qmWyAYHsEuqbnmDijmLDMILFoHPnYTt
Ent8Nhi1ykrae4b3myR+CwXMnZIC72xiIDlpv3MNJt2cIZlmr+KhY8I7qVokvobS
BZ/KynAC5LNaul3JwQf8c1mwS2f1YjMNcFf345nwHl0R714fxZ1sZ7WuucV07lPh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:03 2025 by rpki-client