Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/M0o0bBFVjOn3vSdEkZZosq8tXpw.roa
File: M0o0bBFVjOn3vSdEkZZosq8tXpw.roa (raw, json)
Hash identifier: mNgF4Onj55NwtjegnNLG8IgTQ3cyRbvV8E7UZ4ZgNME=
Subject key identifier: 33:4A:34:6C:11:55:8C:E9:F7:BD:27:44:91:96:68:B2:AF:2D:5E:9C
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01872C8866C8E0D2D978C91841704EAA83BC
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/M0o0bBFVjOn3vSdEkZZosq8tXpw.roa
Signing time: Wed 29 Mar 2023 08:42:29 +0000
ROA not before: Wed 29 Mar 2023 08:42:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 193.254.27.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
193.228.58.0/23 maxlen: 32
63.141.36.0/23 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:88:66:c8:e0:d2:d9:78:c9:18:41:70:4e:aa:83:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 29 08:42:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=334a346c11558ce9f7bd2744919668b2af2d5e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b1:27:21:65:e3:e7:19:ef:ba:da:5e:f5:a0:
7d:b8:72:71:6e:47:86:b7:67:59:02:18:de:7f:97:
65:11:0e:c0:c8:52:99:e8:1f:d1:50:d2:1c:4a:88:
25:68:6f:0f:dc:a3:ec:34:be:ea:89:88:d5:41:bb:
ce:03:f1:93:38:ac:df:16:ee:d9:70:64:9b:9c:ab:
88:b4:2b:1c:d3:df:0b:42:86:da:68:3b:07:be:ec:
f9:e8:10:c7:9c:6f:ab:bc:9c:01:d2:a5:20:49:32:
53:58:35:71:b5:a9:7c:fc:c8:9e:b3:c1:e0:47:7c:
fd:36:fe:eb:fa:61:4a:13:a3:cc:f0:af:ce:8a:95:
39:59:b2:fa:37:68:73:e7:0c:3a:94:5b:ce:27:fb:
cc:b1:95:ac:40:6e:bc:73:7a:51:5c:e3:e2:9f:b0:
b7:9c:10:0c:16:e5:4a:fb:c4:26:8f:e7:11:bc:22:
87:f8:81:fc:9b:83:e5:d9:7b:51:65:bb:e2:b4:96:
a9:4e:b6:d3:c1:3b:f2:ab:03:4a:92:30:ad:60:6c:
f6:ab:4b:67:2b:84:4d:84:4b:26:c7:a3:35:55:72:
b2:18:b4:4b:ab:20:f1:f0:29:53:72:e3:fd:3f:0e:
db:17:fb:9c:84:de:de:53:6c:e4:df:67:cb:d7:09:
ec:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4A:34:6C:11:55:8C:E9:F7:BD:27:44:91:96:68:B2:AF:2D:5E:9C
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/M0o0bBFVjOn3vSdEkZZosq8tXpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.224.0/22
63.141.36.0/23
185.223.248.0/22
193.228.58.0/23
193.254.27.0/24
194.0.133.0/24
194.0.136.0/24
194.124.240.0/24
194.124.247.0-194.124.248.255
Signature Algorithm: sha256WithRSAEncryption
ab:a1:6d:49:cf:ed:d5:e4:fb:bf:a0:eb:da:99:8c:e4:5c:97:
c2:2c:97:34:14:e6:9d:77:b9:b5:f0:f2:94:56:3f:f7:7f:c0:
d4:27:c3:ed:07:b7:ec:b1:a5:ad:da:c7:50:e5:ca:ff:7e:a4:
66:0b:67:9f:d9:64:7e:27:1e:9f:aa:73:31:fc:72:cb:0b:2e:
ea:ff:41:08:4c:c5:56:8e:ad:91:f3:27:9c:1c:64:0d:52:3f:
99:1a:d3:1c:c6:7e:91:74:20:da:49:aa:57:af:bd:b3:b7:b2:
45:28:3b:82:d8:9c:24:55:21:23:3c:8f:73:78:53:dc:dd:e3:
cc:18:b8:df:ae:3e:f8:74:bc:9e:b4:19:e2:be:8b:ed:5a:70:
6d:a5:8c:9d:cc:ed:30:ab:7c:a6:47:50:fc:9d:b8:62:26:c0:
16:86:ff:85:cd:43:ce:11:8f:f8:b0:40:2e:9a:97:2c:7b:e3:
14:60:9a:ab:24:1b:f5:ee:58:10:7e:24:78:81:3f:db:40:55:
db:89:cb:2c:06:6b:30:18:07:22:a1:da:ed:4e:47:4e:88:92:
27:7e:e7:c2:33:a1:44:be:e1:de:f7:6b:fa:7d:bf:56:b6:61:
36:93:b3:93:43:5a:4b:ce:66:0d:a6:08:2d:0a:bc:58:fd:f5:
46:83:73:2d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYcsiGbI4NLZeMkYQXBOqoO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMzI5MDg0MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzRhMzQ2YzExNTU4Y2U5ZjdiZDI3NDQ5MTk2NjhiMmFmMmQ1ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLEnIWXj5xnvutpe9aB9uHJxbkeG
t2dZAhjef5dlEQ7AyFKZ6B/RUNIcSoglaG8P3KPsNL7qiYjVQbvOA/GTOKzfFu7Z
cGSbnKuItCsc098LQobaaDsHvuz56BDHnG+rvJwB0qUgSTJTWDVxtal8/Mies8Hg
R3z9Nv7r+mFKE6PM8K/OipU5WbL6N2hz5ww6lFvOJ/vMsZWsQG68c3pRXOPin7C3
nBAMFuVK+8Qmj+cRvCKH+IH8m4Pl2XtRZbvitJapTrbTwTvyqwNKkjCtYGz2q0tn
K4RNhEsmx6M1VXKyGLRLqyDx8ClTcuP9Pw7bF/uchN7eU2zk32fL1wnseQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDNKNGwRVYzp970nRJGWaLKvLV6cMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvTTBvMGJCRlZqT24zdlNkRWtaWm9zcTh0WHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCLZzgAwQB
P40kAwQCud/4AwQBweQ6AwQAwf4bAwQAwgCFAwQAwgCIAwQAwnzwMAwDBADCfPcD
BADCfPgwDQYJKoZIhvcNAQELBQADggEBAKuhbUnP7dXk+7+g69qZjORcl8IslzQU
5p13ubXw8pRWP/d/wNQnw+0Ht+yxpa3ax1Dlyv9+pGYLZ5/ZZH4nHp+qczH8cssL
Lur/QQhMxVaOrZHzJ5wcZA1SP5ka0xzGfpF0INpJqlevvbO3skUoO4LYnCRVISM8
j3N4U9zd48wYuN+uPvh0vJ60GeK+i+1acG2ljJ3M7TCrfKZHUPyduGImwBaG/4XN
Q84Rj/iwQC6alyx74xRgmqskG/XuWBB+JHiBP9tAVduJyywGazAYByKh2u1OR06I
kid+58IzoUS+4d73a/p9v1a2YTaTs5NDWkvOZg2mCC0KvFj99UaDcy0=
-----END CERTIFICATE-----
Generated at Mon May 12 16:49:33 2025 by rpki-client