Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/mxr-dRTgnFE-5QLjB8ZSgiV3cug.roa
File: mxr-dRTgnFE-5QLjB8ZSgiV3cug.roa (raw, json)
Hash identifier: FmMPyAaZWW3QbsMumVVEdGm6KWFeJXeZJwDsHll8rc8=
Subject key identifier: 9B:1A:FE:75:14:E0:9C:51:3E:E5:02:E3:07:C6:52:82:25:77:72:E8
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018C86849A6834116B597DFC4F57A3FF467F
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/mxr-dRTgnFE-5QLjB8ZSgiV3cug.roa
Signing time: Wed 20 Dec 2023 09:18:06 +0000
ROA not before: Wed 20 Dec 2023 09:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56798
IP address blocks: 45.86.36.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
2a10:d440:2::/48 maxlen: 48
2a10:d440:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:84:9a:68:34:11:6b:59:7d:fc:4f:57:a3:ff:46:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Dec 20 09:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b1afe7514e09c513ee502e307c65282257772e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:94:7d:3c:e6:b3:80:be:b1:39:a6:c6:f4:
01:66:47:9d:0d:e9:88:2e:39:97:b8:e1:7f:10:dc:
0f:c9:87:d4:24:44:71:73:9d:e8:a6:61:a5:be:b6:
a3:ae:a2:8e:5a:eb:09:2e:80:42:0c:ff:e5:dc:0c:
01:69:95:c6:49:ef:85:bb:60:9a:22:aa:89:7e:a9:
61:8e:34:91:83:02:0c:b1:0f:4c:45:80:4d:a1:69:
9f:b2:5a:a7:74:c9:26:88:bf:2d:49:02:2e:bd:35:
63:a3:4f:be:99:2d:e3:7a:64:d3:82:94:3d:16:50:
84:f8:fc:bb:47:7d:4c:cd:e8:c7:db:90:eb:ed:b4:
fb:70:25:ed:a2:18:e8:c9:81:16:fe:fa:17:9a:fb:
8e:3a:f7:4c:c5:d6:e6:d3:6c:7a:76:fe:6f:ba:1b:
78:c8:c1:86:73:7c:71:94:b7:34:a7:15:ce:3b:7e:
63:d4:a1:35:72:95:bd:26:2c:cd:af:f1:0b:b7:56:
bf:9c:43:2a:ca:60:55:b4:58:95:eb:36:9b:46:d6:
e8:13:1a:b7:67:46:7c:cf:2e:19:b4:69:fd:07:0c:
dd:17:66:9a:73:53:69:85:49:6c:ff:96:fa:b7:b7:
b7:00:1e:8a:84:6e:fa:50:70:88:69:e0:da:54:df:
7e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1A:FE:75:14:E0:9C:51:3E:E5:02:E3:07:C6:52:82:25:77:72:E8
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/mxr-dRTgnFE-5QLjB8ZSgiV3cug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.36.0/24
193.17.33.0/24
IPv6:
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:1c:80:46:ab:3e:c0:19:61:9c:c1:8b:19:08:3a:53:c8:cf:
64:ad:35:0b:c9:2d:a5:ff:63:d6:c2:ee:53:7a:6e:18:54:7e:
2e:d4:01:5e:dd:64:17:9a:d5:3a:6c:78:30:1e:41:d9:c0:e5:
65:45:81:d8:75:69:a9:30:6f:01:b1:b2:dd:89:9d:88:42:39:
6e:3b:f5:f1:74:a1:6e:6e:ec:3c:d9:c7:16:5e:07:9d:eb:f6:
a5:5b:d4:f4:46:37:62:05:7b:36:db:f8:6a:09:d7:bb:ff:cf:
23:57:72:4c:e3:3e:60:52:61:64:be:ee:b4:4a:69:00:0c:a5:
e4:ff:bf:68:4e:e5:7e:c4:fd:0c:20:97:b9:c5:23:a2:21:2e:
0d:61:55:30:29:4f:ee:d3:3c:52:fd:7d:52:7b:b8:20:38:c9:
4c:1c:84:16:38:3e:63:31:d1:b5:6b:93:b9:39:f9:a1:11:cc:
93:f1:f9:41:3e:1d:aa:da:40:97:e2:67:36:fe:10:79:74:fe:
32:b0:c6:c1:12:23:d3:79:06:c3:3b:db:35:18:4c:24:ae:d3:
09:81:50:2a:d0:88:7d:6e:d7:39:d4:02:40:51:02:1c:82:fb:
64:42:ee:08:c4:a1:e5:fd:1b:cd:70:7e:ba:57:04:9f:f2:c9:
ac:88:37:50
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYyGhJpoNBFrWX38T1ej/0Z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjMxMjIwMDkxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjFhZmU3NTE0ZTA5YzUxM2VlNTAyZTMwN2M2NTI4MjI1Nzc3MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsqUfTzms4C+sTmmxvQBZkedDemI
LjmXuOF/ENwPyYfUJERxc53opmGlvrajrqKOWusJLoBCDP/l3AwBaZXGSe+Fu2Ca
IqqJfqlhjjSRgwIMsQ9MRYBNoWmfslqndMkmiL8tSQIuvTVjo0++mS3jemTTgpQ9
FlCE+Py7R31MzejH25Dr7bT7cCXtohjoyYEW/voXmvuOOvdMxdbm02x6dv5vuht4
yMGGc3xxlLc0pxXOO35j1KE1cpW9JizNr/ELt1a/nEMqymBVtFiV6zabRtboExq3
Z0Z8zy4ZtGn9BwzdF2aac1NphUls/5b6t7e3AB6KhG76UHCIaeDaVN9+kwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJsa/nUU4JxRPuUC4wfGUoIld3LoMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvbXhyLWRSVGduRkUtNVFMakI4WlNnaVYzY3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQALVYkAwQA
wREhMBoEAgACMBQwEgMHACoQ1EAAAQMHACoQ1EAAAjANBgkqhkiG9w0BAQsFAAOC
AQEAiByARqs+wBlhnMGLGQg6U8jPZK01C8ktpf9j1sLuU3puGFR+LtQBXt1kF5rV
Omx4MB5B2cDlZUWB2HVpqTBvAbGy3YmdiEI5bjv18XShbm7sPNnHFl4Hnev2pVvU
9EY3YgV7Ntv4agnXu//PI1dyTOM+YFJhZL7utEppAAyl5P+/aE7lfsT9DCCXucUj
oiEuDWFVMClP7tM8Uv19Unu4IDjJTByEFjg+YzHRtWuTuTn5oRHMk/H5QT4dqtpA
l+JnNv4QeXT+MrDGwRIj03kGwzvbNRhMJK7TCYFQKtCIfW7XOdQCQFECHIL7ZELu
CMSh5f0bzXB+ulcEn/LJrIg3UA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 23:24:36 2025 by rpki-client