Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/MH1Unhyj_vciJdM7JdJkC71piF4.roa
File: MH1Unhyj_vciJdM7JdJkC71piF4.roa (raw, json)
Hash identifier: ISwD0174D/xVXzlktrxA4unWsNItm7c32U0LAIUaGDE=
Subject key identifier: 30:7D:54:9E:1C:A3:FE:F7:22:25:D3:3B:25:D2:64:0B:BD:69:88:5E
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 147088B9
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/MH1Unhyj_vciJdM7JdJkC71piF4.roa
Signing time: Sat 01 Jan 2022 09:58:52 +0000
ROA not before: Sat 01 Jan 2022 09:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200532
IP address blocks: 185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342919353 (0x147088b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 09:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=307d549e1ca3fef72225d33b25d2640bbd69885e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:34:66:43:8c:57:2d:e9:d1:7c:1a:39:35:88:
b5:39:3f:4f:26:4b:1c:e4:c7:17:b4:8f:1a:bd:56:
14:65:80:16:15:91:f6:55:32:43:5e:ec:cb:ac:ac:
ee:3a:3f:57:02:23:d9:a2:1f:cb:db:c3:a2:6a:4e:
09:51:f7:7e:28:70:ca:a6:e1:b3:5a:4b:17:de:1e:
0d:ba:3c:2f:86:32:3f:99:25:3c:98:1e:c7:b2:99:
0b:d6:da:09:37:8b:09:80:62:af:8b:db:46:60:4d:
80:e3:7a:65:e3:2d:ea:76:95:a3:70:b3:c4:3a:cd:
4b:b3:2d:6e:97:ef:9d:bf:de:b4:98:19:08:a3:26:
49:7f:ce:42:43:3b:7e:9a:12:a5:22:b8:98:6f:cd:
69:e9:7d:1b:ac:0c:09:1f:a9:a5:54:4c:f8:e2:68:
d7:2a:5f:48:2d:c5:ed:98:23:f8:00:a2:4d:f5:21:
83:56:dd:55:c4:f4:ee:02:0b:56:41:69:47:b5:64:
c0:84:5d:f6:e4:5b:c7:7a:37:b4:b4:84:a9:07:b1:
c8:fe:26:56:22:33:4e:5d:c9:df:ef:4a:b6:04:00:
d0:1f:a6:02:2c:d8:06:b9:4f:fc:f9:ef:ec:d8:e1:
f7:58:dd:0a:70:48:54:ea:0c:b2:ee:b2:1e:62:6a:
67:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7D:54:9E:1C:A3:FE:F7:22:25:D3:3B:25:D2:64:0B:BD:69:88:5E
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/MH1Unhyj_vciJdM7JdJkC71piF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
IPv6:
2a06:940::/56
Signature Algorithm: sha256WithRSAEncryption
56:e9:a2:b8:89:03:2d:58:1d:2c:f7:c2:fc:78:d8:57:8e:19:
41:a5:9d:2f:97:7f:4e:cd:45:bc:58:13:ce:fa:55:2e:73:1d:
14:b4:37:4f:ca:60:39:90:23:5d:e9:e1:38:00:23:80:0a:d5:
53:e5:a2:83:3b:d5:dd:73:ee:fb:12:0f:86:67:b9:d2:82:ad:
eb:31:8c:e4:a3:7d:58:40:98:57:c4:f1:ec:b4:05:55:d1:d0:
8a:0c:da:2a:74:8c:4d:48:0f:b3:88:ea:c0:00:61:0f:a5:1a:
90:20:bc:e9:b9:2a:bd:30:a9:4f:01:0d:44:00:83:9c:27:23:
a2:b7:b1:38:79:bc:ce:ca:e4:18:49:d8:ec:ad:77:01:e8:a3:
91:5e:37:fc:54:ac:b8:1a:8a:11:e6:e6:92:fa:49:95:48:26:
49:c5:b1:cb:aa:4d:79:a3:9a:25:84:8f:b2:fc:17:ee:81:ec:
39:dd:c1:b3:09:a1:ff:84:0e:a6:d7:4e:27:ec:6a:3c:9a:ae:
e8:28:8a:60:9a:e8:17:ff:ce:e0:14:fe:bb:e8:14:5c:a9:32:
22:3b:fd:a9:5d:20:fa:b7:ac:34:db:12:52:96:bd:b1:d5:51:
f5:fa:45:1c:08:e4:9f:04:eb:f1:72:8e:55:91:5e:fe:a3:cc:
a5:dd:5d:49
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEFHCIuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMB4XDTIyMDEw
MTA5NTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA3ZDU0OWUxY2Ez
ZmVmNzIyMjVkMzNiMjVkMjY0MGJiZDY5ODg1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOA0ZkOMVy3p0XwaOTWItTk/TyZLHOTHF7SPGr1WFGWAFhWR
9lUyQ17sy6ys7jo/VwIj2aIfy9vDompOCVH3fihwyqbhs1pLF94eDbo8L4YyP5kl
PJgex7KZC9baCTeLCYBir4vbRmBNgON6ZeMt6naVo3CzxDrNS7Mtbpfvnb/etJgZ
CKMmSX/OQkM7fpoSpSK4mG/Nael9G6wMCR+ppVRM+OJo1ypfSC3F7Zgj+ACiTfUh
g1bdVcT07gILVkFpR7VkwIRd9uRbx3o3tLSEqQexyP4mViIzTl3J3+9KtgQA0B+m
AizYBrlP/Pnv7Njh91jdCnBIVOoMsu6yHmJqZ7cCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQwfVSeHKP+9yIl0zsl0mQLvWmIXjAfBgNVHSMEGDAWgBQohVhSpLzRvx7I
E/PBOw8fNy85cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVllVcVM4MGI4ZXlCUHp3VHNQSHpjdk9YRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8x
L01IMVVuaHlqX3ZjaUpkTTdKZEprQzcxcGlGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4
ZXlCUHp3VHNQSHpjdk9YRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowNgQCAAEwMAMEArliBAMEArlkQAMEArlvaAMEArlx
hAMEArl0wAMEArl5UAMEArl9WAMEArmBMDAQBAIAAjAKAwgAKgYJQAAAADANBgkq
hkiG9w0BAQsFAAOCAQEAVumiuIkDLVgdLPfC/HjYV44ZQaWdL5d/Ts1FvFgTzvpV
LnMdFLQ3T8pgOZAjXenhOAAjgArVU+WigzvV3XPu+xIPhme50oKt6zGM5KN9WECY
V8Tx7LQFVdHQigzaKnSMTUgPs4jqwABhD6UakCC86bkqvTCpTwENRACDnCcjorex
OHm8zsrkGEnY7K13AeijkV43/FSsuBqKEebmkvpJlUgmScWxy6pNeaOaJYSPsvwX
7oHsOd3Bswmh/4QOptdOJ+xqPJqu6CiKYJroF//O4BT+u+gUXKkyIjv9qV0g+res
NNsSUpa9sdVR9fpFHAjknwTr8XKOVZFe/qPMpd1dSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org