Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/mnPjTdhtYFl5U4M-AXzwhzIPmqM.roa
File: mnPjTdhtYFl5U4M-AXzwhzIPmqM.roa (raw, json)
Hash identifier: F/7KQXJuhiALUzURlG2WFGBsUd3IYhljR5+h50e/kN8=
Subject key identifier: 9A:73:E3:4D:D8:6D:60:59:79:53:83:3E:01:7C:F0:87:32:0F:9A:A3
Certificate issuer: /CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Certificate serial: 088E9C1F
Authority key identifier: 74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/mnPjTdhtYFl5U4M-AXzwhzIPmqM.roa
Signing time: Tue 12 Apr 2022 18:09:04 +0000
ROA not before: Tue 12 Apr 2022 18:09:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.15.21.0/24 maxlen: 24
194.53.136.0/24 maxlen: 24
194.53.137.0/24 maxlen: 24
2a0e:1d80:14::/48 maxlen: 48
2a0e:1d80:12::/48 maxlen: 48
2a0e:1d80:8::/48 maxlen: 48
2a0e:1d80:10::/48 maxlen: 48
2a0e:1d80:13::/48 maxlen: 48
2a0e:1d80:6::/48 maxlen: 48
2a0e:1d80:11::/48 maxlen: 48
2a0e:1d80:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143563807 (0x88e9c1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Validity
Not Before: Apr 12 18:09:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a73e34dd86d60597953833e017cf087320f9aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:09:71:bb:37:c3:f1:4f:ab:84:df:5a:4c:
ee:73:66:86:96:30:c4:b9:9a:28:c1:72:b7:51:16:
ff:2f:e5:6c:fb:70:29:a4:ae:7a:06:c3:fb:f0:f7:
e2:ad:60:bf:14:f5:02:20:22:0a:b4:00:09:a4:00:
e6:d1:37:bf:a4:0f:80:d8:7a:bd:12:9d:71:fe:d6:
80:07:51:8c:ea:4e:02:da:3a:45:d8:67:12:71:80:
16:3b:40:a9:96:85:0e:1f:47:21:6b:9b:24:f2:a5:
de:a3:12:fd:19:93:da:96:3c:18:5b:95:43:dd:73:
80:bc:ee:4f:2c:77:b0:c6:4e:ef:2d:3b:0e:f3:dd:
3f:c0:8e:60:36:bb:b2:c8:3a:76:24:11:a2:f7:fd:
4e:ed:bb:fd:a7:3f:4a:8e:3f:d1:d5:10:68:77:e1:
65:41:53:ab:5d:62:89:0e:7e:ef:84:bb:33:26:58:
81:df:79:e8:27:05:fd:9d:b8:15:ed:28:1c:e4:00:
8d:64:f1:33:2d:f8:db:0e:ac:d2:88:d8:ad:66:59:
14:c0:88:29:ef:27:14:a8:50:34:5e:26:12:8e:16:
49:75:70:c1:d3:96:5a:e8:5b:b8:85:a2:e9:a9:16:
d8:99:90:ef:b1:58:ec:0c:0b:76:37:b0:69:18:1f:
e5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:73:E3:4D:D8:6D:60:59:79:53:83:3E:01:7C:F0:87:32:0F:9A:A3
X509v3 Authority Key Identifier:
keyid:74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/mnPjTdhtYFl5U4M-AXzwhzIPmqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.21.0/24
194.53.136.0/23
IPv6:
2a0e:1d80:6::/48
2a0e:1d80:8::/47
2a0e:1d80:10::-2a0e:1d80:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:c6:18:5c:27:0a:4d:b6:23:85:32:85:88:84:19:10:c2:ae:
2f:f8:b7:ef:9c:5d:d7:1c:ee:ee:b9:99:99:92:ee:7a:41:ee:
c5:6c:3f:0e:14:55:10:11:9d:6d:b8:ab:b2:ae:b9:b6:72:5d:
c1:76:7a:f2:2e:ee:2d:2d:40:b8:6e:dc:20:f9:16:6c:4c:91:
bf:6e:40:b2:ac:6e:c6:05:2c:81:b3:0b:20:41:ea:b0:8a:de:
23:0b:19:c2:d3:42:5a:c6:d1:35:ce:47:bb:6e:9c:10:a4:27:
be:ab:4b:13:94:4f:2c:ef:a6:bb:15:00:64:ff:7f:0b:a6:3e:
fe:49:80:34:cf:90:94:c4:8c:40:32:58:cd:72:46:72:07:45:
ca:bb:d4:7a:90:13:6a:1f:0c:85:53:fb:98:75:fa:c2:f2:af:
a6:47:88:a5:ef:bc:52:ee:5d:8a:e2:ee:ff:f3:82:06:ee:05:
34:fd:7b:1d:20:07:b9:05:6a:84:6e:ab:d4:f4:0f:d8:db:ca:
db:23:c8:e8:33:54:27:ca:b1:1f:e9:d0:b9:c2:a5:d4:1a:8d:
8e:6e:61:5f:65:0d:af:44:6f:8a:89:7a:cb:f6:c4:64:5e:ae:
ea:db:d9:1b:49:39:a7:19:d2:78:20:12:d8:8f:69:5c:14:97:
ff:d3:12:0c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECI6cHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGFlYmMxNTRhNTZjODMwMjVjYmQ4NjQxYTlhYzMxNWNiNTUxYzA2MB4XDTIyMDQx
MjE4MDkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE3M2UzNGRkODZk
NjA1OTc5NTM4MzNlMDE3Y2YwODczMjBmOWFhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxkCXG7N8PxT6uE31pM7nNmhpYwxLmaKMFyt1EW/y/lbPtw
KaSuegbD+/D34q1gvxT1AiAiCrQACaQA5tE3v6QPgNh6vRKdcf7WgAdRjOpOAto6
RdhnEnGAFjtAqZaFDh9HIWubJPKl3qMS/RmT2pY8GFuVQ91zgLzuTyx3sMZO7y07
DvPdP8COYDa7ssg6diQRovf9Tu27/ac/So4/0dUQaHfhZUFTq11iiQ5+74S7MyZY
gd956CcF/Z24Fe0oHOQAjWTxMy342w6s0ojYrWZZFMCIKe8nFKhQNF4mEo4WSXVw
wdOWWuhbuIWi6akW2JmQ77FY7AwLdjewaRgf5QcCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBSac+NN2G1gWXlTgz4BfPCHMg+aozAfBgNVHSMEGDAWgBR0rrwVSlbIMCXL
2GQamsMVy1UcBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RLNjhGVXBXeURBbHk5aGtHcHJERmN0VkhBWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvNmRlN2EwLTQwNzMtNDI3Mi1iZjQ0LTA3YTFkNjU1NDhiYS8x
L21uUGpUZGh0WUZsNVU0TS1BWHp3aHpJUG1xTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
NmRlN2EwLTQwNzMtNDI3Mi1iZjQ0LTA3YTFkNjU1NDhiYS8xL2RLNjhGVXBXeURB
bHk5aGtHcHJERmN0VkhBWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwEgQCAAEwDAMEAC0PFQMEAcI1iDAsBAIAAjAmAwcA
Kg4dgAAGAwcBKg4dgAAIMBIDBwQqDh2AABADBwAqDh2AABQwDQYJKoZIhvcNAQEL
BQADggEBAKzGGFwnCk22I4UyhYiEGRDCri/4t++cXdcc7u65mZmS7npB7sVsPw4U
VRARnW24q7KuubZyXcF2evIu7i0tQLhu3CD5FmxMkb9uQLKsbsYFLIGzCyBB6rCK
3iMLGcLTQlrG0TXOR7tunBCkJ76rSxOUTyzvprsVAGT/fwumPv5JgDTPkJTEjEAy
WM1yRnIHRcq71HqQE2ofDIVT+5h1+sLyr6ZHiKXvvFLuXYri7v/zggbuBTT9ex0g
B7kFaoRuq9T0D9jbytsjyOgzVCfKsR/p0LnCpdQajY5uYV9lDa9Eb4qJesv2xGRe
rurb2RtJOacZ0nggEtiPaVwUl//TEgw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:58 2024 by rpki-client on console-fra.rpki-client.org