Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mrHSQ81m2s3ZxvUOWeAtn3rmXXQ.roa
File: mrHSQ81m2s3ZxvUOWeAtn3rmXXQ.roa (raw, json)
Hash identifier: 0UGwRShih5wTPs7lWV53To1wNhwJi9qdotpy8NpFgec=
Subject key identifier: 9A:B1:D2:43:CD:66:DA:CD:D9:C6:F5:0E:59:E0:2D:9F:7A:E6:5D:74
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01845D33745B6ACC568FA9FB02D40F9B9909
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mrHSQ81m2s3ZxvUOWeAtn3rmXXQ.roa
Signing time: Wed 09 Nov 2022 16:22:43 +0000
ROA not before: Wed 09 Nov 2022 16:22:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397451
IP address blocks: 89.46.112.0/23 maxlen: 23
85.204.196.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:33:74:5b:6a:cc:56:8f:a9:fb:02:d4:0f:9b:99:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 9 16:22:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ab1d243cd66dacdd9c6f50e59e02d9f7ae65d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:db:9b:cc:03:e2:b9:13:5f:ff:d9:3c:6b:
73:be:93:bb:8b:bc:81:83:1e:8c:46:9f:ad:85:10:
ea:13:1a:ce:16:24:d8:76:28:e0:7d:23:5c:a2:d7:
2d:5e:8a:1b:03:ba:89:af:cb:08:b6:bb:15:8a:ae:
8b:92:c2:a3:41:af:10:4f:6d:28:5d:a6:07:6b:f3:
be:ef:3b:e9:4f:cb:25:0e:b3:2f:07:6a:d9:3f:b5:
a1:7d:8a:2d:01:ea:0c:dc:b5:51:69:ee:62:16:63:
11:9e:76:37:15:54:b4:9e:ce:e3:3b:a4:17:74:5d:
96:25:26:2d:dc:24:2e:bc:db:d1:6f:af:4b:9d:c7:
18:62:69:12:58:4e:e6:54:32:7a:4a:0d:53:28:1f:
2c:55:7f:a3:63:f3:f2:5e:98:de:e5:c5:45:b0:94:
dc:88:15:00:0b:cd:9b:ca:3c:dc:ae:10:ff:2a:4c:
82:1f:35:fc:d7:e8:1a:7c:61:35:a8:8c:d5:c9:5e:
d1:c8:1c:fe:41:4b:71:3e:d4:6c:b3:68:02:c0:99:
c3:05:05:fb:bb:a4:e9:c0:ed:6d:13:93:2b:f3:55:
7e:e8:85:fb:69:d7:1e:5f:21:02:30:9c:51:71:00:
2b:6b:d4:cd:4a:33:f5:e2:44:35:ff:45:6a:03:c7:
98:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B1:D2:43:CD:66:DA:CD:D9:C6:F5:0E:59:E0:2D:9F:7A:E6:5D:74
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mrHSQ81m2s3ZxvUOWeAtn3rmXXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.196.0/23
89.46.112.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:26:80:df:8b:22:6f:31:2c:5e:6c:1c:d7:43:a1:0d:1a:e5:
35:82:ab:27:b5:b3:3a:7f:ec:c3:f6:16:e0:a9:ce:14:6a:c8:
e4:9e:da:97:ec:41:e5:c5:6e:39:aa:54:ee:01:31:d6:58:2b:
43:b5:75:ab:90:ab:4f:f2:ce:76:f2:03:67:12:b7:35:63:45:
0d:a1:a8:1d:77:bd:ad:ac:fa:cc:65:ca:93:99:7a:e3:7a:54:
20:a9:e6:08:91:17:97:03:f2:32:46:ae:a0:b6:2e:b5:62:e4:
78:b5:51:75:d9:f6:1f:e7:af:10:a5:4a:ed:95:e0:7c:a2:06:
9b:3c:48:04:bc:dc:a9:0a:70:24:04:dc:e2:f1:97:0e:54:e4:
88:a3:5e:28:e1:be:68:4d:9e:c1:1f:96:b4:9b:fe:89:05:08:
36:53:be:bf:b9:6f:47:84:d3:98:7d:41:b2:79:3c:cf:1d:ba:
8b:4a:55:62:0a:7e:96:9d:4c:88:23:7e:ed:4c:f0:ee:33:48:
77:78:d1:e8:90:31:b5:4c:58:a2:b4:4c:75:f0:dd:3a:fa:6b:
2d:29:98:21:13:1a:64:15:cd:a4:cb:68:5d:d6:0d:19:97:e0:
bc:4f:ee:f5:ab:c3:f1:02:5a:4d:c9:d5:ba:ed:2a:79:97:cb:
87:a4:6f:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRdM3RbasxWj6n7AtQPm5kJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTA5MTYyMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWIxZDI0M2NkNjZkYWNkZDljNmY1MGU1OWUwMmQ5ZjdhZTY1ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYnbm8wD4rkTX//ZPGtzvpO7i7yB
gx6MRp+thRDqExrOFiTYdijgfSNcotctXoobA7qJr8sItrsViq6LksKjQa8QT20o
XaYHa/O+7zvpT8slDrMvB2rZP7WhfYotAeoM3LVRae5iFmMRnnY3FVS0ns7jO6QX
dF2WJSYt3CQuvNvRb69LnccYYmkSWE7mVDJ6Sg1TKB8sVX+jY/PyXpje5cVFsJTc
iBUAC82byjzcrhD/KkyCHzX81+gafGE1qIzVyV7RyBz+QUtxPtRss2gCwJnDBQX7
u6TpwO1tE5Mr81V+6IX7adceXyECMJxRcQAra9TNSjP14kQ1/0VqA8eYrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJqx0kPNZtrN2cb1DlngLZ965l10MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbXJIU1E4MW0yczNaeHZVT1dlQXRuM3JtWFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVczEAwQB
WS5wMA0GCSqGSIb3DQEBCwUAA4IBAQAsJoDfiyJvMSxebBzXQ6ENGuU1gqsntbM6
f+zD9hbgqc4UasjkntqX7EHlxW45qlTuATHWWCtDtXWrkKtP8s528gNnErc1Y0UN
oagdd72trPrMZcqTmXrjelQgqeYIkReXA/IyRq6gti61YuR4tVF12fYf568QpUrt
leB8ogabPEgEvNypCnAkBNzi8ZcOVOSIo14o4b5oTZ7BH5a0m/6JBQg2U76/uW9H
hNOYfUGyeTzPHbqLSlViCn6WnUyII37tTPDuM0h3eNHokDG1TFiitEx18N06+mst
KZghExpkFc2ky2hd1g0Zl+C8T+71q8PxAlpNydW67Sp5l8uHpG/T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org