Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mbuAFX1_Eb9Goq6nnCNyz5ykzlI.roa
File: mbuAFX1_Eb9Goq6nnCNyz5ykzlI.roa (raw, json)
Hash identifier: w9VVNsq3xFXbS5onYXuaGIok/v9Ae6Ks6JM94DL200Y=
Subject key identifier: 99:BB:80:15:7D:7F:11:BF:46:A2:AE:A7:9C:23:72:CF:9C:A4:CE:52
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189B04E4900BC9F013F5DD55D9FC58D5146
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mbuAFX1_Eb9Goq6nnCNyz5ykzlI.roa
Signing time: Tue 01 Aug 2023 08:54:27 +0000
ROA not before: Tue 01 Aug 2023 08:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.111.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.213.0/24 maxlen: 24
109.176.210.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.241.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:4e:49:00:bc:9f:01:3f:5d:d5:5d:9f:c5:8d:51:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 1 08:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99bb80157d7f11bf46a2aea79c2372cf9ca4ce52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:82:08:89:c4:07:a7:39:23:9a:fd:47:7d:e4:
69:b9:61:00:dd:13:2c:3f:d5:ce:5f:af:16:67:ac:
8f:a1:db:3f:f4:95:55:e5:e5:24:66:f7:ea:bd:8b:
59:ac:25:d6:41:34:e4:ee:ff:23:74:13:85:f5:2a:
f0:31:b1:aa:6f:61:d1:d3:54:67:99:8e:0b:5b:96:
4b:0d:e7:ac:87:6b:08:5f:cf:12:36:6e:db:2c:5a:
64:37:b0:01:84:1e:25:cd:34:98:9c:24:5f:f9:7c:
34:b1:56:8a:fd:a1:66:5d:c4:ef:9a:f6:68:7d:dd:
7c:d9:95:e0:bf:7b:a1:ff:ca:bc:64:ed:e2:2c:94:
22:92:79:38:dc:e3:03:b5:54:71:69:25:eb:6f:7d:
fb:af:ba:d2:a7:74:70:8d:32:f9:41:75:16:17:d8:
c7:8e:e3:5e:cb:20:36:50:ed:23:39:78:79:11:bf:
fa:f4:c9:01:9d:dd:95:a2:f3:c3:38:a9:5d:f0:b0:
72:1d:0f:ff:66:58:da:21:88:a0:4b:3d:f9:20:84:
ba:1c:6f:03:39:63:1c:2b:7d:ed:be:09:4e:40:cc:
5b:36:36:a1:f6:eb:f8:dc:2a:ea:4d:f1:40:f9:17:
f2:cd:19:9d:a4:95:3b:a1:cd:44:85:bb:f8:4e:0a:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BB:80:15:7D:7F:11:BF:46:A2:AE:A7:9C:23:72:CF:9C:A4:CE:52
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mbuAFX1_Eb9Goq6nnCNyz5ykzlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.65.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.223.0/24
82.153.240.0/24
82.153.249.0/24
89.213.6.0/24
89.213.132.0/24
89.213.136.0/24
89.213.139.0-89.213.140.255
89.213.168.0/24
89.213.180.0/24
89.213.184.0/23
109.176.210.0/23
109.176.213.0/24
109.176.240.0-109.176.242.255
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:0a:38:cf:d7:78:93:a0:bb:d7:cb:74:9e:8f:77:16:3c:a0:
c7:39:76:7a:57:16:99:bf:e0:e4:53:33:6a:d4:ce:15:62:4e:
0b:19:92:a4:f4:c1:dc:d5:a5:bc:b4:0d:cf:1c:15:6f:12:a8:
fb:20:db:eb:d5:7a:62:58:8b:11:03:9b:d4:be:0a:96:2e:06:
5a:52:f8:83:7b:23:33:bb:57:e7:aa:19:a1:b1:20:7b:09:ec:
ae:9f:79:f1:c7:25:24:7f:ff:85:dc:1a:18:09:dc:92:cd:df:
d8:da:77:82:4d:56:00:1e:ae:87:48:91:24:0c:17:f0:15:96:
2d:24:0c:12:81:d6:fa:94:f5:79:2c:8a:69:ce:0b:fb:85:57:
f0:37:e6:5f:0e:97:4f:9c:da:6d:26:b5:bd:6a:58:e5:59:53:
ea:87:90:43:5f:67:94:34:1c:99:a2:27:df:f1:eb:bf:7c:31:
84:67:74:29:12:e9:09:f2:b4:7f:3e:ca:ee:d7:77:29:61:f8:
52:52:dc:e4:5e:7b:ec:b2:ae:28:4e:7c:03:53:e3:a2:cd:18:
cc:8c:b4:54:63:ae:1d:33:85:ab:7f:e5:a0:d0:cc:0c:9d:d8:
24:7c:75:ec:d4:d1:95:56:be:13:b1:32:2b:34:c7:6d:6c:b7:
5d:35:d4:99
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYmwTkkAvJ8BP13VXZ/FjVFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDg1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJiODAxNTdkN2YxMWJmNDZhMmFlYTc5YzIzNzJjZjljYTRjZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIIIicQHpzkjmv1HfeRpuWEA3RMs
P9XOX68WZ6yPods/9JVV5eUkZvfqvYtZrCXWQTTk7v8jdBOF9SrwMbGqb2HR01Rn
mY4LW5ZLDeesh2sIX88SNm7bLFpkN7ABhB4lzTSYnCRf+Xw0sVaK/aFmXcTvmvZo
fd182ZXgv3uh/8q8ZO3iLJQiknk43OMDtVRxaSXrb337r7rSp3RwjTL5QXUWF9jH
juNeyyA2UO0jOXh5Eb/69MkBnd2VovPDOKld8LByHQ//ZljaIYigSz35IIS6HG8D
OWMcK33tvglOQMxbNjah9uv43CrqTfFA+RfyzRmdpJU7oc1Ehbv4TgrkOQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFJm7gBV9fxG/RqKup5wjcs+cpM5SMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbWJ1QUZYMV9FYjlHb3E2bm5DTnl6NXlremxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBABR
BZwDBABRqCkDBABRqHcDBABRqHsDBABSmG8DBAFSmPwDBABSmP8DBABSmQEDBABS
mUEDBABSmUkDBABSmU4wDAMEA1KZiAMEAFKZjAMEAFKZ3wMEAFKZ8AMEAFKZ+QME
AFnVBgMEAFnVhAMEAFnViDAMAwQAWdWLAwQAWdWMAwQAWdWoAwQAWdW0AwQBWdW4
AwQBbbDSAwQAbbDVMAwDBARtsPADBABtsPIDBADVmCowDQYJKoZIhvcNAQELBQAD
ggEBAHsKOM/XeJOgu9fLdJ6PdxY8oMc5dnpXFpm/4ORTM2rUzhViTgsZkqT0wdzV
pby0Dc8cFW8SqPsg2+vVemJYixEDm9S+CpYuBlpS+IN7IzO7V+eqGaGxIHsJ7K6f
efHHJSR//4XcGhgJ3JLN39jad4JNVgAerodIkSQMF/AVli0kDBKB1vqU9XksimnO
C/uFV/A35l8Ol0+c2m0mtb1qWOVZU+qHkENfZ5Q0HJmiJ9/x6798MYRndCkS6Qny
tH8+yu7Xdylh+FJS3ORee+yyrihOfANT46LNGMyMtFRjrh0zhat/5aDQzAyd2CR8
dezU0ZVWvhOxMis0x21st1011Jk=
-----END CERTIFICATE-----
Generated at Sat May 17 02:27:02 2025 by rpki-client