Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/MuBLc7qNnwOJtmoIJMLrLYJ0gEo.roa
File: MuBLc7qNnwOJtmoIJMLrLYJ0gEo.roa (raw, json)
Hash identifier: Gy+sBmnjqlvpk+RjZ9GfaOuDMIvxrwivxh7/HA78z6c=
Subject key identifier: 32:E0:4B:73:BA:8D:9F:03:89:B6:6A:08:24:C2:EB:2D:82:74:80:4A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0183AC3459818272754E4F858E3D9E8D7A6A
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/MuBLc7qNnwOJtmoIJMLrLYJ0gEo.roa
Signing time: Thu 06 Oct 2022 07:30:55 +0000
ROA not before: Thu 06 Oct 2022 07:30:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 89.43.41.0/24 maxlen: 24
89.43.42.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:34:59:81:82:72:75:4e:4f:85:8e:3d:9e:8d:7a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Oct 6 07:30:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32e04b73ba8d9f0389b66a0824c2eb2d8274804a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6b:72:62:a5:b7:5f:20:c0:1e:8a:26:6a:c7:
7d:42:2c:0e:6f:73:b5:24:1c:da:96:fa:e2:67:52:
df:0f:83:7e:7c:6c:ea:da:bd:c5:b0:51:7b:d2:aa:
53:c4:db:3a:bd:43:62:64:96:71:1d:1b:5f:8a:36:
f4:07:46:37:5e:04:27:ae:6f:30:11:ac:db:9c:6c:
e3:7c:3c:da:0e:27:31:8c:24:22:2a:fa:56:2a:ec:
d0:6d:06:a8:92:b7:57:81:4d:b7:de:bb:1f:8c:8f:
b5:d2:84:e4:c2:fb:33:52:21:67:32:5f:25:3b:eb:
c5:fb:35:f9:32:f9:6d:32:93:ac:9b:7e:e4:70:c9:
22:97:dc:fa:b7:22:09:7a:16:08:11:33:06:84:1b:
31:77:1a:c7:13:49:56:93:29:d5:76:bf:35:06:d2:
34:25:ce:67:50:46:1e:8c:10:78:a3:0d:ea:44:ab:
b9:14:20:5f:59:dc:5f:b5:8c:44:ed:10:bd:f3:44:
61:ac:a2:16:e8:9c:c0:5c:5e:95:85:46:97:46:43:
47:72:b0:42:e9:3c:2a:f2:5a:83:93:e4:56:34:09:
a6:0d:af:a7:34:dc:a9:5c:cb:96:fd:b3:8f:72:ec:
24:86:6d:7a:db:a6:b9:5a:ba:c1:79:eb:1b:38:00:
7a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E0:4B:73:BA:8D:9F:03:89:B6:6A:08:24:C2:EB:2D:82:74:80:4A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/MuBLc7qNnwOJtmoIJMLrLYJ0gEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.41.0-89.43.42.255
89.44.209.0/24
89.45.34.0/24
93.114.187.0/24
Signature Algorithm: sha256WithRSAEncryption
22:41:4b:fb:bd:40:7d:0f:29:98:21:6f:64:71:b6:7a:f9:29:
5b:eb:00:6a:24:73:08:17:ea:97:c3:c3:02:fa:4e:ee:d5:92:
d7:7a:df:73:94:be:3b:6c:e3:86:1d:99:c8:02:35:d8:db:5f:
3d:b2:3e:c2:c0:cd:e6:e9:81:30:5c:b7:a0:c3:0f:c2:82:31:
81:75:43:88:ef:50:71:2a:84:b8:44:94:4c:4e:31:01:a8:2c:
93:e3:67:a1:43:5d:f8:36:d3:6c:92:f4:e8:fc:48:cb:3a:64:
c5:a7:55:2e:ae:58:21:f2:b0:0c:e5:2c:40:28:27:bb:58:c9:
0e:cc:f4:38:a6:43:c9:de:9e:0b:9e:2a:18:2e:59:66:07:b7:
74:64:0a:15:fb:a8:27:57:e3:83:25:02:b9:df:21:99:b3:86:
f2:04:4f:63:50:6a:78:62:ab:46:e6:1f:00:95:02:17:b1:44:
5d:87:9f:4f:97:09:70:ee:e3:dd:e4:a9:ed:cd:3d:db:87:13:
2b:4f:d3:2d:64:71:c5:f4:53:f2:c6:30:be:6e:7b:a4:bd:81:
af:81:4c:7a:5a:8c:f0:a6:7f:49:4f:44:3d:b4:9c:c5:f4:f2:
41:ee:39:0d:9d:b0:c9:9d:20:18:62:16:ed:74:04:31:91:84:
dc:30:47:b6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYOsNFmBgnJ1Tk+Fjj2ejXpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMDA2MDczMDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmUwNGI3M2JhOGQ5ZjAzODliNjZhMDgyNGMyZWIyZDgyNzQ4MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWtyYqW3XyDAHoomasd9QiwOb3O1
JBzalvriZ1LfD4N+fGzq2r3FsFF70qpTxNs6vUNiZJZxHRtfijb0B0Y3XgQnrm8w
EazbnGzjfDzaDicxjCQiKvpWKuzQbQaokrdXgU233rsfjI+10oTkwvszUiFnMl8l
O+vF+zX5MvltMpOsm37kcMkil9z6tyIJehYIETMGhBsxdxrHE0lWkynVdr81BtI0
Jc5nUEYejBB4ow3qRKu5FCBfWdxftYxE7RC980RhrKIW6JzAXF6VhUaXRkNHcrBC
6Twq8lqDk+RWNAmmDa+nNNypXMuW/bOPcuwkhm1626a5WrrBeesbOAB6YQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDLgS3O6jZ8DibZqCCTC6y2CdIBKMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvTXVCTGM3cU5ud09KdG1vSUpNTHJMWUowZ0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABZKykD
BABZKyoDBABZLNEDBABZLSIDBABdcrswDQYJKoZIhvcNAQELBQADggEBACJBS/u9
QH0PKZghb2Rxtnr5KVvrAGokcwgX6pfDwwL6Tu7Vktd633OUvjts44YdmcgCNdjb
Xz2yPsLAzebpgTBct6DDD8KCMYF1Q4jvUHEqhLhElExOMQGoLJPjZ6FDXfg202yS
9Oj8SMs6ZMWnVS6uWCHysAzlLEAoJ7tYyQ7M9DimQ8nengueKhguWWYHt3RkChX7
qCdX44MlArnfIZmzhvIET2NQanhiq0bmHwCVAhexRF2Hn0+XCXDu493kqe3NPduH
EytP0y1kccX0U/LGML5ue6S9ga+BTHpajPCmf0lPRD20nMX08kHuOQ2dsMmdIBhi
Fu10BDGRhNwwR7Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org