Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mpL0tPy_wJdtt3p2Q1kLSPVFnSY.roa
File: mpL0tPy_wJdtt3p2Q1kLSPVFnSY.roa (raw, json)
Hash identifier: UvCSavOXXbdDS9slZayrN/LYk/COnZgdhlcfe9v2fIU=
Subject key identifier: 9A:92:F4:B4:FC:BF:C0:97:6D:B7:7A:76:43:59:0B:48:F5:45:9D:26
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01841E2A7B29E99733F0CDF464AF3DB77E30
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mpL0tPy_wJdtt3p2Q1kLSPVFnSY.roa
Signing time: Fri 28 Oct 2022 10:36:51 +0000
ROA not before: Fri 28 Oct 2022 10:36:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.58.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.188.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:2a:7b:29:e9:97:33:f0:cd:f4:64:af:3d:b7:7e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 28 10:36:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a92f4b4fcbfc0976db77a7643590b48f5459d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:81:0a:11:bc:9f:7a:55:88:32:b0:cf:bf:f6:
a1:d6:30:23:47:93:38:97:4c:5f:0b:05:8b:9c:8a:
55:14:df:47:de:08:34:75:40:e1:02:2d:db:07:e7:
9e:bc:e7:72:3a:33:6e:65:c3:e4:e9:c2:dc:a2:78:
b2:f2:d6:31:7b:5a:b1:31:d9:59:86:a2:88:b5:77:
9e:7a:b0:48:e2:97:84:f0:58:e1:30:f4:12:e2:cc:
af:7d:6e:b7:ec:b9:ff:32:ab:1a:bc:1b:47:fb:e4:
e8:ba:be:aa:3d:05:9a:14:5c:6b:41:44:0b:ba:5e:
84:3e:b0:04:cd:17:52:fa:a4:cb:9b:ad:81:bf:dc:
95:5d:87:37:52:b9:6d:68:a4:c8:19:8c:94:89:36:
aa:5b:df:0c:94:00:c5:7a:0b:42:85:29:0d:95:d6:
54:56:bc:78:ec:6b:80:90:7d:25:ca:88:d3:ec:e1:
7b:36:f1:55:f4:d7:50:7b:20:28:a5:58:c7:7e:c1:
03:0a:88:10:25:16:a4:8c:d6:d0:0e:e2:09:92:33:
9a:c6:49:6e:c3:6c:af:d9:b7:70:d4:e2:10:3e:91:
db:8b:41:6c:fe:87:e4:33:5c:75:30:d6:38:3b:4e:
54:ad:7d:d5:7f:85:23:6e:a8:ae:e2:24:e6:bd:63:
57:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:92:F4:B4:FC:BF:C0:97:6D:B7:7A:76:43:59:0B:48:F5:45:9D:26
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mpL0tPy_wJdtt3p2Q1kLSPVFnSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
aa:9b:c5:fb:20:48:0a:df:69:d1:ba:dc:0f:7e:0c:1e:51:88:
37:6e:ab:cd:e2:60:0c:5a:55:12:ff:e7:7c:fe:33:82:89:c4:
6a:b3:c9:30:d6:91:99:91:19:d9:ba:05:7c:da:21:0a:59:49:
49:f5:d1:f0:52:db:29:4e:1d:14:f2:64:cc:65:bb:c0:35:7b:
15:80:89:e9:c9:32:14:23:3d:65:ae:f7:4b:7d:a4:c6:eb:c7:
ac:cd:c2:09:1b:32:10:9f:2f:24:6a:0a:46:a8:72:cb:e2:3a:
fa:3b:2d:ef:c6:35:79:3d:ef:9c:89:da:5c:8b:44:02:e9:fa:
c1:5a:94:51:5f:02:d5:6e:ac:bc:d6:5e:43:09:60:44:21:5f:
b2:31:71:68:3f:60:17:40:15:cf:8b:97:8f:7c:09:35:e0:d0:
a7:01:34:dc:34:25:20:bd:03:34:48:e9:c9:c7:0c:00:1c:eb:
09:7c:a0:77:94:96:52:b2:ac:ba:9b:e9:e4:56:85:2d:f8:e1:
e1:a0:d8:8c:be:d7:bd:88:96:93:66:9c:70:7d:7b:71:3a:bd:
94:bb:1f:de:0d:09:9a:bb:b9:2a:e5:72:75:23:2c:87:ac:b6:
fb:7e:ea:64:b9:9f:7f:df:30:47:49:c1:1d:24:d6:db:11:6e:
65:1c:84:e9
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYQeKnsp6Zcz8M30ZK89t34wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDI4MTAzNjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkyZjRiNGZjYmZjMDk3NmRiNzdhNzY0MzU5MGI0OGY1NDU5ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64EKEbyfelWIMrDPv/ah1jAjR5M4
l0xfCwWLnIpVFN9H3gg0dUDhAi3bB+eevOdyOjNuZcPk6cLconiy8tYxe1qxMdlZ
hqKItXeeerBI4peE8FjhMPQS4syvfW637Ln/MqsavBtH++Tour6qPQWaFFxrQUQL
ul6EPrAEzRdS+qTLm62Bv9yVXYc3UrltaKTIGYyUiTaqW98MlADFegtChSkNldZU
Vrx47GuAkH0lyojT7OF7NvFV9NdQeyAopVjHfsEDCogQJRakjNbQDuIJkjOaxklu
w2yv2bdw1OIQPpHbi0Fs/ofkM1x1MNY4O05UrX3Vf4Ujbqiu4iTmvWNX/QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJqS9LT8v8CXbbd6dkNZC0j1RZ0mMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbXBMMHRQeV93SmR0dDNwMlExa0xTUFZGblNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCqm8X7IEgK32nRutwPfgweUYg3bqvN4mAMWlUS/+d8/jOCicRqs8kw1pGZkRnZ
ugV82iEKWUlJ9dHwUtspTh0U8mTMZbvANXsVgInpyTIUIz1lrvdLfaTG68eszcIJ
GzIQny8kagpGqHLL4jr6Oy3vxjV5Pe+cidpci0QC6frBWpRRXwLVbqy81l5DCWBE
IV+yMXFoP2AXQBXPi5ePfAk14NCnATTcNCUgvQM0SOnJxwwAHOsJfKB3lJZSsqy6
m+nkVoUt+OHhoNiMvte9iJaTZpxwfXtxOr2Uux/eDQmau7kq5XJ1IyyHrLb7fupk
uZ9/3zBHScEdJNbbEW5lHITp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org