Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/MNMOuD8pADL982fdvwBkQ7XACV4.roa
File: MNMOuD8pADL982fdvwBkQ7XACV4.roa (raw, json)
Hash identifier: 4XdXcxS2JXOH9F0KDEYDpIChMXB00b2vnrx5x6LaEIQ=
Subject key identifier: 30:D3:0E:B8:3F:29:00:32:FD:F3:67:DD:BF:00:64:43:B5:C0:09:5E
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 0184623CCFFD65DD910159B8754975867765
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/MNMOuD8pADL982fdvwBkQ7XACV4.roa
Signing time: Thu 10 Nov 2022 15:51:03 +0000
ROA not before: Thu 10 Nov 2022 15:51:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8758
IP address blocks: 37.46.144.0/22 maxlen: 24
217.71.240.0/20 maxlen: 24
178.250.130.0/23 maxlen: 24
185.160.244.0/22 maxlen: 24
217.150.224.0/20 maxlen: 24
157.143.0.0/17 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.116.0/22 maxlen: 24
109.70.115.0/24 maxlen: 24
212.25.0.0/19 maxlen: 24
77.74.96.0/21 maxlen: 24
145.40.192.0/19 maxlen: 24
84.254.80.0/20 maxlen: 24
95.143.48.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
87.239.200.0/21 maxlen: 24
31.24.8.0/21 maxlen: 24
178.22.104.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
194.246.118.0/23 maxlen: 24
217.22.128.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a01:bd00::/32 maxlen: 32
2a00:10c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:3c:cf:fd:65:dd:91:01:59:b8:75:49:75:86:77:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Nov 10 15:51:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30d30eb83f290032fdf367ddbf006443b5c0095e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:da:4a:3e:79:ec:df:be:67:cb:66:f8:18:
00:d3:96:6b:0a:59:b1:6a:08:04:18:66:7c:19:ef:
4e:93:db:08:f5:e4:6d:23:29:dc:29:b9:2e:6b:61:
15:a7:36:8b:c5:0b:89:d4:77:7f:d6:3d:94:dd:72:
98:00:ec:cb:78:c4:15:32:1f:a1:2b:22:57:d0:1e:
8a:f5:88:35:fe:b0:7c:e7:88:80:1f:52:4c:c3:04:
0d:5a:48:71:16:02:5c:66:0b:3d:88:cd:a9:65:b8:
3f:a1:9d:1a:c1:98:17:f0:8b:4d:8c:f2:80:08:17:
e2:a4:18:2e:9d:87:a5:ae:36:69:cc:91:64:64:e8:
32:53:51:31:fe:78:13:76:c6:db:5c:22:f8:82:49:
bb:ae:86:32:c6:81:1b:8b:bd:1e:02:a4:d0:90:33:
87:62:32:3e:84:95:fe:f6:33:25:e1:36:52:21:c1:
c2:29:c5:8f:ef:ce:a6:a7:11:86:25:08:fa:be:31:
1b:cd:50:4a:c0:b7:4b:e7:57:45:ba:3f:cc:5d:a7:
23:ca:70:3d:19:50:2c:87:3b:a1:3f:da:2f:7e:54:
e0:81:5a:3f:2c:17:f8:c0:eb:47:1a:29:20:32:0c:
83:fd:46:aa:2b:0d:9e:2e:9a:86:53:31:4e:81:0b:
a9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D3:0E:B8:3F:29:00:32:FD:F3:67:DD:BF:00:64:43:B5:C0:09:5E
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/MNMOuD8pADL982fdvwBkQ7XACV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.160.244.0/22
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
52:90:e7:40:1c:46:19:cc:34:a4:b8:58:cf:57:2a:c3:0b:27:
b0:3a:2d:6a:f6:1e:23:d0:d8:df:99:94:51:30:1c:d0:81:25:
5e:86:f8:2f:4d:6a:99:51:05:95:bd:27:8f:b1:9d:b0:f7:17:
9b:2c:67:d2:3c:9d:f4:7e:f1:d6:47:1e:57:52:38:c1:55:5b:
7f:c1:ec:66:ce:69:3b:3b:f5:87:b7:04:91:bc:3b:aa:0a:7b:
c1:37:db:0d:b4:50:b6:c0:39:8d:da:48:45:fc:6a:11:d0:0e:
2a:09:89:af:90:69:2a:7a:15:4c:e6:04:d4:6f:0d:73:64:53:
b2:7c:8b:b2:82:31:79:47:b5:09:5a:92:9f:83:b3:4a:3b:0b:
13:e3:dc:60:da:6d:74:c5:c7:89:72:e0:5d:4c:e9:93:01:29:
6b:a6:4a:d7:6e:23:7c:86:38:c4:f2:dd:50:6e:c6:07:27:cc:
4f:11:19:d3:2a:df:a3:f5:a4:01:8e:a1:04:6f:4a:c0:98:ba:
da:38:99:2d:1c:5b:be:56:72:2d:7e:b7:27:ba:33:3e:45:77:
a0:78:a4:34:35:65:58:51:bc:68:6c:70:6c:f1:8a:3d:27:5a:
3e:27:ad:ee:a5:a4:3f:34:71:d6:86:02:ec:89:fa:67:a3:91:
03:ed:5c:2f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYRiPM/9Zd2RAVm4dUl1hndlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjIxMTEwMTU1MTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQzMGViODNmMjkwMDMyZmRmMzY3ZGRiZjAwNjQ0M2I1YzAwOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3vaSj557N++Z8tm+BgA05ZrClmx
aggEGGZ8Ge9Ok9sI9eRtIyncKbkua2EVpzaLxQuJ1Hd/1j2U3XKYAOzLeMQVMh+h
KyJX0B6K9Yg1/rB854iAH1JMwwQNWkhxFgJcZgs9iM2pZbg/oZ0awZgX8ItNjPKA
CBfipBgunYelrjZpzJFkZOgyU1Ex/ngTdsbbXCL4gkm7roYyxoEbi70eAqTQkDOH
YjI+hJX+9jMl4TZSIcHCKcWP786mpxGGJQj6vjEbzVBKwLdL51dFuj/MXacjynA9
GVAshzuhP9ovflTggVo/LBf4wOtHGikgMgyD/UaqKw2eLpqGUzFOgQupMQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFDDTDrg/KQAy/fNn3b8AZEO1wAleMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEvTU5NT3VEOHBBREw5ODJmZHZ3QmtRN1hBQ1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBgAQCAAEwegMEAx8Y
CAMEAiUukAMEA01KYAMEBFBZ0AMEBlOWADAMAwQEVP5QAwQEVP5gAwQDV+/IAwQE
X48wAwQDbUZwAwQFkSjAAwQHnY8AAwQDshZoAwQBsvqCAwQCuaD0AwQBwvZ2AwQF
1BkAAwQE2RaAAwQE2UfwAwQE2ZbgMBsEAgACMBUDBQMgAQjgAwUAKgAQwAMFACoB
vQAwDQYJKoZIhvcNAQELBQADggEBAFKQ50AcRhnMNKS4WM9XKsMLJ7A6LWr2HiPQ
2N+ZlFEwHNCBJV6G+C9NaplRBZW9J4+xnbD3F5ssZ9I8nfR+8dZHHldSOMFVW3/B
7GbOaTs79Ye3BJG8O6oKe8E32w20ULbAOY3aSEX8ahHQDioJia+QaSp6FUzmBNRv
DXNkU7J8i7KCMXlHtQlakp+Ds0o7CxPj3GDabXTFx4ly4F1M6ZMBKWumStduI3yG
OMTy3VBuxgcnzE8RGdMq36P1pAGOoQRvSsCYuto4mS0cW75Wci1+tye6Mz5Fd6B4
pDQ1ZVhRvGhscGzxij0nWj4nre6lpD80cdaGAuyJ+mejkQPtXC8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:11 2023 by rpki-client on console-fra.rpki-client.org