Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MvCP99bu_szFj2ZgPfE4sa8_cy0.roa
File: MvCP99bu_szFj2ZgPfE4sa8_cy0.roa (raw, json)
Hash identifier: 1KbbAaauV8Gg7kDqTGFjIl3KmUNnYnnYIRf9KmFSM/M=
Subject key identifier: 32:F0:8F:F7:D6:EE:FE:CC:C5:8F:66:60:3D:F1:38:B1:AF:3F:73:2D
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01828DF07C1553184D215C5AD2AA1A7BD6B6
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MvCP99bu_szFj2ZgPfE4sa8_cy0.roa
Signing time: Thu 11 Aug 2022 17:25:24 +0000
ROA not before: Thu 11 Aug 2022 17:25:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207023
IP address blocks: 176.116.238.0/23 maxlen: 24
91.234.122.0/23 maxlen: 24
194.33.64.0/23 maxlen: 23
176.118.200.0/22 maxlen: 22
176.118.204.0/22 maxlen: 22
77.36.72.0/21 maxlen: 21
91.232.18.0/24 maxlen: 24
46.173.252.0/23 maxlen: 23
91.229.147.0/24 maxlen: 24
91.200.133.0/24 maxlen: 24
37.97.116.0/22 maxlen: 24
192.162.186.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:f0:7c:15:53:18:4d:21:5c:5a:d2:aa:1a:7b:d6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 11 17:25:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32f08ff7d6eefeccc58f66603df138b1af3f732d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c8:70:84:65:a2:a4:4e:7a:11:46:75:f5:ba:
4c:5c:09:25:34:33:25:1f:07:e3:ca:76:85:58:4e:
df:87:ed:9d:75:10:47:75:ed:ed:04:9b:7f:0f:19:
e9:c0:a8:c6:b8:e4:2d:1c:59:92:9e:6e:48:00:6a:
4a:58:e7:36:f4:37:83:ed:24:d2:4b:e7:84:c9:32:
18:c2:bd:9a:23:09:60:e3:12:2a:76:6e:2e:28:f7:
94:ec:49:f5:ba:4b:1e:cf:f1:38:c0:81:fe:f5:fe:
73:a8:c7:2e:32:97:ba:2c:59:5c:dd:49:9a:0e:77:
f3:2a:00:d4:5a:82:0c:b2:a8:17:cb:83:c1:95:9b:
af:a3:94:9c:65:53:f0:24:0f:86:51:05:79:59:62:
27:f8:dc:0e:97:b4:e0:85:39:38:b4:86:0b:f8:aa:
1e:14:b0:0e:7f:9d:00:9a:76:67:3a:c3:4c:21:d0:
76:c4:b6:52:3b:0e:ff:f9:89:1d:76:71:1f:92:7b:
3a:f4:1c:6d:aa:95:9e:62:f7:ac:a5:fa:28:06:05:
e1:24:d9:de:3c:37:66:bd:63:b4:4b:49:c6:8e:62:
9a:f1:b2:f1:6a:4d:b8:d9:cc:e6:05:cf:4c:02:84:
79:90:1d:d4:c3:18:47:28:bf:b5:ce:c1:7a:6b:4a:
a7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F0:8F:F7:D6:EE:FE:CC:C5:8F:66:60:3D:F1:38:B1:AF:3F:73:2D
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MvCP99bu_szFj2ZgPfE4sa8_cy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
46.173.252.0/23
77.36.72.0/21
91.200.133.0/24
91.229.147.0/24
91.232.18.0/24
91.234.122.0/23
176.116.238.0/23
176.118.200.0/21
192.162.186.0/23
194.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
54:dc:17:59:dd:f4:c4:1c:4a:39:b6:7b:53:27:bf:8b:87:23:
3e:76:30:ca:72:b4:b6:2c:18:b4:02:17:cf:cb:3e:7d:e5:bb:
3c:49:6e:bb:b7:89:fa:63:fc:0f:74:63:f5:11:29:01:66:a5:
b5:9c:72:03:2e:60:45:8b:5c:68:65:89:59:51:b4:e2:c2:6a:
2f:b0:bd:66:6e:b7:36:9a:e7:72:5b:49:f0:fe:be:5a:8c:27:
e3:51:3f:ff:d7:a5:47:87:bb:ee:70:c4:e6:43:f9:f7:4f:32:
9c:16:9a:e5:3a:17:18:01:eb:4c:10:b6:b0:51:51:9a:90:37:
09:76:0d:91:87:f7:76:d1:1d:62:24:0c:6b:c1:13:41:f9:b9:
b2:a9:e8:10:85:11:41:1b:45:15:77:34:cb:14:71:d0:19:d1:
ac:ca:e1:ca:e4:27:56:f1:5d:ec:00:29:3e:4f:12:5a:0b:b3:
d5:2c:48:7f:03:c3:74:5c:e7:4d:eb:f3:98:6e:08:44:c4:59:
1f:2d:3c:5c:82:5b:34:62:72:57:25:6e:4e:da:e9:4e:0c:78:
fb:42:23:3c:bd:cb:de:1a:10:dd:99:df:9e:df:51:1c:11:91:
44:3c:cf:de:37:94:c3:ab:3b:e6:17:dc:3c:3e:b9:45:96:75:
5f:e4:05:e9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYKN8HwVUxhNIVxa0qoae9a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODExMTcyNTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmYwOGZmN2Q2ZWVmZWNjYzU4ZjY2NjAzZGYxMzhiMWFmM2Y3MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxchwhGWipE56EUZ19bpMXAklNDMl
HwfjynaFWE7fh+2ddRBHde3tBJt/DxnpwKjGuOQtHFmSnm5IAGpKWOc29DeD7STS
S+eEyTIYwr2aIwlg4xIqdm4uKPeU7En1uksez/E4wIH+9f5zqMcuMpe6LFlc3Uma
DnfzKgDUWoIMsqgXy4PBlZuvo5ScZVPwJA+GUQV5WWIn+NwOl7TghTk4tIYL+Koe
FLAOf50AmnZnOsNMIdB2xLZSOw7/+YkddnEfkns69BxtqpWeYvespfooBgXhJNne
PDdmvWO0S0nGjmKa8bLxak242czmBc9MAoR5kB3UwxhHKL+1zsF6a0qniwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDLwj/fW7v7MxY9mYD3xOLGvP3MtMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTXZDUDk5YnVfc3pGajJaZ1BmRTRzYThfY3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCJWF0AwQB
Lq38AwQDTSRIAwQAW8iFAwQAW+WTAwQAW+gSAwQBW+p6AwQBsHTuAwQDsHbIAwQB
wKK6AwQBwiFAMA0GCSqGSIb3DQEBCwUAA4IBAQBU3BdZ3fTEHEo5tntTJ7+LhyM+
djDKcrS2LBi0AhfPyz595bs8SW67t4n6Y/wPdGP1ESkBZqW1nHIDLmBFi1xoZYlZ
UbTiwmovsL1mbrc2mudyW0nw/r5ajCfjUT//16VHh7vucMTmQ/n3TzKcFprlOhcY
AetMELawUVGakDcJdg2Rh/d20R1iJAxrwRNB+bmyqegQhRFBG0UVdzTLFHHQGdGs
yuHK5CdW8V3sACk+TxJaC7PVLEh/A8N0XOdN6/OYbghExFkfLTxcgls0YnJXJW5O
2ulODHj7QiM8vcveGhDdmd+e31EcEZFEPM/eN5TDqzvmF9w8PrlFlnVf5AXp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org