Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/Mxfim5uW1l7fTzDByrDOv4ks_qc.roa
File: Mxfim5uW1l7fTzDByrDOv4ks_qc.roa (raw, json)
Hash identifier: 5F6KG25tiJ+kExMrMkAmrc3RpbFlZ0XfOMOXOVgncuI=
Subject key identifier: 33:17:E2:9B:9B:96:D6:5E:DF:4F:30:C1:CA:B0:CE:BF:89:2C:FE:A7
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 35E024D5
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/Mxfim5uW1l7fTzDByrDOv4ks_qc.roa
Signing time: Sat 01 Jan 2022 12:57:06 +0000
ROA not before: Sat 01 Jan 2022 12:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 185.107.44.0/22 maxlen: 22
109.201.128.0/19 maxlen: 19
185.107.45.0/24 maxlen: 24
185.107.56.0/22 maxlen: 22
185.107.68.0/22 maxlen: 22
185.107.80.0/22 maxlen: 22
185.107.37.0/24 maxlen: 24
185.107.36.0/24 maxlen: 24
185.107.38.0/24 maxlen: 24
212.92.112.0/21 maxlen: 21
212.92.120.0/22 maxlen: 22
212.92.124.0/23 maxlen: 23
92.114.100.0/22 maxlen: 22
89.38.160.0/22 maxlen: 22
85.159.232.0/21 maxlen: 24
46.166.176.0/20 maxlen: 21
37.143.32.0/21 maxlen: 24
185.107.92.0/22 maxlen: 22
185.107.100.0/22 maxlen: 24
185.107.116.0/22 maxlen: 24
46.166.128.0/19 maxlen: 24
212.92.104.0/21 maxlen: 21
185.11.144.0/24 maxlen: 24
37.156.228.0/24 maxlen: 24
188.209.57.0/24 maxlen: 24
188.209.56.0/24 maxlen: 24
188.209.55.0/24 maxlen: 24
37.153.168.0/22 maxlen: 22
77.247.176.0/24 maxlen: 24
77.247.176.0/21 maxlen: 21
5.104.136.0/21 maxlen: 24
185.7.76.0/22 maxlen: 22
176.126.232.0/24 maxlen: 24
176.126.233.0/24 maxlen: 24
2a00:1768::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903881941 (0x35e024d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 1 12:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3317e29b9b96d65edf4f30c1cab0cebf892cfea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:79:3e:96:2a:b2:20:52:fb:44:78:76:0e:
0b:a7:56:a0:b0:c9:b6:c5:a9:65:d0:48:3c:32:e1:
23:9f:0d:4d:32:a3:2d:8f:cd:43:11:0e:dd:ab:3d:
ca:30:d2:6d:c2:3c:ea:4f:3d:eb:6a:35:b9:ea:76:
93:16:fd:d6:ce:10:d7:8d:45:d7:be:a2:5d:db:04:
04:4b:db:f8:ea:e3:65:a2:39:1f:82:bc:7c:c4:c1:
79:cf:7e:2b:7b:49:d5:a3:d9:fa:6a:19:44:52:7e:
6f:26:b8:d6:62:80:ac:eb:ec:a2:c8:89:09:d1:df:
86:1e:6d:b8:50:b4:27:25:cc:05:2e:33:a6:c6:b2:
e9:13:56:62:77:e6:fd:e0:3e:ee:30:26:85:bb:84:
3e:ef:54:64:36:59:ec:7a:be:89:59:40:ec:7a:72:
c8:0a:e5:03:d5:e5:ef:39:46:33:5d:56:36:0e:92:
5c:de:a1:63:dc:99:96:f0:5b:4d:4a:82:af:1f:a4:
69:ea:7b:8d:4b:f2:0d:cf:4c:7e:66:fc:50:c3:ed:
d0:aa:ac:93:47:24:ea:1a:ce:ec:bb:7e:91:f2:27:
e2:8d:94:bb:45:11:e1:2f:2a:b9:de:28:bb:ce:1d:
d6:48:58:69:7d:4b:fb:25:12:66:11:a9:7e:9a:65:
09:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:17:E2:9B:9B:96:D6:5E:DF:4F:30:C1:CA:B0:CE:BF:89:2C:FE:A7
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/Mxfim5uW1l7fTzDByrDOv4ks_qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.136.0/21
37.143.32.0/21
37.153.168.0/22
37.156.228.0/24
46.166.128.0/19
46.166.176.0/20
77.247.176.0/21
85.159.232.0/21
89.38.160.0/22
92.114.100.0/22
109.201.128.0/19
176.126.232.0/23
185.7.76.0/22
185.11.144.0/24
185.107.36.0-185.107.38.255
185.107.44.0/22
185.107.56.0/22
185.107.68.0/22
185.107.80.0/22
185.107.92.0/22
185.107.100.0/22
185.107.116.0/22
188.209.55.0-188.209.57.255
212.92.104.0-212.92.125.255
IPv6:
2a00:1768::/32
Signature Algorithm: sha256WithRSAEncryption
20:da:de:6a:92:25:89:c3:97:d0:08:c5:1a:25:73:e7:13:bb:
82:cc:b2:11:9b:57:e2:14:e4:98:b0:5c:3b:98:d5:b5:c5:7b:
f1:1e:0d:5f:ec:a5:83:35:e9:47:05:db:69:9e:42:2a:a1:c6:
f7:d6:dd:22:86:5d:e9:20:6d:77:0b:c4:90:0d:31:8a:30:92:
27:16:51:7c:4e:3b:3d:62:c5:5f:3e:6c:33:cf:1c:24:df:bd:
9f:e0:d3:87:a5:8c:45:d4:1f:d8:78:8c:77:70:33:9e:c7:c9:
1a:cb:e6:f8:55:52:05:5c:33:92:f3:81:21:56:6d:01:72:c7:
8d:b4:d2:c5:26:05:76:82:da:e0:23:05:96:e2:90:e2:7b:38:
ba:dd:9e:37:13:4e:07:b2:f0:e3:31:4f:bc:11:72:62:60:b7:
a3:aa:55:9d:91:14:60:28:fb:0d:3d:63:b2:97:b0:85:14:38:
d0:3a:06:2d:04:eb:b2:19:a3:23:80:b1:fc:df:24:ce:28:59:
4e:51:57:6e:80:46:26:59:86:fd:19:9b:c4:a3:be:59:9b:5a:
9f:80:32:f8:e5:af:e5:b3:c3:bb:b8:f3:32:95:9b:ac:64:9b:
5c:5c:7a:70:5d:a4:21:b8:9d:9e:32:68:b7:f1:8f:ce:ed:14:
35:79:b2:57
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIENeAk1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTM4ZWMyNDJhNDNlOWM5ZDRjZWIyNWRjOTBlNTQ1MzM3M2QzZjQ2MB4XDTIyMDEw
MTEyNTcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzMxN2UyOWI5Yjk2
ZDY1ZWRmNGYzMGMxY2FiMGNlYmY4OTJjZmVhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiFeT6WKrIgUvtEeHYOC6dWoLDJtsWpZdBIPDLhI58NTTKj
LY/NQxEO3as9yjDSbcI86k8962o1uep2kxb91s4Q141F176iXdsEBEvb+OrjZaI5
H4K8fMTBec9+K3tJ1aPZ+moZRFJ+bya41mKArOvsosiJCdHfhh5tuFC0JyXMBS4z
psay6RNWYnfm/eA+7jAmhbuEPu9UZDZZ7Hq+iVlA7HpyyArlA9Xl7zlGM11WNg6S
XN6hY9yZlvBbTUqCrx+kaep7jUvyDc9Mfmb8UMPt0Kqsk0ck6hrO7Lt+kfIn4o2U
u0UR4S8qud4ou84d1khYaX1L+yUSZhGpfpplCUMCAwEAAaOCAr8wggK7MB0GA1Ud
DgQWBBQzF+Kbm5bWXt9PMMHKsM6/iSz+pzAfBgNVHSMEGDAWgBThOOwkKkPpydTO
sl3JDlRTNz0/RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRUanNKQ3BENmNuVXpySmR5UTVVVXpjOVAwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMGI3ZmQzLTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3MS8x
L014ZmltNXVXMWw3ZlR6REJ5ckRPdjRrc19xYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MGI3ZmQzLTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3MS8xLzRUanNKQ3BENmNu
VXpySmR5UTVVVXpjOVAwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
1AYIKwYBBQUHAQcBAf8EgcQwgcEwga8EAgABMIGoAwQDBWiIAwQDJY8gAwQCJZmo
AwQAJZzkAwQFLqaAAwQELqawAwQDTfewAwQDVZ/oAwQCWSagAwQCXHJkAwQFbcmA
AwQBsH7oAwQCuQdMAwQAuQuQMAwDBAK5ayQDBAC5ayYDBAK5aywDBAK5azgDBAK5
a0QDBAK5a1ADBAK5a1wDBAK5a2QDBAK5a3QwDAMEALzRNwMEAbzRODAMAwQD1Fxo
AwQB1Fx8MA0EAgACMAcDBQAqABdoMA0GCSqGSIb3DQEBCwUAA4IBAQAg2t5qkiWJ
w5fQCMUaJXPnE7uCzLIRm1fiFOSYsFw7mNW1xXvxHg1f7KWDNelHBdtpnkIqocb3
1t0ihl3pIG13C8SQDTGKMJInFlF8Tjs9YsVfPmwzzxwk372f4NOHpYxF1B/YeIx3
cDOex8kay+b4VVIFXDOS84EhVm0BcseNtNLFJgV2gtrgIwWW4pDiezi63Z43E04H
svDjMU+8EXJiYLejqlWdkRRgKPsNPWOyl7CFFDjQOgYtBOuyGaMjgLH83yTOKFlO
UVdugEYmWYb9GZvEo75Zm1qfgDL45a/ls8O7uPMylZusZJtcXHpwXaQhuJ2eMmi3
8Y/O7RQ1ebJX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:58 2024 by rpki-client on console-fra.rpki-client.org