Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Mf8OWXc1LrGmLWQ8P449OvSTC78.roa
File: Mf8OWXc1LrGmLWQ8P449OvSTC78.roa (raw, json)
Hash identifier: fuMxANZ80rnq2MW4ftB3lFZoaBKcyTGas7RLWrmlj7E=
Subject key identifier: 31:FF:0E:59:77:35:2E:B1:A6:2D:64:3C:3F:8E:3D:3A:F4:93:0B:BF
Certificate issuer: /CN=12ee6257d0c3a2b930561af2522d9e5af7f9cbc7
Certificate serial: 01833803C34DC970C5B70EADD9C59A5C66EC
Authority key identifier: 12:EE:62:57:D0:C3:A2:B9:30:56:1A:F2:52:2D:9E:5A:F7:F9:CB:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Mf8OWXc1LrGmLWQ8P449OvSTC78.roa
Signing time: Tue 13 Sep 2022 18:01:54 +0000
ROA not before: Tue 13 Sep 2022 18:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204135
IP address blocks: 185.235.37.0/24 maxlen: 24
185.235.36.0/22 maxlen: 22
185.235.36.0/24 maxlen: 24
185.235.38.0/24 maxlen: 24
2a0e:1700::/32 maxlen: 32
2a0e:1701::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:38:03:c3:4d:c9:70:c5:b7:0e:ad:d9:c5:9a:5c:66:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ee6257d0c3a2b930561af2522d9e5af7f9cbc7
Validity
Not Before: Sep 13 18:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31ff0e5977352eb1a62d643c3f8e3d3af4930bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:1a:54:bc:09:a5:ac:92:23:e3:2e:f3:94:
56:30:84:4b:56:d3:4c:7f:90:51:d4:ca:b7:3e:51:
d5:09:8e:b0:b8:ae:43:a9:bd:36:75:31:27:dc:d0:
6d:5e:f6:43:17:0d:b4:a0:5c:52:8a:a8:78:80:68:
0e:4c:8f:f9:7f:0c:7e:f9:45:d8:ca:8f:28:05:89:
f3:de:0b:46:63:09:ab:86:a5:16:23:7f:7e:c9:a0:
a3:db:1a:da:38:a8:c4:d8:63:08:c0:75:f1:60:31:
d3:9c:89:f7:f2:bf:e2:16:fa:80:44:86:fc:29:4f:
79:c4:15:87:01:1e:88:0a:a2:3e:61:2e:5a:14:24:
8b:d6:dc:40:5d:95:65:51:06:8d:90:46:a9:d7:c4:
a0:b5:55:3d:ef:6c:ef:bf:67:58:91:3e:2c:92:c9:
03:1b:d6:dc:17:23:20:85:9a:56:5e:c4:68:8c:bb:
e0:34:80:c2:40:33:62:0d:27:a0:a4:e5:0d:76:0e:
51:be:ae:59:29:42:f3:2f:07:97:cd:35:9a:16:2b:
cf:5b:2b:b1:dd:95:82:36:e4:ac:cf:1d:b9:33:e1:
07:07:bd:5f:7b:0c:61:03:ad:d1:90:73:63:f4:94:
78:9e:b0:28:99:21:9d:01:c5:37:d0:79:47:1d:59:
3b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FF:0E:59:77:35:2E:B1:A6:2D:64:3C:3F:8E:3D:3A:F4:93:0B:BF
X509v3 Authority Key Identifier:
keyid:12:EE:62:57:D0:C3:A2:B9:30:56:1A:F2:52:2D:9E:5A:F7:F9:CB:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Mf8OWXc1LrGmLWQ8P449OvSTC78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Eu5iV9DDorkwVhryUi2eWvf5y8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.36.0/22
IPv6:
2a0e:1700::/31
Signature Algorithm: sha256WithRSAEncryption
7a:df:d0:8a:5d:77:f6:ad:a3:0f:64:01:23:2a:9f:47:16:5c:
4b:43:23:44:70:5d:7c:57:c9:23:aa:fb:98:17:49:06:66:de:
9f:7e:1b:47:41:76:d9:e0:da:5e:f6:2e:68:19:9d:58:68:f0:
5b:88:b7:90:99:e4:57:aa:bc:71:9a:03:70:96:1f:47:4c:c8:
e5:51:78:f7:34:93:3a:68:92:d9:d6:80:52:c8:ac:c6:45:67:
7c:30:38:ea:7f:63:98:a5:d8:68:fb:b0:04:d3:d7:77:c5:36:
0e:06:f0:01:62:1a:6b:f0:1e:a8:82:5f:cd:f7:f1:cc:ca:d9:
1b:fa:75:0c:8b:30:75:79:ea:b5:c4:71:62:b9:33:fb:41:89:
fb:da:76:b3:ab:bb:1a:3d:81:d4:0f:4b:95:6c:55:e1:48:a9:
38:15:b9:b7:52:65:3a:ad:65:a0:25:ca:62:4d:8b:80:18:49:
7f:ed:dd:e8:51:e5:a1:e5:45:20:ae:bb:68:ef:6f:95:ad:9f:
91:37:70:07:5e:e6:47:86:53:9e:3e:0e:b4:6c:bd:e3:82:1d:
4a:b9:75:9c:79:32:28:3f:e9:1d:73:e3:6f:f0:d8:2d:b9:8d:
42:80:4c:e4:15:a7:43:9f:42:67:29:de:72:3c:fe:f8:3a:ac:
4d:46:4f:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYM4A8NNyXDFtw6t2cWaXGbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWU2MjU3ZDBjM2EyYjkzMDU2MWFmMjUyMmQ5ZTVhZjdm
OWNiYzcwHhcNMjIwOTEzMTgwMTU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWZmMGU1OTc3MzUyZWIxYTYyZDY0M2MzZjhlM2QzYWY0OTMwYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrUaVLwJpaySI+Mu85RWMIRLVtNM
f5BR1Mq3PlHVCY6wuK5Dqb02dTEn3NBtXvZDFw20oFxSiqh4gGgOTI/5fwx++UXY
yo8oBYnz3gtGYwmrhqUWI39+yaCj2xraOKjE2GMIwHXxYDHTnIn38r/iFvqARIb8
KU95xBWHAR6ICqI+YS5aFCSL1txAXZVlUQaNkEap18SgtVU972zvv2dYkT4skskD
G9bcFyMghZpWXsRojLvgNIDCQDNiDSegpOUNdg5Rvq5ZKULzLweXzTWaFivPWyux
3ZWCNuSszx25M+EHB71fewxhA63RkHNj9JR4nrAomSGdAcU30HlHHVk78QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDH/Dll3NS6xpi1kPD+OPTr0kwu/MB8GA1UdIwQY
MBaAFBLuYlfQw6K5MFYa8lItnlr3+cvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXU1aVY5RERvcmt3VmhyeVVpMmVXdmY1eThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MWRlZTItZTFjMS00MGNlLWIzMTEt
M2YzMzg2NjE5MmQwLzEvTWY4T1dYYzFMckdtTFdROFA0NDlPdlNUQzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MWRlZTItZTFjMS00MGNlLWIzMTEtM2YzMzg2NjE5MmQw
LzEvRXU1aVY5RERvcmt3VmhyeVVpMmVXdmY1eThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueskMA0E
AgACMAcDBQEqDhcAMA0GCSqGSIb3DQEBCwUAA4IBAQB639CKXXf2raMPZAEjKp9H
FlxLQyNEcF18V8kjqvuYF0kGZt6ffhtHQXbZ4Npe9i5oGZ1YaPBbiLeQmeRXqrxx
mgNwlh9HTMjlUXj3NJM6aJLZ1oBSyKzGRWd8MDjqf2OYpdho+7AE09d3xTYOBvAB
Yhpr8B6ogl/N9/HMytkb+nUMizB1eeq1xHFiuTP7QYn72nazq7saPYHUD0uVbFXh
SKk4Fbm3UmU6rWWgJcpiTYuAGEl/7d3oUeWh5UUgrrto72+VrZ+RN3AHXuZHhlOe
Pg60bL3jgh1KuXWceTIoP+kdc+Nv8NgtuY1CgEzkFadDn0JnKd5yPP74OqxNRk9O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org