Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/mQDHvUtI9ZyYbMvV_P0zhMrzBiY.roa
File: mQDHvUtI9ZyYbMvV_P0zhMrzBiY.roa (raw, json)
Hash identifier: ItAeBuiz66DiBGKVqweOO52BMGF+2lbZUTR72MFkv2c=
Subject key identifier: 99:00:C7:BD:4B:48:F5:9C:98:6C:CB:D5:FC:FD:33:84:CA:F3:06:26
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 0183F5BC7696E61A4F10AB1A2740C44F792A
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/mQDHvUtI9ZyYbMvV_P0zhMrzBiY.roa
Signing time: Thu 20 Oct 2022 14:11:52 +0000
ROA not before: Thu 20 Oct 2022 14:11:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197991
IP address blocks: 149.126.32.0/20 maxlen: 24
178.132.58.0/23 maxlen: 24
178.132.60.0/22 maxlen: 24
5.144.144.0/21 maxlen: 24
2a0d:a5c0::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:bc:76:96:e6:1a:4f:10:ab:1a:27:40:c4:4f:79:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Oct 20 14:11:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9900c7bd4b48f59c986ccbd5fcfd3384caf30626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:c2:2e:3d:33:a0:f3:20:06:d5:5f:9b:7e:
cf:a3:25:67:1b:f8:75:c9:19:b6:4a:b7:92:60:34:
64:bc:cb:0b:e5:66:f0:fa:2f:fe:7a:94:9f:9f:03:
44:11:1d:43:08:f8:74:5e:06:73:a0:cc:f8:4a:78:
c4:89:84:a7:00:85:ad:5f:75:e3:4e:49:4e:7a:ee:
56:e5:6b:fc:fc:5b:4a:04:b6:cc:87:15:3b:06:35:
d9:bf:2b:52:cd:cb:ad:5d:65:95:2c:f8:8f:8d:94:
7f:01:0e:90:87:c3:39:59:8f:20:c2:ee:30:30:02:
7c:61:47:1e:64:a3:18:f2:1f:90:b0:7f:c3:64:41:
b8:e0:a8:4f:32:7e:e2:6d:a8:36:a9:56:37:09:00:
b8:76:42:31:28:01:b3:00:7b:8b:c1:41:2d:02:50:
0c:f2:60:8e:ef:1b:36:48:45:46:bf:52:6d:6d:5c:
b9:f3:4d:e9:41:25:36:e9:10:05:15:48:fc:4a:d3:
08:cc:41:2b:d8:e4:b3:8e:f8:4e:bb:b1:d3:fd:aa:
96:8a:6e:99:72:66:7e:61:67:4e:6b:a8:5b:2b:1a:
51:24:d5:ea:ef:49:ed:c3:10:9f:b5:1b:69:7f:7c:
c1:8d:f7:b6:c7:1c:cc:02:45:27:4d:f6:6f:5d:ff:
ce:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:00:C7:BD:4B:48:F5:9C:98:6C:CB:D5:FC:FD:33:84:CA:F3:06:26
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/mQDHvUtI9ZyYbMvV_P0zhMrzBiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.144.0/21
149.126.32.0/20
178.132.58.0-178.132.63.255
IPv6:
2a0d:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:2e:c2:76:dc:9e:a8:07:12:7a:0b:4c:79:4c:24:ba:81:4c:
b8:67:12:b9:32:bc:78:7a:c1:f9:6e:72:44:a6:d1:ee:25:81:
d0:ca:bd:cb:8b:0e:b1:92:f7:7a:2d:c0:a1:59:05:f2:d7:85:
b6:09:11:8d:cd:84:77:90:bf:58:91:b6:37:11:c1:cf:21:f1:
82:81:f9:65:68:41:26:22:65:65:db:f2:f4:db:89:16:17:46:
2f:84:6b:6d:ed:da:11:93:80:0a:b3:ea:28:ba:07:ae:c7:26:
34:f7:68:e4:30:d4:80:45:49:37:f6:67:f1:79:e2:68:d1:d0:
ac:06:f1:7d:15:08:76:ab:3f:a9:8e:20:8a:d3:46:fe:a0:32:
f2:f5:14:66:84:96:58:10:3a:21:f1:ea:c6:92:25:22:44:f2:
e4:d4:85:20:08:65:55:a0:8a:85:9f:86:79:64:cb:ca:bc:c7:
86:21:eb:45:6d:30:e4:0d:b1:2e:35:d0:ab:f7:7b:bc:0b:80:
99:03:68:7a:58:a6:29:75:66:0b:97:b5:6a:ea:43:e6:11:14:
71:f5:3a:4a:06:ae:47:d1:e4:62:9b:e1:8d:ef:0e:ef:0c:8e:
05:ee:f6:d1:d4:fa:a8:53:8e:1e:33:2a:15:ba:11:ec:64:8b:
dd:37:17:c0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYP1vHaW5hpPEKsaJ0DET3kqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjIxMDIwMTQxMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAwYzdiZDRiNDhmNTljOTg2Y2NiZDVmY2ZkMzM4NGNhZjMwNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4bCLj0zoPMgBtVfm37PoyVnG/h1
yRm2SreSYDRkvMsL5Wbw+i/+epSfnwNEER1DCPh0XgZzoMz4SnjEiYSnAIWtX3Xj
TklOeu5W5Wv8/FtKBLbMhxU7BjXZvytSzcutXWWVLPiPjZR/AQ6Qh8M5WY8gwu4w
MAJ8YUceZKMY8h+QsH/DZEG44KhPMn7ibag2qVY3CQC4dkIxKAGzAHuLwUEtAlAM
8mCO7xs2SEVGv1JtbVy5803pQSU26RAFFUj8StMIzEEr2OSzjvhOu7HT/aqWim6Z
cmZ+YWdOa6hbKxpRJNXq70ntwxCftRtpf3zBjfe2xxzMAkUnTfZvXf/O9wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJkAx71LSPWcmGzL1fz9M4TK8wYmMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvbVFESHZVdEk5WnlZYk12Vl9QMHpoTXJ6QmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDBZCQAwQE
lX4gMAwDBAGyhDoDBAayhAAwDQQCAAIwBwMFAyoNpcAwDQYJKoZIhvcNAQELBQAD
ggEBAG4uwnbcnqgHEnoLTHlMJLqBTLhnErkyvHh6wfluckSm0e4lgdDKvcuLDrGS
93otwKFZBfLXhbYJEY3NhHeQv1iRtjcRwc8h8YKB+WVoQSYiZWXb8vTbiRYXRi+E
a23t2hGTgAqz6ii6B67HJjT3aOQw1IBFSTf2Z/F54mjR0KwG8X0VCHarP6mOIIrT
Rv6gMvL1FGaEllgQOiHx6saSJSJE8uTUhSAIZVWgioWfhnlky8q8x4Yh60VtMOQN
sS410Kv3e7wLgJkDaHpYpil1ZguXtWrqQ+YRFHH1OkoGrkfR5GKb4Y3vDu8MjgXu
9tHU+qhTjh4zKhW6Eexki903F8A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:55 2023 by rpki-client on console-fra.rpki-client.org