Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/MEzDr59cKa3mHD6tU7egawjYPVk.roa
File: MEzDr59cKa3mHD6tU7egawjYPVk.roa (raw, json)
Hash identifier: 8STth5mD7EbvenCLBUCVCO3iqxrxL9H1dqS2niuCKs4=
Subject key identifier: 30:4C:C3:AF:9F:5C:29:AD:E6:1C:3E:AD:53:B7:A0:6B:08:D8:3D:59
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 050DE375
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/MEzDr59cKa3mHD6tU7egawjYPVk.roa
Signing time: Sat 01 Jan 2022 12:03:26 +0000
ROA not before: Sat 01 Jan 2022 12:03:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4455
IP address blocks: 194.126.217.0/24 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84796277 (0x50de375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 1 12:03:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=304cc3af9f5c29ade61c3ead53b7a06b08d83d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:8f:ca:a0:ac:e8:d2:fc:4b:b7:fc:30:e0:
96:8f:b6:25:b1:82:10:49:c2:32:4e:fa:ae:6e:8f:
7e:30:b2:35:f4:de:41:77:2c:76:72:bc:fa:16:75:
c6:f6:dc:ec:2a:8c:42:03:1c:7d:6e:cc:ad:de:b4:
34:28:48:2c:83:9c:cc:e8:2f:79:af:9f:9a:cb:a1:
ba:13:e3:b9:47:56:9a:16:43:fd:41:44:bb:2b:2d:
54:bb:71:9e:f8:17:b4:7a:70:6f:43:2f:74:e1:57:
5f:30:55:be:de:11:f3:6b:55:f2:e2:5b:6b:9d:7e:
1e:49:bf:13:77:93:10:ad:25:f2:f1:9c:d2:93:0f:
72:4f:2f:88:fa:1e:69:b7:4d:c6:84:ce:3b:f4:a5:
a7:05:71:62:69:25:07:33:a6:02:10:69:9f:9f:ef:
08:07:71:8a:01:02:75:2f:f9:90:59:9b:d1:c4:d7:
b6:3c:ff:6e:90:5b:37:c7:32:d5:08:88:b3:07:0e:
b6:89:e6:b0:a4:d6:73:6c:be:09:24:6a:f0:d4:8f:
12:cb:cf:fc:63:90:97:92:21:0f:40:78:85:12:68:
51:03:1d:bf:a4:ed:82:56:3a:99:3e:41:03:45:80:
d8:36:6a:33:5d:b4:9d:b1:c0:eb:eb:ed:44:81:63:
d5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4C:C3:AF:9F:5C:29:AD:E6:1C:3E:AD:53:B7:A0:6B:08:D8:3D:59
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/MEzDr59cKa3mHD6tU7egawjYPVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.16.0/21
89.30.0.0/17
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
6f:f1:35:a5:39:c8:eb:d1:46:38:a1:15:09:5f:37:90:e6:2b:
4d:22:24:8f:98:5c:9e:aa:85:c6:75:97:2e:5f:cf:5d:04:a9:
77:95:cb:ca:69:64:cc:10:45:dd:cc:6c:f4:78:0f:a1:5e:80:
9b:5f:58:af:3f:64:5a:db:b8:c6:20:e8:1d:79:a7:b6:7b:2f:
1b:25:ae:31:50:5a:3b:30:5e:b7:4b:1f:68:9d:4b:ed:f9:64:
8f:39:23:7b:6a:5c:ea:84:c1:c8:d0:3a:f6:9d:b8:23:07:d5:
56:87:3a:14:65:14:57:d2:2a:d2:3d:0b:a1:b3:ba:c9:f0:d8:
cd:c6:4a:dd:3b:2d:ba:13:67:51:7f:72:27:1c:b2:e2:79:9d:
54:4c:f8:82:3d:a5:d5:04:f7:76:6d:52:c6:dc:51:5b:34:16:
18:9d:a4:94:dd:67:6b:4a:6c:0f:39:0a:71:92:4f:ac:d3:c2:
c8:cd:cf:b4:7e:bb:a8:dc:e7:ac:0c:24:03:d6:61:b7:d2:32:
66:93:72:eb:f1:5c:5b:d3:75:b5:6c:1e:c3:77:4d:15:16:0b:
c7:d1:c7:c2:49:7c:6a:29:04:88:50:ee:bd:8e:04:53:f2:5e:
fd:a7:67:f1:48:2a:ff:6f:20:95:6a:38:5e:7f:48:7c:22:a8:
e2:c6:41:3b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBQ3jdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTQwMGFjMjM5NmFlMjI4ZDJiMmU1NmY0YjA2NzM5OTY5Mzc5ZTQ0MB4XDTIyMDEw
MTEyMDMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA0Y2MzYWY5ZjVj
MjlhZGU2MWMzZWFkNTNiN2EwNmIwOGQ4M2Q1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVKj8qgrOjS/Eu3/DDglo+2JbGCEEnCMk76rm6PfjCyNfTe
QXcsdnK8+hZ1xvbc7CqMQgMcfW7Mrd60NChILIOczOgvea+fmsuhuhPjuUdWmhZD
/UFEuystVLtxnvgXtHpwb0MvdOFXXzBVvt4R82tV8uJba51+Hkm/E3eTEK0l8vGc
0pMPck8viPoeabdNxoTOO/SlpwVxYmklBzOmAhBpn5/vCAdxigECdS/5kFmb0cTX
tjz/bpBbN8cy1QiIswcOtonmsKTWc2y+CSRq8NSPEsvP/GOQl5IhD0B4hRJoUQMd
v6TtglY6mT5BA0WA2DZqM120nbHA6+vtRIFj1bkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQwTMOvn1wpreYcPq1Tt6BrCNg9WTAfBgNVHSMEGDAWgBReQArCOWriKNKy
5W9LBnOZaTeeRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hrQUt3amxxNGlqU3N1VnZTd1p6bVdrM25rUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8x
L01FekRyNTljS2EzbUhENnRVN2VnYXdqWVBWay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
ZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8xL1hrQUt3amxxNGlq
U3N1VnZTd1p6bVdrM25rUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1PzEAMEB1keAAMEAMJ+2TANBAIA
AjAHAwUAKgGCADANBgkqhkiG9w0BAQsFAAOCAQEAb/E1pTnI69FGOKEVCV83kOYr
TSIkj5hcnqqFxnWXLl/PXQSpd5XLymlkzBBF3cxs9HgPoV6Am19Yrz9kWtu4xiDo
HXmntnsvGyWuMVBaOzBet0sfaJ1L7flkjzkje2pc6oTByNA69p24IwfVVoc6FGUU
V9Iq0j0LobO6yfDYzcZK3TstuhNnUX9yJxyy4nmdVEz4gj2l1QT3dm1SxtxRWzQW
GJ2klN1na0psDzkKcZJPrNPCyM3PtH67qNznrAwkA9Zht9IyZpNy6/FcW9N1tWwe
w3dNFRYLx9HHwkl8aikEiFDuvY4EU/Je/adn8Ugq/28glWo4Xn9IfCKo4sZBOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:45 2024 by rpki-client on console-ams.rpki-client.org