Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/ms4RZchBc4Az5ctdvJXIPWgOfBI.roa
File: ms4RZchBc4Az5ctdvJXIPWgOfBI.roa (raw, json)
Hash identifier: MNr9dPExZMGiJ2GDZRg0hN6wB4bI95Lewv9Bj6lmEEE=
Subject key identifier: 9A:CE:11:65:C8:41:73:80:33:E5:CB:5D:BC:95:C8:3D:68:0E:7C:12
Certificate issuer: /CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Certificate serial: 34B1822D
Authority key identifier: 21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/ms4RZchBc4Az5ctdvJXIPWgOfBI.roa
Signing time: Sat 01 Jan 2022 07:04:09 +0000
ROA not before: Sat 01 Jan 2022 07:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13302
IP address blocks: 185.166.16.0/22 maxlen: 22
185.166.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884048429 (0x34b1822d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Validity
Not Before: Jan 1 07:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ace1165c841738033e5cb5dbc95c83d680e7c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:0b:9c:cb:80:09:7e:a7:7f:b6:61:e4:48:
9e:cb:4a:ee:5f:cc:9d:d2:20:33:29:63:73:31:f1:
02:16:63:9b:9e:7c:57:30:42:ef:54:4c:9a:98:39:
f6:72:1d:ab:20:8d:80:84:51:f5:09:25:0e:ff:b6:
55:77:38:b6:fa:32:9a:8e:20:8e:89:d6:8e:27:29:
99:36:c0:08:6c:3a:27:15:e7:5c:8a:a9:4a:2e:47:
d7:09:d7:2d:85:0b:3e:b3:66:83:78:f3:70:74:6f:
cf:34:bb:df:b5:ce:e8:6c:2f:83:40:91:3c:b4:43:
63:a9:31:5f:74:33:95:75:69:d1:d9:01:05:38:a8:
61:0b:c2:80:5c:26:38:c8:63:1a:71:87:d2:d4:e0:
55:96:e1:28:8b:65:d4:53:85:ad:ef:37:2f:14:c0:
54:07:db:5b:ae:59:93:86:3e:c6:d9:de:f7:ab:60:
04:f0:a7:da:05:13:4a:16:22:4d:3b:6e:6e:06:c3:
ba:e9:fe:ba:10:31:03:62:6e:cd:f6:54:c3:4d:56:
d6:80:98:e6:1f:6c:ef:fa:d7:c4:07:31:04:3a:6e:
7e:37:6f:7f:86:3c:88:e1:f6:d3:ef:5b:67:de:2a:
37:4e:5f:d3:6f:87:b7:97:1c:7d:66:e4:9b:71:4a:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CE:11:65:C8:41:73:80:33:E5:CB:5D:BC:95:C8:3D:68:0E:7C:12
X509v3 Authority Key Identifier:
keyid:21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/ms4RZchBc4Az5ctdvJXIPWgOfBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/Ib-nezzXgpM-XyVURdQorfvcoOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.16.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:0c:a9:45:84:47:23:cb:ab:41:fa:04:44:e6:00:7d:35:4f:
2f:63:b0:e0:2d:a7:b5:e7:a6:54:7d:97:0b:05:70:0d:56:50:
8f:dc:19:f6:4c:05:83:e3:0f:02:7f:af:09:30:84:6e:df:84:
db:5d:e4:55:71:7c:73:aa:33:29:f6:ee:c8:6e:ed:27:bf:c5:
77:db:7e:2d:ce:a0:2d:ac:60:22:4b:17:92:b5:72:a8:7e:4c:
29:49:27:ee:dd:b7:eb:0e:6d:a8:51:7a:e0:f9:1e:f4:af:02:
59:e3:f5:67:40:64:74:76:35:15:ee:97:11:55:f1:90:c1:eb:
cc:5e:7a:4b:dd:eb:af:b2:27:09:d2:92:17:34:d1:f3:e8:ae:
e5:25:f8:94:97:1c:11:f0:fd:37:29:35:63:d5:f3:32:db:33:
9f:29:3c:3a:64:67:7b:ca:04:1f:e3:4f:1a:93:1e:e3:b6:1c:
8f:e8:27:b4:3a:2e:5f:da:20:5c:37:e6:f1:26:67:c5:6a:f5:
44:83:19:12:ce:fa:65:18:6d:30:02:e6:41:e6:e4:18:2b:bb:
93:11:ba:dc:11:cf:de:16:c6:b5:ae:58:c2:e7:c5:b6:bb:94:
79:83:f7:ef:c1:28:4b:15:48:e1:a1:29:0b:a9:6e:c6:a1:9f:
ce:b9:84:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENLGCLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWJmYTc3YjNjZDc4MjkzM2U1ZjI1NTQ0NWQ0MjhhZGZiZGNhMGUxMB4XDTIyMDEw
MTA3MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFjZTExNjVjODQx
NzM4MDMzZTVjYjVkYmM5NWM4M2Q2ODBlN2MxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANC3C5zLgAl+p3+2YeRInstK7l/MndIgMyljczHxAhZjm558
VzBC71RMmpg59nIdqyCNgIRR9QklDv+2VXc4tvoymo4gjonWjicpmTbACGw6JxXn
XIqpSi5H1wnXLYULPrNmg3jzcHRvzzS737XO6Gwvg0CRPLRDY6kxX3QzlXVp0dkB
BTioYQvCgFwmOMhjGnGH0tTgVZbhKItl1FOFre83LxTAVAfbW65Zk4Y+xtne96tg
BPCn2gUTShYiTTtubgbDuun+uhAxA2JuzfZUw01W1oCY5h9s7/rXxAcxBDpufjdv
f4Y8iOH20+9bZ94qN05f02+Ht5ccfWbkm3FKi9ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSazhFlyEFzgDPly128lcg9aA58EjAfBgNVHSMEGDAWgBQhv6d7PNeCkz5f
JVRF1Cit+9yg4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0liLW5lenpYZ3BNLVh5VlVSZFFvcmZ2Y29PRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvOWM3YWZmLWQ4M2UtNGY1MS05Yjk2LTU0ODRjMzliMmQ0ZS8x
L21zNFJaY2hCYzRBejVjdGR2SlhJUFdnT2ZCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
OWM3YWZmLWQ4M2UtNGY1MS05Yjk2LTU0ODRjMzliMmQ0ZS8xL0liLW5lenpYZ3BN
LVh5VlVSZFFvcmZ2Y29PRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmmEDANBgkqhkiG9w0BAQsFAAOC
AQEAqgypRYRHI8urQfoEROYAfTVPL2Ow4C2nteemVH2XCwVwDVZQj9wZ9kwFg+MP
An+vCTCEbt+E213kVXF8c6ozKfbuyG7tJ7/Fd9t+Lc6gLaxgIksXkrVyqH5MKUkn
7t236w5tqFF64Pke9K8CWeP1Z0BkdHY1Fe6XEVXxkMHrzF56S93rr7InCdKSFzTR
8+iu5SX4lJccEfD9Nyk1Y9XzMtsznyk8OmRne8oEH+NPGpMe47Ycj+gntDouX9og
XDfm8SZnxWr1RIMZEs76ZRhtMALmQebkGCu7kxG63BHP3hbGta5YwufFtruUeYP3
78EoSxVI4aEpC6luxqGfzrmENg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:14 2023 by rpki-client on console-fra.rpki-client.org