Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/MMSx7trm_LsCg1pwSv0CXBoDYjA.roa
File: MMSx7trm_LsCg1pwSv0CXBoDYjA.roa (raw, json)
Hash identifier: 69M4aUuIukqIw59wtyEbGs2eVIpPI6NOdWvkc3N8ktQ=
Subject key identifier: 30:C4:B1:EE:DA:E6:FC:BB:02:83:5A:70:4A:FD:02:5C:1A:03:62:30
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 04452F5F
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/MMSx7trm_LsCg1pwSv0CXBoDYjA.roa
Signing time: Sat 01 Jan 2022 13:55:20 +0000
ROA not before: Sat 01 Jan 2022 13:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 171.22.60.0/23 maxlen: 23
171.22.62.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71642975 (0x4452f5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 1 13:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30c4b1eedae6fcbb02835a704afd025c1a036230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:bd:2c:4b:d7:15:6a:1e:88:68:68:74:55:
cf:13:f4:2a:42:4d:f6:f1:76:7b:e0:40:aa:31:1f:
a9:c6:b0:47:bd:e6:9c:38:31:7a:cb:01:60:71:f4:
b6:83:67:c3:44:df:0f:7b:96:3c:0a:95:0a:9b:d6:
56:21:ee:c4:03:20:36:c4:42:4b:f2:0a:8f:b4:0c:
da:ff:40:33:9b:af:1d:6e:aa:c2:31:50:4a:4b:17:
98:ec:16:27:23:f5:18:52:3f:f9:cf:12:78:aa:85:
42:9b:7e:f4:61:d9:71:07:f3:45:ba:eb:db:e9:9d:
b8:f8:89:6e:b9:b9:3f:83:48:3d:e7:5e:3b:dc:f5:
92:16:37:51:61:8c:21:46:a0:6c:e0:35:a0:b5:39:
c8:fe:63:2b:92:f2:9e:3a:cd:3a:0b:0a:48:8a:dd:
b6:24:be:3c:5f:42:08:c4:b3:bd:39:60:63:91:54:
08:e6:84:70:20:52:8b:7e:58:dc:2e:fb:8d:92:ab:
9f:a8:9d:71:75:70:6d:6d:9c:a6:84:f7:1c:53:5d:
a2:1f:88:61:cb:5c:97:bc:e6:3e:d2:71:60:8f:5e:
49:8b:e9:3d:8b:71:bd:23:4d:b6:c9:33:c5:eb:63:
c5:d2:0d:c0:f4:91:88:87:a1:31:30:55:03:bd:e9:
6d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C4:B1:EE:DA:E6:FC:BB:02:83:5A:70:4A:FD:02:5C:1A:03:62:30
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/MMSx7trm_LsCg1pwSv0CXBoDYjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.60.0/22
Signature Algorithm: sha256WithRSAEncryption
86:4e:67:0c:d0:83:45:f4:c2:c6:1b:60:6c:28:f7:ec:66:ba:
5e:53:a9:b1:52:6d:32:08:fc:5b:1d:c2:af:3f:75:ed:14:a1:
ea:32:8a:31:1a:4f:58:b1:a2:18:e7:2e:aa:ca:20:5d:38:56:
0e:44:1b:82:40:1f:41:b8:72:b3:b6:c0:02:e3:a2:f4:4e:48:
41:12:40:c0:2e:e0:c6:a0:a7:6c:cb:fe:d0:ec:5f:2e:32:ba:
4c:f4:1d:3b:f5:9a:66:b0:6a:63:94:ef:31:83:bb:0c:d7:de:
2e:65:76:46:47:e0:1d:97:c3:b1:7e:07:48:a4:df:b0:62:94:
8d:4e:14:c3:ce:ec:66:43:50:ce:4b:e1:dc:f9:02:9a:57:b1:
cd:33:7a:24:a3:70:89:cc:77:af:b7:ab:69:5f:94:f6:58:14:
c9:11:29:9d:fe:01:dd:68:68:95:80:37:80:71:a4:70:1b:76:
37:9e:c1:4f:af:24:11:0f:e6:f4:bd:16:f6:2b:3f:12:de:7d:
a4:46:a3:58:cf:0f:45:d3:d9:a6:e9:e5:1c:51:6a:e7:c3:4d:
43:09:62:73:4c:11:98:a8:02:ae:bc:50:68:2e:3e:37:a0:e8:
ec:81:14:d5:24:49:68:79:95:ab:4d:f7:59:ce:1b:01:30:b8:
9c:5c:d5:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBEUvXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTMzZWY0NjExNmZkOWQyMWJmYjUzM2U0NGJkZTUxNzg5MGMyNGRjMB4XDTIyMDEw
MTEzNTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBjNGIxZWVkYWU2
ZmNiYjAyODM1YTcwNGFmZDAyNWMxYTAzNjIzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8VvSxL1xVqHohoaHRVzxP0KkJN9vF2e+BAqjEfqcawR73m
nDgxessBYHH0toNnw0TfD3uWPAqVCpvWViHuxAMgNsRCS/IKj7QM2v9AM5uvHW6q
wjFQSksXmOwWJyP1GFI/+c8SeKqFQpt+9GHZcQfzRbrr2+mduPiJbrm5P4NIPede
O9z1khY3UWGMIUagbOA1oLU5yP5jK5LynjrNOgsKSIrdtiS+PF9CCMSzvTlgY5FU
COaEcCBSi35Y3C77jZKrn6idcXVwbW2cpoT3HFNdoh+IYctcl7zmPtJxYI9eSYvp
PYtxvSNNtskzxetjxdINwPSRiIehMTBVA73pbcECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwxLHu2ub8uwKDWnBK/QJcGgNiMDAfBgNVHSMEGDAWgBSFM+9GEW/Z0hv7
Uz5EveUXiQwk3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hUUHZSaEZ2MmRJYi0xTS1STDNsRjRrTUpOdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8x
L01NU3g3dHJtX0xzQ2cxcHdTdjBDWEJvRFlqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
ZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8xL2hUUHZSaEZ2MmRJ
Yi0xTS1STDNsRjRrTUpOdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqsWPDANBgkqhkiG9w0BAQsFAAOC
AQEAhk5nDNCDRfTCxhtgbCj37Ga6XlOpsVJtMgj8Wx3Crz917RSh6jKKMRpPWLGi
GOcuqsogXThWDkQbgkAfQbhys7bAAuOi9E5IQRJAwC7gxqCnbMv+0OxfLjK6TPQd
O/WaZrBqY5TvMYO7DNfeLmV2RkfgHZfDsX4HSKTfsGKUjU4Uw87sZkNQzkvh3PkC
mlexzTN6JKNwicx3r7eraV+U9lgUyREpnf4B3WholYA3gHGkcBt2N57BT68kEQ/m
9L0W9is/Et59pEajWM8PRdPZpunlHFFq58NNQwlic0wRmKgCrrxQaC4+N6Do7IEU
1SRJaHmVq033Wc4bATC4nFzVWg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:45 2023 by rpki-client on console-ams.rpki-client.org