Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/M-MzKzIkT5H2r-XrNb0ekz8uX8U.roa
File: M-MzKzIkT5H2r-XrNb0ekz8uX8U.roa (raw, json)
Hash identifier: kRjz1+qP8tH5Ev1shLef/tNwl/yk0d+na79Y8aBidoc=
Subject key identifier: 33:E3:33:2B:32:24:4F:91:F6:AF:E5:EB:35:BD:1E:93:3F:2E:5F:C5
Certificate issuer: /CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Certificate serial: 03D29494
Authority key identifier: 5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/M-MzKzIkT5H2r-XrNb0ekz8uX8U.roa
Signing time: Sat 01 Jan 2022 11:58:06 +0000
ROA not before: Sat 01 Jan 2022 11:58:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48964
IP address blocks: 185.137.216.0/23 maxlen: 23
185.137.218.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64132244 (0x3d29494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Validity
Not Before: Jan 1 11:58:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33e3332b32244f91f6afe5eb35bd1e933f2e5fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e1:35:b8:8c:1a:e9:93:ff:aa:5a:f1:8e:48:
a5:7b:3d:9a:13:b0:92:31:c1:c4:61:b4:93:59:e3:
f1:cf:c2:98:c4:9b:6a:5b:00:b2:e7:0c:89:7b:5c:
b3:15:fe:0f:33:7a:22:6d:dd:65:ce:de:2c:f6:68:
22:f8:c9:88:a8:72:16:02:71:10:98:72:26:91:eb:
47:23:8c:fd:df:1f:fa:5d:30:61:1b:7a:26:3b:f1:
32:16:21:36:6d:61:ce:77:49:4d:b7:26:ae:8b:81:
39:7d:40:22:b2:31:a4:d2:15:76:4c:07:f0:24:29:
a4:68:e7:b2:ec:09:35:ce:64:b8:11:f6:79:e5:be:
3d:97:09:37:c9:4e:f6:e0:bc:fc:1e:98:09:70:cf:
ad:16:c5:9e:4b:ea:ea:1c:bc:14:be:89:72:9d:3a:
09:fd:04:93:98:80:a6:c9:f1:78:63:2e:36:96:35:
2e:ce:71:ae:62:5e:bc:fb:62:36:8e:70:e0:14:8b:
fe:d9:88:a0:aa:4c:b2:91:51:8d:8a:8e:e1:6f:bc:
0f:3c:6d:48:22:15:ab:0a:50:13:a1:60:95:30:45:
75:4b:9a:38:2d:99:35:28:41:e6:d4:fb:e8:16:8a:
5a:f6:39:95:85:6d:82:88:7a:bb:99:d6:13:47:3a:
b8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E3:33:2B:32:24:4F:91:F6:AF:E5:EB:35:BD:1E:93:3F:2E:5F:C5
X509v3 Authority Key Identifier:
keyid:5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/M-MzKzIkT5H2r-XrNb0ekz8uX8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/XxqmqSkxv8fhQAfEfJSc1e4-mA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
49:85:5e:0d:18:ef:19:5b:a1:75:d2:d0:e1:dc:38:d5:48:8c:
21:e2:2a:0a:d5:27:ee:1c:13:ee:03:3f:76:f4:99:ec:32:a7:
32:50:af:b4:4f:3b:c4:8c:00:29:f4:0f:dd:67:2d:07:e3:a1:
8b:5f:b7:82:8b:f8:51:37:9e:da:d4:2f:fb:65:0a:c4:61:48:
04:d5:1c:80:8f:aa:98:55:39:38:38:10:ff:96:d7:01:f9:0b:
b3:1c:52:51:28:67:7e:ae:f2:f6:c0:7f:58:20:40:72:90:b0:
e3:05:e7:89:57:5a:22:b8:2f:bd:4f:95:0a:d7:78:42:08:88:
92:be:d2:e6:77:99:f8:31:00:ce:da:5b:6b:8b:cb:01:10:ca:
89:9d:8c:26:a5:84:d2:c7:1f:9f:17:7a:81:ad:7b:69:17:bf:
3a:c3:9b:67:2f:06:15:1a:0a:97:51:48:10:49:b0:99:25:8c:
eb:fb:41:55:a4:74:e1:f0:3f:21:ed:6e:f4:d2:d8:b3:52:0d:
cf:df:60:f1:49:b6:ca:30:14:e3:ed:ee:76:6d:7f:54:a4:81:
5c:99:c2:10:ef:45:42:65:8e:bb:38:3f:a7:4e:c7:55:57:18:
f7:1b:06:8c:49:72:19:31:19:30:d1:28:ce:7c:6a:7a:af:4e:
f5:27:be:1a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9KUlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjFhYTZhOTI5MzFiZmM3ZTE0MDA3YzQ3Yzk0OWNkNWVlM2U5ODBmMB4XDTIyMDEw
MTExNTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNlMzMzMmIzMjI0
NGY5MWY2YWZlNWViMzViZDFlOTMzZjJlNWZjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObhNbiMGumT/6pa8Y5IpXs9mhOwkjHBxGG0k1nj8c/CmMSb
alsAsucMiXtcsxX+DzN6Im3dZc7eLPZoIvjJiKhyFgJxEJhyJpHrRyOM/d8f+l0w
YRt6JjvxMhYhNm1hzndJTbcmrouBOX1AIrIxpNIVdkwH8CQppGjnsuwJNc5kuBH2
eeW+PZcJN8lO9uC8/B6YCXDPrRbFnkvq6hy8FL6Jcp06Cf0Ek5iApsnxeGMuNpY1
Ls5xrmJevPtiNo5w4BSL/tmIoKpMspFRjYqO4W+8DzxtSCIVqwpQE6FglTBFdUua
OC2ZNShB5tT76BaKWvY5lYVtgoh6u5nWE0c6uBUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQz4zMrMiRPkfav5es1vR6TPy5fxTAfBgNVHSMEGDAWgBRfGqapKTG/x+FA
B8R8lJzV7j6YDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h4cW1xU2t4djhmaFFBZkVmSlNjMWU0LW1BOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvYTBjM2RiLTY1NDUtNDVhOC1hODQ1LWJiN2VjM2M4Y2RlOC8x
L00tTXpLeklrVDVIMnItWHJOYjBla3o4dVg4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
YTBjM2RiLTY1NDUtNDVhOC1hODQ1LWJiN2VjM2M4Y2RlOC8xL1h4cW1xU2t4djhm
aFFBZkVmSlNjMWU0LW1BOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmJ2DANBgkqhkiG9w0BAQsFAAOC
AQEASYVeDRjvGVuhddLQ4dw41UiMIeIqCtUn7hwT7gM/dvSZ7DKnMlCvtE87xIwA
KfQP3WctB+Ohi1+3gov4UTee2tQv+2UKxGFIBNUcgI+qmFU5ODgQ/5bXAfkLsxxS
UShnfq7y9sB/WCBAcpCw4wXniVdaIrgvvU+VCtd4QgiIkr7S5neZ+DEAztpba4vL
ARDKiZ2MJqWE0scfnxd6ga17aRe/OsObZy8GFRoKl1FIEEmwmSWM6/tBVaR04fA/
Ie1u9NLYs1INz99g8Um2yjAU4+3udm1/VKSBXJnCEO9FQmWOuzg/p07HVVcY9xsG
jElyGTEZMNEoznxqeq9O9Se+Gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:54 2024 by rpki-client on console-fra.rpki-client.org