Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/MdTc4IoEjNTp1a_SdMomTQQ9W5I.roa
File: MdTc4IoEjNTp1a_SdMomTQQ9W5I.roa (raw, json)
Hash identifier: f3XFVyBhhh8UMdYY0b9F98JvV2x7tNxYkugIPO7lgf0=
Subject key identifier: 31:D4:DC:E0:8A:04:8C:D4:E9:D5:AF:D2:74:CA:26:4D:04:3D:5B:92
Certificate issuer: /CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Certificate serial: 0188B997583653D5EC0AFA3052D60F3DFD45
Authority key identifier: BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/MdTc4IoEjNTp1a_SdMomTQQ9W5I.roa
Signing time: Wed 14 Jun 2023 11:08:03 +0000
ROA not before: Wed 14 Jun 2023 11:08:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199697
IP address blocks: 193.37.158.36/30 maxlen: 30
193.37.158.32/30 maxlen: 30
193.37.158.0/24 maxlen: 24
193.37.158.0/27 maxlen: 27
2a12:6040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:97:58:36:53:d5:ec:0a:fa:30:52:d6:0f:3d:fd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Validity
Not Before: Jun 14 11:08:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d4dce08a048cd4e9d5afd274ca264d043d5b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fe:e7:cd:57:41:3f:60:01:b1:ea:d1:00:be:
59:cc:38:38:d7:64:96:c2:07:ea:53:62:b8:dc:5a:
a7:9a:8a:21:ef:49:32:d0:a1:e4:8a:ba:8c:1e:fa:
62:c9:43:db:c5:51:e8:53:67:9a:a8:fa:30:70:bb:
50:76:c5:c9:03:2a:6b:9b:22:ec:e9:4f:be:bc:ef:
2b:86:66:8e:48:77:34:bf:20:7b:44:6d:74:14:b6:
5c:47:a0:90:e2:e4:cb:c2:65:b0:b0:3a:7d:3a:1d:
c0:55:ce:ee:7b:ae:e5:80:ab:3e:da:bb:43:f8:f4:
2e:92:c3:2b:22:de:1d:df:2c:85:34:17:7b:1f:40:
44:b4:fe:59:6e:44:8f:40:d5:d4:5e:22:15:8b:84:
40:d8:35:6f:d6:32:e3:c9:c9:3d:2a:43:c0:15:cf:
f7:b4:04:7c:2c:7e:71:0d:fd:41:33:76:21:1a:c5:
f4:9c:da:4d:7b:f3:3f:d8:2b:af:1d:0e:02:84:d4:
22:29:f7:4c:9f:b3:5d:52:9e:13:e0:8e:c9:d8:f0:
f4:eb:d3:7e:cb:ec:a8:3c:4d:f5:91:2a:15:7f:62:
74:55:b5:1c:c1:5c:4c:98:4d:d8:4f:d9:6a:ac:a1:
a5:73:f0:8d:a8:a8:e8:ac:58:e5:35:f0:b7:38:d6:
f9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D4:DC:E0:8A:04:8C:D4:E9:D5:AF:D2:74:CA:26:4D:04:3D:5B:92
X509v3 Authority Key Identifier:
keyid:BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/MdTc4IoEjNTp1a_SdMomTQQ9W5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.158.0/24
IPv6:
2a12:6040::/29
Signature Algorithm: sha256WithRSAEncryption
29:07:90:48:96:58:69:d7:59:f4:39:d5:1a:0e:bd:71:c0:55:
cf:e2:b5:90:57:cc:cb:69:37:d4:7f:ce:92:71:fa:ef:2e:f3:
a8:41:55:5d:d7:b2:33:fc:63:2b:20:94:38:c1:ff:76:47:1f:
5e:20:d5:b0:75:65:ab:dd:35:90:e6:c2:2c:7b:04:a0:11:a0:
6e:2f:e8:a1:d0:1c:24:ea:c1:1e:92:32:f2:16:bb:37:51:35:
a8:26:70:3b:bc:c0:5e:52:91:1f:18:37:97:d8:86:80:ae:a8:
c9:f7:3d:8c:ed:d6:45:00:76:60:c6:40:e3:0c:a1:1c:1b:77:
23:6b:01:c4:4d:4a:89:af:c2:7b:e6:ac:c6:62:b2:f0:55:45:
95:f8:b9:0e:e0:ff:a5:e5:96:13:48:80:86:0e:bb:da:89:08:
c0:6f:79:20:06:ff:19:fa:2e:3d:47:91:55:79:30:de:3e:24:
5f:69:79:e6:45:50:18:01:82:22:0c:ba:01:d4:67:62:f5:6c:
cc:57:45:ef:22:74:dd:34:73:fc:b0:b3:d8:36:2b:77:00:b3:
51:b2:5c:86:bf:92:84:ab:9d:d4:29:ba:1a:c0:d8:db:7f:06:
43:50:06:16:b4:e4:7a:8d:d0:f8:07:76:56:ef:52:a1:bb:37:
f1:27:3e:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYi5l1g2U9XsCvowUtYPPf1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmMxZWNjMTdmNjYwZDViZDg5ZTE2MTY3YjlkNTAzMWJm
NmEwY2IwHhcNMjMwNjE0MTEwODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ0ZGNlMDhhMDQ4Y2Q0ZTlkNWFmZDI3NGNhMjY0ZDA0M2Q1YjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf7nzVdBP2ABserRAL5ZzDg412SW
wgfqU2K43Fqnmooh70ky0KHkirqMHvpiyUPbxVHoU2eaqPowcLtQdsXJAyprmyLs
6U++vO8rhmaOSHc0vyB7RG10FLZcR6CQ4uTLwmWwsDp9Oh3AVc7ue67lgKs+2rtD
+PQuksMrIt4d3yyFNBd7H0BEtP5ZbkSPQNXUXiIVi4RA2DVv1jLjyck9KkPAFc/3
tAR8LH5xDf1BM3YhGsX0nNpNe/M/2CuvHQ4ChNQiKfdMn7NdUp4T4I7J2PD069N+
y+yoPE31kSoVf2J0VbUcwVxMmE3YT9lqrKGlc/CNqKjorFjlNfC3ONb5ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDHU3OCKBIzU6dWv0nTKJk0EPVuSMB8GA1UdIwQY
MBaAFLq8HswX9mDVvYnhYWe51QMb9qDLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWIt
MTc5MTE1OTRhZTUxLzEvTWRUYzRJb0VqTlRwMWFfU2RNb21UUVE5VzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWItMTc5MTE1OTRhZTUx
LzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSWeMA0E
AgACMAcDBQMqEmBAMA0GCSqGSIb3DQEBCwUAA4IBAQApB5BIllhp11n0OdUaDr1x
wFXP4rWQV8zLaTfUf86ScfrvLvOoQVVd17Iz/GMrIJQ4wf92Rx9eINWwdWWr3TWQ
5sIsewSgEaBuL+ih0Bwk6sEekjLyFrs3UTWoJnA7vMBeUpEfGDeX2IaArqjJ9z2M
7dZFAHZgxkDjDKEcG3cjawHETUqJr8J75qzGYrLwVUWV+LkO4P+l5ZYTSICGDrva
iQjAb3kgBv8Z+i49R5FVeTDePiRfaXnmRVAYAYIiDLoB1Gdi9WzMV0XvInTdNHP8
sLPYNit3ALNRslyGv5KEq53UKboawNjbfwZDUAYWtOR6jdD4B3ZW71KhuzfxJz45
-----END CERTIFICATE-----
Generated at Sat May 10 20:40:43 2025 by rpki-client