Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/MGUmCukocu-6oIDcJR0mOMM-avo.roa
File: MGUmCukocu-6oIDcJR0mOMM-avo.roa (raw, json)
Hash identifier: DVV9d7wgxfLzIK/bV+NhpuMloOjU5UGJEAx1e2ldknQ=
Subject key identifier: 30:65:26:0A:E9:28:72:EF:BA:A0:80:DC:25:1D:26:38:C3:3E:6A:FA
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 441AD8
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/MGUmCukocu-6oIDcJR0mOMM-avo.roa
Signing time: Sat 01 Jan 2022 01:51:45 +0000
ROA not before: Sat 01 Jan 2022 01:51:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201986
IP address blocks: 194.61.88.0/22 maxlen: 24
109.68.127.0/24 maxlen: 24
185.57.68.0/22 maxlen: 22
2a02:5960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4463320 (0x441ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 1 01:51:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3065260ae92872efbaa080dc251d2638c33e6afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ff:96:20:82:8c:13:3a:33:58:e5:d4:0f:01:18:
62:61:ff:20:b8:ec:e4:a7:ae:2c:20:de:2c:35:60:
32:59:5d:bf:e3:a0:56:c8:ac:7f:63:a1:54:ea:eb:
98:6f:95:6a:3c:78:aa:a1:2f:9e:23:c7:6c:4b:9b:
1b:4d:7f:a1:52:b0:c7:04:e2:6e:76:89:05:16:3e:
26:71:f7:14:e3:f8:c1:f0:dc:93:99:43:46:3a:4a:
b9:4c:6c:56:30:b7:e6:f8:a5:1c:80:54:fe:f2:52:
a9:28:8b:c4:9e:7f:8f:5f:31:e9:77:96:b0:4b:7d:
b8:96:a1:ef:ce:12:b8:7d:66:13:83:fb:21:34:f5:
68:a8:09:68:3f:1d:22:38:bc:e2:b2:46:2c:7a:3b:
7a:b4:1f:af:46:5e:85:0f:90:f1:69:3b:28:c4:7b:
f8:da:c4:66:40:3a:a5:11:80:c1:67:9b:7b:47:aa:
d0:40:74:a4:ac:37:a9:23:51:ee:48:65:30:57:f3:
89:02:e3:3b:7f:fe:e7:82:23:ba:0e:7e:0b:dd:25:
0b:54:2e:57:e4:9c:48:a0:29:31:8d:76:13:ff:5d:
bf:b1:26:e5:0f:29:33:69:14:4a:ce:86:aa:0c:60:
1b:cb:9c:77:30:94:1d:b8:b8:92:22:45:16:48:dd:
14:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:65:26:0A:E9:28:72:EF:BA:A0:80:DC:25:1D:26:38:C3:3E:6A:FA
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/MGUmCukocu-6oIDcJR0mOMM-avo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.127.0/24
185.57.68.0/22
194.61.88.0/22
IPv6:
2a02:5960::/32
Signature Algorithm: sha256WithRSAEncryption
36:32:4c:38:82:89:8e:a9:66:cc:73:79:e3:74:19:3a:1f:a4:
58:ea:1c:0d:20:6b:d9:c4:7d:8c:02:94:53:64:96:9c:95:14:
c4:9d:2a:d2:0d:fe:31:9a:41:f5:06:25:5c:e3:ed:10:f5:26:
af:b8:42:e4:6a:5a:af:26:5e:ee:24:ab:0a:8f:09:23:d4:f5:
7a:02:1e:58:2b:60:e5:68:08:04:2c:a9:70:3c:62:57:bb:f9:
4b:43:54:74:a5:11:a2:0f:2b:b5:b5:35:40:48:dd:42:6c:b9:
7a:12:98:ae:e4:83:9d:af:9a:f4:f2:e4:37:b7:44:30:a8:d9:
db:1e:4f:cf:6f:d0:c6:93:6e:21:84:fd:96:84:8a:ca:0b:6e:
14:71:88:30:0e:5f:1d:74:61:a6:49:70:75:51:56:93:05:bc:
f6:ae:2a:b2:68:6c:f5:0d:11:8c:22:ec:80:06:5b:0e:21:88:
f2:64:0f:06:f7:0d:2a:f5:3c:5d:9d:40:6c:09:50:5a:3e:14:
8b:21:ce:bf:fe:ca:ee:bc:f9:13:26:fb:dd:fb:f0:ff:e1:bb:
b8:a4:3d:a0:71:a2:3a:f3:6e:48:2c:f7:27:b5:22:1c:be:90:
76:3a:f3:5c:89:be:6c:df:c9:87:9f:57:17:17:0e:9e:54:cd:
50:a1:cf:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDRBrYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThlYmY5MzQwHhcNMjIwMTAx
MDE1MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzMDY1MjYwYWU5Mjg3
MmVmYmFhMDgwZGMyNTFkMjYzOGMzM2U2YWZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA/5YggowTOjNY5dQPARhiYf8guOzkp64sIN4sNWAyWV2/46BW
yKx/Y6FU6uuYb5VqPHiqoS+eI8dsS5sbTX+hUrDHBOJudokFFj4mcfcU4/jB8NyT
mUNGOkq5TGxWMLfm+KUcgFT+8lKpKIvEnn+PXzHpd5awS324lqHvzhK4fWYTg/sh
NPVoqAloPx0iOLziskYsejt6tB+vRl6FD5DxaTsoxHv42sRmQDqlEYDBZ5t7R6rQ
QHSkrDepI1HuSGUwV/OJAuM7f/7ngiO6Dn4L3SULVC5X5JxIoCkxjXYT/12/sSbl
DykzaRRKzoaqDGAby5x3MJQduLiSIkUWSN0UDQIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFDBlJgrpKHLvuqCA3CUdJjjDPmr6MB8GA1UdIwQYMBaAFDTQ7HrEw5Hk7Lqd
CjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUwLzEv
TUdVbUN1a29jdS02b0lEY0pSMG1PTU0tYXZvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9m
N2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUwLzEvTk5Ec2VzVERrZVRz
dXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAbUR/AwQCuTlEAwQCwj1YMA0EAgAC
MAcDBQAqAllgMA0GCSqGSIb3DQEBCwUAA4IBAQA2Mkw4gomOqWbMc3njdBk6H6RY
6hwNIGvZxH2MApRTZJaclRTEnSrSDf4xmkH1BiVc4+0Q9SavuELkalqvJl7uJKsK
jwkj1PV6Ah5YK2DlaAgELKlwPGJXu/lLQ1R0pRGiDyu1tTVASN1CbLl6Epiu5IOd
r5r08uQ3t0QwqNnbHk/Pb9DGk24hhP2WhIrKC24UcYgwDl8ddGGmSXB1UVaTBbz2
riqyaGz1DRGMIuyABlsOIYjyZA8G9w0q9TxdnUBsCVBaPhSLIc6//sruvPkTJvvd
+/D/4bu4pD2gcaI6825ILPcntSIcvpB2OvNcib5s38mHn1cXFw6eVM1Qoc+c
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:59 2024 by rpki-client on console-ams.rpki-client.org