Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/mrKrhBKhQNeg1bjlt4OeCvmik4U.roa
File: mrKrhBKhQNeg1bjlt4OeCvmik4U.roa (raw, json)
Hash identifier: Tp+hs085kMB2F+TCKwmyzFsrLSPk2BtdTx5YYk38trk=
Subject key identifier: 9A:B2:AB:84:12:A1:40:D7:A0:D5:B8:E5:B7:83:9E:0A:F9:A2:93:85
Certificate issuer: /CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Certificate serial: 01842D3C83BEABDD53C331928F93656A9058
Authority key identifier: 02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/mrKrhBKhQNeg1bjlt4OeCvmik4U.roa
Signing time: Mon 31 Oct 2022 08:50:51 +0000
ROA not before: Mon 31 Oct 2022 08:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56995
IP address blocks: 176.58.64.0/20 maxlen: 20
176.58.64.0/24 maxlen: 24
176.58.66.0/23 maxlen: 23
185.6.16.0/22 maxlen: 22
176.58.68.0/22 maxlen: 22
176.58.76.0/22 maxlen: 22
176.58.72.0/22 maxlen: 22
2a03:c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:3c:83:be:ab:dd:53:c3:31:92:8f:93:65:6a:90:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Validity
Not Before: Oct 31 08:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ab2ab8412a140d7a0d5b8e5b7839e0af9a29385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9d:13:e5:c1:73:39:37:27:50:e8:e2:0d:51:
22:6f:f9:59:65:19:c3:7a:90:1c:0f:6c:b7:4c:af:
5d:9e:e5:2d:5a:44:a6:bd:4a:8b:16:30:ae:ab:89:
ad:9a:09:b0:75:b1:8d:79:fb:5a:0b:cc:40:f9:6c:
1d:67:15:d9:06:69:43:f9:e7:40:00:8e:08:4d:8c:
56:ec:88:8e:08:04:69:7e:c0:52:06:e7:8e:34:5a:
e1:31:8b:10:97:22:75:be:e7:1f:fa:99:e4:0a:30:
93:90:4b:b4:b7:d3:8d:2f:61:25:8a:a9:c6:2a:c1:
8c:03:fd:d1:77:99:16:c6:47:10:0f:91:38:36:43:
92:c2:84:6b:36:62:47:83:db:c6:bc:11:e9:00:1f:
b9:13:61:6e:df:4e:d1:2b:b3:27:fe:a1:c1:02:2b:
e7:1b:12:8e:04:c9:8e:bc:aa:f3:e8:ca:08:67:7f:
20:f4:f1:d7:b4:54:26:1d:66:0a:a1:bf:23:74:b8:
3d:7d:2b:8a:f7:fc:c6:b5:9e:be:69:b0:82:a6:7e:
bf:56:12:27:32:17:0a:81:ee:ea:f6:17:3f:eb:0a:
3e:c0:26:24:68:c5:3c:92:38:d3:df:14:ff:d4:cd:
7e:68:23:07:6e:42:43:65:b0:c5:5f:df:2f:f5:59:
bb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B2:AB:84:12:A1:40:D7:A0:D5:B8:E5:B7:83:9E:0A:F9:A2:93:85
X509v3 Authority Key Identifier:
keyid:02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/mrKrhBKhQNeg1bjlt4OeCvmik4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Anes0RLxxsgzvsIvi1PMcNI5CHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.64.0/20
185.6.16.0/22
IPv6:
2a03:c40::/32
Signature Algorithm: sha256WithRSAEncryption
10:1c:f7:ab:3d:27:eb:75:cf:60:b9:d0:69:1b:72:86:92:2c:
a6:29:b5:c2:fe:39:53:f0:a0:4d:b4:b9:1a:93:c8:67:56:42:
de:71:c8:3d:71:bd:77:9a:02:28:58:90:16:07:1a:38:3c:e1:
24:b0:8b:0e:7e:d9:d5:c4:47:39:d7:0f:96:ae:10:f5:60:ae:
74:00:cc:11:96:92:0c:92:90:c1:c8:1f:8d:07:ab:a6:bb:17:
a6:8c:44:0a:29:ed:b8:c3:ea:66:be:d6:cc:c3:65:b4:5f:96:
03:8a:b4:f1:e4:56:43:92:77:88:7e:b1:19:b8:55:bd:bd:9f:
ba:01:90:46:75:1a:e9:8c:b6:d1:2a:c2:0d:03:e2:3b:4d:f1:
12:47:d7:ad:9b:c3:39:15:17:27:3a:7b:d9:eb:c8:b6:c3:05:
38:25:10:dd:2c:ac:59:5e:7f:be:25:c3:73:ea:21:e5:24:44:
7b:4e:47:47:01:6b:3a:e6:b5:ee:b4:ce:c6:6d:d9:98:0f:de:
b3:85:20:59:4a:fb:7b:cb:c3:56:13:11:43:cb:52:18:6c:ad:
e4:6b:7d:e6:db:77:94:43:f1:72:b2:34:74:ae:ac:58:c7:fa:
13:d9:bf:b3:16:ad:11:15:84:5c:5f:a8:3e:6e:d3:0d:f6:03:
3e:66:f2:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQtPIO+q91TwzGSj5NlapBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzdhY2QxMTJmMWM2YzgzM2JlYzIyZjhiNTNjYzcwZDIz
OTA4NzYwHhcNMjIxMDMxMDg1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWIyYWI4NDEyYTE0MGQ3YTBkNWI4ZTViNzgzOWUwYWY5YTI5Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx50T5cFzOTcnUOjiDVEib/lZZRnD
epAcD2y3TK9dnuUtWkSmvUqLFjCuq4mtmgmwdbGNeftaC8xA+WwdZxXZBmlD+edA
AI4ITYxW7IiOCARpfsBSBueONFrhMYsQlyJ1vucf+pnkCjCTkEu0t9ONL2EliqnG
KsGMA/3Rd5kWxkcQD5E4NkOSwoRrNmJHg9vGvBHpAB+5E2Fu307RK7Mn/qHBAivn
GxKOBMmOvKrz6MoIZ38g9PHXtFQmHWYKob8jdLg9fSuK9/zGtZ6+abCCpn6/VhIn
MhcKge7q9hc/6wo+wCYkaMU8kjjT3xT/1M1+aCMHbkJDZbDFX98v9Vm7AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJqyq4QSoUDXoNW45beDngr5opOFMB8GA1UdIwQY
MBaAFAJ3rNES8cbIM77CL4tTzHDSOQh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQt
ZDk2NTU5ODc4NzRhLzEvbXJLcmhCS2hRTmVnMWJqbHQ0T2VDdm1pazRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQtZDk2NTU5ODc4NzRh
LzEvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsDpAAwQC
uQYQMA0EAgACMAcDBQAqAwxAMA0GCSqGSIb3DQEBCwUAA4IBAQAQHPerPSfrdc9g
udBpG3KGkiymKbXC/jlT8KBNtLkak8hnVkLeccg9cb13mgIoWJAWBxo4POEksIsO
ftnVxEc51w+WrhD1YK50AMwRlpIMkpDByB+NB6umuxemjEQKKe24w+pmvtbMw2W0
X5YDirTx5FZDkneIfrEZuFW9vZ+6AZBGdRrpjLbRKsINA+I7TfESR9etm8M5FRcn
OnvZ68i2wwU4JRDdLKxZXn++JcNz6iHlJER7TkdHAWs65rXutM7GbdmYD96zhSBZ
Svt7y8NWExFDy1IYbK3ka33m23eUQ/FysjR0rqxYx/oT2b+zFq0RFYRcX6g+btMN
9gM+ZvL7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:34 2024 by rpki-client on console-ams.rpki-client.org