Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/MLkt-RaztzhsjE2ySPG_l78JhYM.roa
File: MLkt-RaztzhsjE2ySPG_l78JhYM.roa (raw, json)
Hash identifier: eLll4x5mckDTLRo4f5kqVhpFfYD0WzEWEp9gANML45Y=
Subject key identifier: 30:B9:2D:F9:16:B3:B7:38:6C:8C:4D:B2:48:F1:BF:97:BF:09:85:83
Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial: 0183F18B
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/MLkt-RaztzhsjE2ySPG_l78JhYM.roa
Signing time: Sat 01 Jan 2022 06:04:10 +0000
ROA not before: Sat 01 Jan 2022 06:04:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207174
IP address blocks: 185.211.212.0/24 maxlen: 24
185.211.213.0/24 maxlen: 24
185.211.215.0/24 maxlen: 24
185.49.192.0/24 maxlen: 24
185.211.214.0/24 maxlen: 24
185.49.195.0/24 maxlen: 24
185.49.194.0/24 maxlen: 24
185.49.193.0/24 maxlen: 24
185.249.108.0/24 maxlen: 24
185.249.111.0/24 maxlen: 24
185.249.110.0/24 maxlen: 24
185.249.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25424267 (0x183f18b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Validity
Not Before: Jan 1 06:04:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30b92df916b3b7386c8c4db248f1bf97bf098583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2a:2e:2f:07:67:2c:d2:4d:69:46:e2:50:a7:
9b:18:3c:04:69:fa:b0:64:e6:7b:57:56:27:6f:d0:
ea:ef:b4:46:da:8d:d4:5a:b1:cd:55:6f:50:8c:39:
19:f6:5f:da:a9:46:ca:e0:e2:0e:f7:87:43:8c:2c:
90:3a:d3:20:5d:93:51:de:7c:78:67:fb:b2:5d:7b:
ee:ca:65:f4:cb:ab:f4:6d:9c:50:bb:05:48:61:73:
3a:5a:f8:bc:a0:56:fd:03:83:27:02:45:83:1b:7b:
ef:d4:3a:e0:5e:ac:3d:69:69:d1:08:d9:17:b6:09:
24:90:66:4d:6c:58:f0:17:23:b1:47:0e:b4:87:ab:
70:80:19:63:b0:f5:40:eb:d8:6b:63:25:a3:ff:dc:
16:74:c7:ad:da:d5:58:4d:9c:91:e9:97:7c:58:75:
d0:b7:c0:1a:79:cf:d8:6b:be:80:bd:c1:e9:61:bc:
b3:ca:fb:53:85:2c:2f:a6:4c:10:e0:00:46:53:15:
f0:2d:83:e9:8d:96:16:d5:46:da:4f:54:d0:f6:87:
b9:a0:dd:d7:58:bf:4e:5d:12:d9:cf:cb:79:3a:a2:
e3:9f:38:5e:67:50:30:8b:f4:a2:72:2d:eb:2b:4e:
86:fc:23:9e:ad:07:ce:40:ad:98:33:ca:9a:85:f7:
89:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B9:2D:F9:16:B3:B7:38:6C:8C:4D:B2:48:F1:BF:97:BF:09:85:83
X509v3 Authority Key Identifier:
keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/MLkt-RaztzhsjE2ySPG_l78JhYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.192.0/22
185.211.212.0/22
185.249.108.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:bb:32:b2:12:3f:72:c4:41:b9:49:f3:f2:2d:09:da:0b:9a:
08:a7:d2:99:19:1e:eb:18:74:9e:d0:05:d3:3f:7b:89:ae:4f:
50:80:ef:dc:69:f3:e2:92:75:81:30:e7:6b:c9:82:6f:42:50:
91:00:27:b4:6d:08:6f:85:fe:aa:ac:7e:2b:4f:97:91:75:f5:
5c:b1:e3:f3:a4:c3:4a:11:18:82:fc:f3:1c:3f:73:cb:77:cb:
03:f9:90:95:42:bc:cc:b2:6a:96:f1:41:85:be:32:38:9b:67:
e9:84:7c:16:67:7c:54:f3:43:f0:7d:29:77:87:70:eb:6d:c5:
f7:7a:44:ac:1b:79:19:5e:bc:d7:bb:38:c7:b0:f6:5f:dc:58:
6a:68:ae:ee:04:f7:04:9b:96:c1:8d:82:a1:a7:d6:b4:fe:f4:
7d:9b:0e:7b:d3:e3:32:d1:ff:d6:f7:f9:5d:dd:bd:6d:0d:c6:
b1:ac:df:e4:d2:44:35:1a:23:47:ef:fe:7f:a6:28:f6:b1:9a:
cb:2d:5c:5f:77:17:7b:9d:fc:8f:13:34:ce:62:b6:6f:6b:b5:
d7:f5:49:53:d3:8a:02:4c:cc:fb:de:25:5e:04:43:71:d9:1e:
73:de:03:f7:94:9b:36:13:9a:80:96:cc:61:25:f0:8a:63:2c:
6b:aa:5c:cd
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAYPxizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2Y4NWMzNmM2OTZkNWRiMmNiYjQ4ZmQ0M2U4MjE3MzdlZTM0MjI3MB4XDTIyMDEw
MTA2MDQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBiOTJkZjkxNmIz
YjczODZjOGM0ZGIyNDhmMWJmOTdiZjA5ODU4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8qLi8HZyzSTWlG4lCnmxg8BGn6sGTme1dWJ2/Q6u+0RtqN
1FqxzVVvUIw5GfZf2qlGyuDiDveHQ4wskDrTIF2TUd58eGf7sl177spl9Mur9G2c
ULsFSGFzOlr4vKBW/QODJwJFgxt779Q64F6sPWlp0QjZF7YJJJBmTWxY8BcjsUcO
tIercIAZY7D1QOvYa2Mlo//cFnTHrdrVWE2ckemXfFh10LfAGnnP2Gu+gL3B6WG8
s8r7U4UsL6ZMEOAARlMV8C2D6Y2WFtVG2k9U0PaHuaDd11i/Tl0S2c/LeTqi4584
XmdQMIv0onIt6ytOhvwjnq0HzkCtmDPKmoX3if8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQwuS35FrO3OGyMTbJI8b+XvwmFgzAfBgNVHSMEGDAWgBTc+Fw2xpbV2yy7
SP1D6CFzfuNCJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNQaGNOc2FXMWRzc3UwajlRLWdoYzM3alFpYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvY2ZiYzYyLTVkNTQtNDMyNy1iMDcyLTBmNTJmODY3MTc4ZC8x
L01Ma3QtUmF6dHpoc2pFMnlTUEdfbDc4SmhZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
Y2ZiYzYyLTVkNTQtNDMyNy1iMDcyLTBmNTJmODY3MTc4ZC8xLzNQaGNOc2FXMWRz
c3UwajlRLWdoYzM3alFpYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArkxwAMEArnT1AMEArn5bDANBgkq
hkiG9w0BAQsFAAOCAQEAPLsyshI/csRBuUnz8i0J2guaCKfSmRke6xh0ntAF0z97
ia5PUIDv3Gnz4pJ1gTDna8mCb0JQkQAntG0Ib4X+qqx+K0+XkXX1XLHj86TDShEY
gvzzHD9zy3fLA/mQlUK8zLJqlvFBhb4yOJtn6YR8Fmd8VPND8H0pd4dw623F93pE
rBt5GV6817s4x7D2X9xYamiu7gT3BJuWwY2CoafWtP70fZsOe9PjMtH/1vf5Xd29
bQ3Gsazf5NJENRojR+/+f6Yo9rGayy1cX3cXe538jxM0zmK2b2u11/VJU9OKAkzM
+94lXgRDcdkec94D95SbNhOagJbMYSXwimMsa6pczQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:33 2024 by rpki-client on console-fra.rpki-client.org