Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/mnhs_WH4XE8xWr-N5S3eAc1HaA8.roa
File: mnhs_WH4XE8xWr-N5S3eAc1HaA8.roa (raw, json)
Hash identifier: rcb3X7/i7qL3079BpfvFDjDUEOFOd7TJ+B1KV/wgqHA=
Subject key identifier: 9A:78:6C:FD:61:F8:5C:4F:31:5A:BF:8D:E5:2D:DE:01:CD:47:68:0F
Certificate issuer: /CN=34e110b59362f673eae33b66ee7aea3c4028294e
Certificate serial: 033E0B
Authority key identifier: 34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/mnhs_WH4XE8xWr-N5S3eAc1HaA8.roa
Signing time: Wed 09 Mar 2022 12:17:03 +0000
ROA not before: Wed 09 Mar 2022 12:17:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198485
IP address blocks: 141.105.124.0/23 maxlen: 24
178.21.118.0/24 maxlen: 24
185.2.44.0/22 maxlen: 24
2a02:2308:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212491 (0x33e0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e110b59362f673eae33b66ee7aea3c4028294e
Validity
Not Before: Mar 9 12:17:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a786cfd61f85c4f315abf8de52dde01cd47680f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:85:99:09:d4:a6:2b:29:28:ee:0f:4b:6f:37:
ac:81:29:80:b7:f9:af:3c:2c:4a:4c:76:fd:6f:ea:
0b:0f:4d:2b:fd:b5:c6:28:4a:8b:97:54:56:d7:fa:
53:52:48:89:cb:d8:c0:fc:60:98:fb:88:88:b6:b0:
e8:68:ef:7c:75:93:2d:1f:ee:c2:98:2e:4d:b0:3c:
77:f1:f4:1c:5b:01:b9:f3:e7:b1:83:ba:04:90:bf:
a3:cc:63:f4:5e:09:97:1e:9a:70:be:99:72:7e:e4:
fd:9b:a7:64:2d:b4:54:d3:4a:e3:d8:2e:86:41:72:
a8:75:9f:9c:55:ea:7a:99:6e:6f:6a:a5:cb:5a:19:
19:2c:fb:7b:ac:72:94:93:a2:cb:68:9f:aa:72:23:
bc:0b:2c:00:01:3d:de:12:d4:4b:1c:e7:dd:dc:96:
16:83:14:2e:d3:82:6b:93:68:1d:73:ea:d2:ed:e6:
5d:bf:f2:15:d6:2a:8e:91:ad:dc:11:2d:2f:3f:29:
50:0d:26:c4:c1:5d:00:3b:97:8c:b4:14:8f:12:0a:
bc:28:bc:31:2b:06:f5:5e:1a:1f:fd:8a:58:0d:4f:
05:fe:e7:96:9c:9f:04:45:cc:39:b9:11:49:e8:4e:
a6:c1:a9:87:f0:83:0b:6c:f1:50:d4:d5:4c:75:ab:
24:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:78:6C:FD:61:F8:5C:4F:31:5A:BF:8D:E5:2D:DE:01:CD:47:68:0F
X509v3 Authority Key Identifier:
keyid:34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/mnhs_WH4XE8xWr-N5S3eAc1HaA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/NOEQtZNi9nPq4ztm7nrqPEAoKU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.124.0/23
178.21.118.0/24
185.2.44.0/22
IPv6:
2a02:2308:20::/48
Signature Algorithm: sha256WithRSAEncryption
41:3d:89:b5:52:02:aa:4e:9b:f0:50:9d:8f:22:22:1f:3a:75:
1d:41:28:18:1e:a1:5b:de:80:b7:88:b8:01:09:5d:59:1a:b2:
48:bd:1a:e3:ca:27:3a:b3:7c:27:cd:a8:ad:ba:38:b1:e8:aa:
db:f4:04:69:4d:5c:ee:b1:51:dd:db:3e:87:d7:a2:ec:12:6e:
83:73:33:c4:e5:bc:51:74:7e:13:37:2f:9c:5e:b2:4b:22:9f:
a6:ef:6b:26:fc:94:75:b9:77:01:c2:7c:61:a0:9f:6c:91:34:
16:b0:d1:39:f7:57:a3:4b:2f:f6:6b:2c:25:fc:3e:25:c2:42:
a8:b4:b0:6a:ab:66:00:62:94:59:c9:d8:52:52:9f:a5:4a:c9:
cc:31:5d:6b:c3:f9:3d:b4:5a:5d:26:17:a0:c0:23:8c:e2:ce:
e0:c3:4a:20:ae:d6:55:a7:82:ae:f3:cb:9a:43:24:5a:21:70:
f2:41:ea:23:fb:c5:f6:0b:23:78:45:1e:61:63:4b:ae:e4:c4:
85:3e:85:0f:16:7b:b7:03:b5:32:b7:21:b7:c5:24:c0:62:a6:
8a:f1:7f:c8:14:d9:ee:ec:f9:92:af:aa:f7:a7:71:a1:03:e2:
c5:0b:23:03:e6:f8:38:6e:38:46:cd:29:7e:18:82:51:48:57:
ac:18:14:e5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIDAz4LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZTExMGI1OTM2MmY2NzNlYWUzM2I2NmVlN2FlYTNjNDAyODI5NGUwHhcNMjIwMzA5
MTIxNzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YTc4NmNmZDYxZjg1
YzRmMzE1YWJmOGRlNTJkZGUwMWNkNDc2ODBmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmIWZCdSmKyko7g9LbzesgSmAt/mvPCxKTHb9b+oLD00r/bXG
KEqLl1RW1/pTUkiJy9jA/GCY+4iItrDoaO98dZMtH+7CmC5NsDx38fQcWwG58+ex
g7oEkL+jzGP0XgmXHppwvplyfuT9m6dkLbRU00rj2C6GQXKodZ+cVep6mW5vaqXL
WhkZLPt7rHKUk6LLaJ+qciO8CywAAT3eEtRLHOfd3JYWgxQu04Jrk2gdc+rS7eZd
v/IV1iqOka3cES0vPylQDSbEwV0AO5eMtBSPEgq8KLwxKwb1Xhof/YpYDU8F/ueW
nJ8ERcw5uRFJ6E6mwamH8IMLbPFQ1NVMdaskJwIDAQABo4ICJjCCAiIwHQYDVR0O
BBYEFJp4bP1h+FxPMVq/jeUt3gHNR2gPMB8GA1UdIwQYMBaAFDThELWTYvZz6uM7
Zu566jxAKClOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYtMWJiMjdjNWQzOTdlLzEv
bW5oc19XSDRYRTh4V3ItTjVTM2VBYzFIYUE4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8w
YmY4ZmItMTYwNC00Y2QxLTlkYTYtMWJiMjdjNWQzOTdlLzEvTk9FUXRaTmk5blBx
NHp0bTducnFQRUFvS1U0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDwG
CCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBjWl8AwQAshV2AwQCuQIsMA8EAgAC
MAkDBwAqAiMIACAwDQYJKoZIhvcNAQELBQADggEBAEE9ibVSAqpOm/BQnY8iIh86
dR1BKBgeoVvegLeIuAEJXVkaski9GuPKJzqzfCfNqK26OLHoqtv0BGlNXO6xUd3b
PofXouwSboNzM8TlvFF0fhM3L5xesksin6bvayb8lHW5dwHCfGGgn2yRNBaw0Tn3
V6NLL/ZrLCX8PiXCQqi0sGqrZgBilFnJ2FJSn6VKycwxXWvD+T20Wl0mF6DAI4zi
zuDDSiCu1lWngq7zy5pDJFohcPJB6iP7xfYLI3hFHmFjS67kxIU+hQ8We7cDtTK3
IbfFJMBiporxf8gU2e7s+ZKvqvencaED4sULIwPm+DhuOEbNKX4YglFIV6wYFOU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:35 2024 by rpki-client on console-fra.rpki-client.org