Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/MPgMDukDFbHaPDJG1MyX3H1vIiM.roa
File: MPgMDukDFbHaPDJG1MyX3H1vIiM.roa (raw, json)
Hash identifier: 6sEKK1wm1+vwqu6Z9XwTNmYReyPDzrygP5/8cXJny1Q=
Subject key identifier: 30:F8:0C:0E:E9:03:15:B1:DA:3C:32:46:D4:CC:97:DC:7D:6F:22:23
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01855E41B29FBBD56CD346869DDCB55248AA
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/MPgMDukDFbHaPDJG1MyX3H1vIiM.roa
Signing time: Thu 29 Dec 2022 14:20:41 +0000
ROA not before: Thu 29 Dec 2022 14:20:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39650
IP address blocks: 188.240.196.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
188.212.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:41:b2:9f:bb:d5:6c:d3:46:86:9d:dc:b5:52:48:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Dec 29 14:20:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30f80c0ee90315b1da3c3246d4cc97dc7d6f2223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:32:cc:5b:3f:f9:44:94:60:8c:47:df:90:58:
fe:b4:bb:07:5e:a6:c3:b4:dc:61:65:b7:9b:8b:5f:
15:cc:87:27:8d:38:e7:47:f4:93:f5:e6:83:4f:98:
d0:b6:a2:87:60:36:fa:05:fa:33:e1:93:dc:fb:85:
21:0a:7c:f6:7e:6e:8f:b6:3b:12:0d:be:7c:6b:69:
b2:90:68:cc:5f:72:4a:0e:f5:d9:36:f5:a0:96:ea:
36:78:5d:78:92:ed:2a:d4:0c:43:69:83:f2:fa:e7:
34:06:39:5f:b5:4a:57:d1:0e:ee:8b:0d:0a:d7:1c:
25:22:ce:75:64:60:9d:7a:aa:2a:a6:fe:6c:36:43:
05:19:82:8c:3f:49:57:7f:3d:4b:b3:8f:49:c8:4a:
0e:73:57:84:36:4d:b5:b0:c8:73:26:67:f9:a5:75:
0a:f8:1c:51:e1:79:5a:03:6b:9c:b3:28:9f:b8:8c:
88:62:ea:f8:4a:0f:5f:7a:44:68:80:31:96:cb:d5:
6c:56:cb:ae:8d:7f:ff:a0:ed:3b:64:91:49:5c:08:
01:82:cc:f4:4f:f6:91:97:70:d6:90:15:56:e7:f3:
4d:ec:41:75:3f:d4:52:04:e6:05:ac:0a:82:2a:b3:
4f:8f:23:32:6f:61:66:1b:8c:74:47:e6:12:f0:10:
22:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F8:0C:0E:E9:03:15:B1:DA:3C:32:46:D4:CC:97:DC:7D:6F:22:23
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/MPgMDukDFbHaPDJG1MyX3H1vIiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0/24
45.94.215.0/24
89.46.217.0/24
185.3.200.0/24
188.212.96.0/22
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:83:fc:99:21:7d:7d:00:82:d3:9e:f9:55:e3:e1:91:0c:2b:
4c:5a:a3:1b:9d:38:b0:67:2d:2a:c5:8a:c7:63:51:ec:f9:6e:
58:ba:a3:79:a3:ae:f4:2a:45:db:87:86:53:6c:23:b3:85:6e:
e2:d8:c6:1b:ac:34:ee:0a:b9:db:a7:36:1e:69:d4:7a:cb:69:
c1:7c:15:42:8f:83:e3:af:20:a6:56:79:a6:9b:ef:f1:f3:50:
80:1e:8e:ce:41:9d:60:5c:d1:66:ab:1f:03:13:ab:a5:20:aa:
8f:2d:09:36:b1:ee:9d:13:5e:bd:24:6c:4e:30:5a:ff:51:3d:
1d:02:73:5f:d5:fa:36:fb:b3:f3:32:cc:5b:3c:6d:12:9b:c8:
da:f0:be:e0:44:a2:42:8a:50:3b:9e:a2:0f:ec:3b:e3:1c:15:
70:24:e0:7e:a3:23:dc:e2:24:bb:1d:06:b0:af:80:7c:6b:55:
da:69:a6:a3:d2:67:7c:be:47:4c:5a:1e:99:a0:01:69:75:ec:
86:4e:a7:90:6f:1b:e5:5e:64:a2:e9:69:50:45:28:8d:c6:92:
67:1f:2d:53:bf:75:76:e7:e3:4d:7b:c9:02:1f:3e:fb:ab:be:
3c:20:5f:07:4f:f5:c0:91:00:9f:77:32:6c:f2:e1:93:47:5e:
c6:ac:12:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVeQbKfu9Vs00aGndy1UkiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjIxMjI5MTQyMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY4MGMwZWU5MDMxNWIxZGEzYzMyNDZkNGNjOTdkYzdkNmYyMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTLMWz/5RJRgjEffkFj+tLsHXqbD
tNxhZbebi18VzIcnjTjnR/ST9eaDT5jQtqKHYDb6Bfoz4ZPc+4UhCnz2fm6PtjsS
Db58a2mykGjMX3JKDvXZNvWgluo2eF14ku0q1AxDaYPy+uc0BjlftUpX0Q7uiw0K
1xwlIs51ZGCdeqoqpv5sNkMFGYKMP0lXfz1Ls49JyEoOc1eENk21sMhzJmf5pXUK
+BxR4XlaA2ucsyifuIyIYur4Sg9fekRogDGWy9VsVsuujX//oO07ZJFJXAgBgsz0
T/aRl3DWkBVW5/NN7EF1P9RSBOYFrAqCKrNPjyMyb2FmG4x0R+YS8BAidwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDD4DA7pAxWx2jwyRtTMl9x9byIjMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvTVBnTUR1a0RGYkhhUERKRzFNeVgzSDF2SWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV7VAwQA
LV7XAwQAWS7ZAwQAuQPIAwQCvNRgAwQAvPDEMA0GCSqGSIb3DQEBCwUAA4IBAQBb
g/yZIX19AILTnvlV4+GRDCtMWqMbnTiwZy0qxYrHY1Hs+W5YuqN5o670KkXbh4ZT
bCOzhW7i2MYbrDTuCrnbpzYeadR6y2nBfBVCj4PjryCmVnmmm+/x81CAHo7OQZ1g
XNFmqx8DE6ulIKqPLQk2se6dE169JGxOMFr/UT0dAnNf1fo2+7PzMsxbPG0Sm8ja
8L7gRKJCilA7nqIP7DvjHBVwJOB+oyPc4iS7HQawr4B8a1Xaaaaj0md8vkdMWh6Z
oAFpdeyGTqeQbxvlXmSi6WlQRSiNxpJnHy1Tv3V25+NNe8kCHz77q748IF8HT/XA
kQCfdzJs8uGTR17GrBIT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org