Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MFulJplBs5zFl3f7KSKRUIrC0Vk.roa
File: MFulJplBs5zFl3f7KSKRUIrC0Vk.roa (raw, json)
Hash identifier: utbkLERmr0lEKRI1MlkC12etuyG0zVcymo1usOQjlF4=
Subject key identifier: 30:5B:A5:26:99:41:B3:9C:C5:97:77:FB:29:22:91:50:8A:C2:D1:59
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01850FF8B1329740705EF58927D8F12E2358
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MFulJplBs5zFl3f7KSKRUIrC0Vk.roa
Signing time: Wed 14 Dec 2022 09:30:34 +0000
ROA not before: Wed 14 Dec 2022 09:30:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 62.76.231.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:f8:b1:32:97:40:70:5e:f5:89:27:d8:f1:2e:23:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 14 09:30:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=305ba5269941b39cc59777fb292291508ac2d159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:37:56:09:23:d8:b4:40:c2:a3:5d:a3:4a:64:
c5:e6:67:ec:f7:ff:22:79:63:da:79:ff:03:42:61:
ba:99:48:e6:55:85:9a:b0:63:e2:2f:fb:71:49:ad:
84:a2:ae:8e:81:97:bc:33:7b:46:b9:b7:f7:14:3e:
85:39:6c:41:d6:79:7a:bb:ef:5f:c2:18:b1:02:ba:
b7:00:2f:b2:de:5a:60:14:71:20:c0:de:39:47:e1:
2b:70:7d:f2:1b:57:2e:91:64:c4:58:85:d4:f0:9d:
42:65:06:11:28:8a:83:2e:be:fc:2f:61:4a:e0:df:
47:e7:3b:cc:df:01:1c:5e:d9:c4:58:52:f4:29:a3:
f9:f5:07:79:8f:23:81:26:14:ba:22:d9:dc:0d:65:
27:d2:08:ca:ee:ca:e5:ff:ca:57:14:2c:f3:ab:b7:
48:eb:00:9d:63:d1:11:c2:5a:49:4e:4b:c4:2c:c2:
81:c9:2b:98:c2:79:1c:34:75:a2:0d:67:aa:00:50:
18:74:bd:81:60:23:eb:c0:a4:a0:60:88:c0:c6:c7:
39:e2:ae:10:88:7e:7d:a1:af:92:c4:03:52:78:81:
63:5d:45:95:7c:b0:1a:8e:4c:b7:3c:b5:c2:c3:fe:
14:62:0c:47:45:a9:3f:5b:1e:2d:06:1d:ae:27:61:
00:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:5B:A5:26:99:41:B3:9C:C5:97:77:FB:29:22:91:50:8A:C2:D1:59
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MFulJplBs5zFl3f7KSKRUIrC0Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
194.87.26.0/24
194.87.115.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e1:b2:25:1e:1f:16:53:db:14:c2:78:fc:81:41:42:be:92:
5b:a0:d0:3a:51:bf:a4:0d:bd:f8:f6:96:0e:0e:bb:29:c5:27:
9e:89:9c:e2:0c:57:ea:7b:74:b2:77:7b:16:b8:9e:4e:c8:de:
4b:a6:92:97:57:a9:f7:49:8c:45:0e:a3:93:cc:a7:48:c1:e6:
06:bc:21:3e:d5:fe:bc:a9:f2:3a:45:16:ab:ba:c8:93:17:9e:
8f:f2:62:d6:4f:69:e9:a2:ec:a8:2e:3d:ef:c7:f2:bc:b4:78:
ae:16:f5:db:0e:4d:21:d1:51:b9:e4:f3:00:d6:58:7c:83:cc:
4b:4d:d8:ac:46:23:eb:7e:16:3c:8c:08:9d:62:f4:8a:57:62:
3b:cc:b7:21:8d:ae:16:ab:f7:bd:19:d1:79:2f:4b:b3:54:79:
36:62:e1:cb:77:f1:16:cf:b8:d2:16:f9:27:ff:ae:e7:ae:4e:
81:12:d9:60:44:58:b0:f9:0e:2e:ed:5b:54:c6:cc:df:f9:20:
6d:ac:10:5f:b3:aa:05:a8:6c:13:52:46:5d:e6:d9:5c:00:f8:
b5:8a:10:f8:d0:17:49:a3:4a:44:83:00:26:6f:19:7c:3d:7b:
1d:b5:4d:05:f2:f8:eb:51:bd:cc:74:36:dc:bc:1c:0e:13:27:
f2:5f:d9:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUP+LEyl0BwXvWJJ9jxLiNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE0MDkzMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDViYTUyNjk5NDFiMzljYzU5Nzc3ZmIyOTIyOTE1MDhhYzJkMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzdWCSPYtEDCo12jSmTF5mfs9/8i
eWPaef8DQmG6mUjmVYWasGPiL/txSa2Eoq6OgZe8M3tGubf3FD6FOWxB1nl6u+9f
whixArq3AC+y3lpgFHEgwN45R+ErcH3yG1cukWTEWIXU8J1CZQYRKIqDLr78L2FK
4N9H5zvM3wEcXtnEWFL0KaP59Qd5jyOBJhS6ItncDWUn0gjK7srl/8pXFCzzq7dI
6wCdY9ERwlpJTkvELMKBySuYwnkcNHWiDWeqAFAYdL2BYCPrwKSgYIjAxsc54q4Q
iH59oa+SxANSeIFjXUWVfLAajky3PLXCw/4UYgxHRak/Wx4tBh2uJ2EAsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDBbpSaZQbOcxZd3+ykikVCKwtFZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUZ1bEpwbEJzNXpGbDNmN0tTS1JVSXJDMFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPkznAwQA
wlcaAwQAwldzMA0GCSqGSIb3DQEBCwUAA4IBAQBk4bIlHh8WU9sUwnj8gUFCvpJb
oNA6Ub+kDb349pYODrspxSeeiZziDFfqe3Syd3sWuJ5OyN5LppKXV6n3SYxFDqOT
zKdIweYGvCE+1f68qfI6RRarusiTF56P8mLWT2npouyoLj3vx/K8tHiuFvXbDk0h
0VG55PMA1lh8g8xLTdisRiPrfhY8jAidYvSKV2I7zLchja4Wq/e9GdF5L0uzVHk2
YuHLd/EWz7jSFvkn/67nrk6BEtlgRFiw+Q4u7VtUxszf+SBtrBBfs6oFqGwTUkZd
5tlcAPi1ihD40BdJo0pEgwAmbxl8PXsdtU0F8vjrUb3MdDbcvBwOEyfyX9nn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org