Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/MTbgOzP2RsQkMhu5sesqxf2POYM.roa
File: MTbgOzP2RsQkMhu5sesqxf2POYM.roa (raw, json)
Hash identifier: DxyYuVMgpsUj8NOo7thmS/tUHfgcm9ZZclQDk7yQbd4=
Subject key identifier: 31:36:E0:3B:33:F6:46:C4:24:32:1B:B9:B1:EB:2A:C5:FD:8F:39:83
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01851BEF22F16ACDBD7DF917F70E8E1ADEFD
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/MTbgOzP2RsQkMhu5sesqxf2POYM.roa
Signing time: Fri 16 Dec 2022 17:15:34 +0000
ROA not before: Fri 16 Dec 2022 17:15:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207083
IP address blocks: 91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1b:ef:22:f1:6a:cd:bd:7d:f9:17:f7:0e:8e:1a:de:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Dec 16 17:15:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3136e03b33f646c424321bb9b1eb2ac5fd8f3983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:df:29:25:af:44:47:b9:34:be:50:92:89:
e4:52:94:ef:fd:64:66:21:b6:a7:f9:5a:b4:59:4c:
36:cb:1e:72:0a:f3:0f:23:83:58:af:c3:16:0d:66:
27:47:7b:b1:bf:bc:ca:36:08:85:41:69:08:1c:0e:
0e:da:bd:d7:7d:6a:c2:f9:12:0c:0e:aa:4c:7d:18:
8b:a7:64:50:a8:e0:fb:2a:99:4b:8c:2e:c4:77:f8:
11:c6:7c:28:0b:7f:d2:7a:07:0b:c5:17:be:f4:7c:
f0:4d:f2:c2:fa:be:73:42:1e:df:1a:cd:c7:4f:75:
ec:a6:08:df:70:6a:c3:53:57:20:9f:b0:ae:6e:6d:
5d:fa:57:ef:62:85:66:84:f4:38:b9:be:71:1a:2b:
8c:6f:18:39:12:41:ff:74:aa:08:44:5d:c5:3c:9b:
18:4a:b9:7e:47:ac:8c:3d:c2:90:f6:e3:23:ed:89:
77:54:de:d9:fc:e5:74:ca:bf:ba:da:d5:d9:94:4e:
32:83:8d:e0:bb:e9:49:d5:ff:a5:7f:af:92:56:63:
74:09:20:4b:40:03:9d:ab:60:86:37:8e:b2:53:73:
a9:93:03:68:a4:4c:53:81:97:fd:a9:09:de:f1:55:
ee:46:9e:79:69:50:23:5a:79:8d:dd:6a:3a:06:34:
29:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:36:E0:3B:33:F6:46:C4:24:32:1B:B9:B1:EB:2A:C5:FD:8F:39:83
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/MTbgOzP2RsQkMhu5sesqxf2POYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
03:3e:40:5a:fd:7d:d4:b0:a0:4a:3e:5b:51:93:6d:9d:02:a7:
83:89:5a:48:2f:c7:f8:65:5f:d5:0c:4e:73:18:b4:29:7d:1c:
22:14:bf:c0:40:db:ca:62:ad:2d:9b:e9:a4:61:ee:60:0c:1b:
f3:29:04:39:0f:01:c8:dd:66:1e:6c:ea:d0:99:22:fe:a3:16:
62:46:35:96:cc:fa:1b:2d:41:78:db:94:26:09:b0:31:52:51:
04:da:7a:0a:41:1b:2f:e9:97:81:06:b0:47:01:cd:fd:63:45:
1b:b9:82:4e:4a:1e:2d:01:d8:65:92:dd:9c:56:75:70:35:92:
59:48:b0:ae:c1:49:0b:d0:74:0b:c6:72:2f:d6:36:ac:23:7d:
c2:f0:66:6e:2a:d2:79:61:76:a2:e0:a7:15:b2:0a:b0:04:9a:
64:6c:6a:9c:a0:63:f7:ec:c0:68:ea:67:2c:64:58:a4:5a:6e:
ec:47:7a:c7:98:67:ad:c7:4d:e7:bb:e0:5a:35:ee:1f:e7:fa:
fd:9f:9c:44:0a:19:3e:43:1d:f1:74:8e:c7:bb:eb:a0:89:f0:
25:eb:1d:a9:9e:28:72:8b:96:26:21:d9:e6:6b:5e:16:2e:f2:
c9:ea:fe:f1:82:d8:39:23:df:4e:90:f2:7e:cd:db:15:6f:1d:
ba:3f:d0:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUb7yLxas29ffkX9w6OGt79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMjE2MTcxNTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM2ZTAzYjMzZjY0NmM0MjQzMjFiYjliMWViMmFjNWZkOGYzOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH/fKSWvREe5NL5QkonkUpTv/WRm
Iban+Vq0WUw2yx5yCvMPI4NYr8MWDWYnR3uxv7zKNgiFQWkIHA4O2r3XfWrC+RIM
DqpMfRiLp2RQqOD7KplLjC7Ed/gRxnwoC3/SegcLxRe+9HzwTfLC+r5zQh7fGs3H
T3XspgjfcGrDU1cgn7Cubm1d+lfvYoVmhPQ4ub5xGiuMbxg5EkH/dKoIRF3FPJsY
Srl+R6yMPcKQ9uMj7Yl3VN7Z/OV0yr+62tXZlE4yg43gu+lJ1f+lf6+SVmN0CSBL
QAOdq2CGN46yU3OpkwNopExTgZf9qQne8VXuRp55aVAjWnmN3Wo6BjQpaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDE24Dsz9kbEJDIbubHrKsX9jzmDMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvTVRiZ096UDJSc1FrTWh1NXNlc3F4ZjJQT1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QOAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQADPkBa/X3UsKBKPltRk22dAqeDiVpIL8f4
ZV/VDE5zGLQpfRwiFL/AQNvKYq0tm+mkYe5gDBvzKQQ5DwHI3WYebOrQmSL+oxZi
RjWWzPobLUF425QmCbAxUlEE2noKQRsv6ZeBBrBHAc39Y0UbuYJOSh4tAdhlkt2c
VnVwNZJZSLCuwUkL0HQLxnIv1jasI33C8GZuKtJ5YXai4KcVsgqwBJpkbGqcoGP3
7MBo6mcsZFikWm7sR3rHmGetx03nu+BaNe4f5/r9n5xEChk+Qx3xdI7Hu+ugifAl
6x2pnihyi5YmIdnma14WLvLJ6v7xgtg5I99OkPJ+zdsVbx26P9A2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-fra.rpki-client.org