Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/MKLcfb2MNMgx41HW3btRrVRUU1s.roa
File: MKLcfb2MNMgx41HW3btRrVRUU1s.roa (raw, json)
Hash identifier: ESNFBSNLtWQQqQuxIW2dZbRtLn9ZCCIUfB1OtoQ3gEg=
Subject key identifier: 30:A2:DC:7D:BD:8C:34:C8:31:E3:51:D6:DD:BB:51:AD:54:54:53:5B
Certificate issuer: /CN=6f20c1aae03c274f029428eea0a4424208d4f3ed
Certificate serial: 0849EAB8
Authority key identifier: 6F:20:C1:AA:E0:3C:27:4F:02:94:28:EE:A0:A4:42:42:08:D4:F3:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/byDBquA8J08ClCjuoKRCQgjU8-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/MKLcfb2MNMgx41HW3btRrVRUU1s.roa
Signing time: Sat 01 Jan 2022 16:02:17 +0000
ROA not before: Sat 01 Jan 2022 16:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206602
IP address blocks: 185.245.144.0/24 maxlen: 24
185.245.145.0/24 maxlen: 24
185.245.144.0/22 maxlen: 22
185.245.146.0/24 maxlen: 24
185.245.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139061944 (0x849eab8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f20c1aae03c274f029428eea0a4424208d4f3ed
Validity
Not Before: Jan 1 16:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30a2dc7dbd8c34c831e351d6ddbb51ad5454535b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:09:7d:06:8e:f2:d3:aa:49:ac:ab:ee:65:
4d:4d:03:7a:02:d4:a6:46:e6:78:37:1c:95:2a:a7:
a7:b4:82:5c:8a:6b:33:2c:65:7c:6b:5c:ff:d5:88:
31:37:5f:c6:9c:ff:a6:c0:92:6e:08:53:22:b3:17:
e8:bd:0e:ad:68:39:f1:ce:16:2a:74:e3:c8:16:95:
21:c1:72:b7:3f:c6:16:c3:44:e5:fe:97:ed:c3:aa:
14:c8:cc:7f:30:56:b4:6e:4a:d0:f1:11:92:2c:b2:
a1:0b:d8:8c:0c:12:14:af:ae:bc:4f:76:78:c9:e5:
81:59:5b:e5:c2:bb:e8:4b:75:39:c3:4a:b1:85:37:
95:35:e9:eb:22:a8:0c:ed:48:c5:77:b9:8b:45:8c:
d0:4c:9d:c8:0e:ac:54:95:e6:96:a0:38:4d:13:03:
16:e1:db:1d:14:fa:ef:fd:e3:c4:39:00:74:2f:63:
67:39:1a:e4:d8:f8:d5:2a:32:bf:9e:ed:37:03:98:
7b:6b:2c:e0:1c:51:0e:48:80:9c:a4:0c:fd:9b:4f:
59:88:7c:21:c1:e9:37:e0:00:a1:80:65:c9:7b:40:
a0:60:d4:ca:bc:db:1c:72:7a:f9:5b:0e:57:3d:29:
f1:69:6f:95:70:a1:61:c3:2d:d4:a9:70:40:0b:fe:
f7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A2:DC:7D:BD:8C:34:C8:31:E3:51:D6:DD:BB:51:AD:54:54:53:5B
X509v3 Authority Key Identifier:
keyid:6F:20:C1:AA:E0:3C:27:4F:02:94:28:EE:A0:A4:42:42:08:D4:F3:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/byDBquA8J08ClCjuoKRCQgjU8-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/MKLcfb2MNMgx41HW3btRrVRUU1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/byDBquA8J08ClCjuoKRCQgjU8-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.144.0/22
Signature Algorithm: sha256WithRSAEncryption
00:c9:36:02:2d:99:7f:02:72:36:c1:b4:46:71:b7:bc:83:22:
8c:2f:a0:6c:44:4c:18:c4:e7:61:ed:cb:9f:a7:4e:ef:08:d4:
af:92:e9:18:d3:4e:44:fd:06:69:05:43:35:b1:0d:ee:02:52:
89:a7:84:79:74:64:5a:86:33:fa:17:35:08:fa:13:f4:33:18:
0c:50:cb:44:c1:7d:4e:22:f4:d2:f0:ec:7c:c6:41:4e:0e:3b:
41:19:a3:e5:f1:22:eb:65:b3:d4:72:9a:d3:d7:b5:69:b2:18:
a6:5e:07:cb:16:37:6c:ad:c7:46:c0:c9:82:7f:84:8c:33:8a:
f2:7b:4d:c7:6d:3c:5b:37:9d:a7:2a:8b:4c:d3:93:1a:f0:8c:
97:34:17:ad:e3:84:17:f0:7d:1f:97:64:49:8f:18:f2:ed:c3:
8a:ee:84:2c:5b:72:2a:78:cc:88:e6:cf:df:31:d6:dd:97:78:
46:58:c4:a2:af:6b:32:e7:73:2c:d7:3b:93:a3:02:95:af:d0:
6f:6a:5e:f5:cf:74:c1:b2:e0:af:de:ec:ae:7a:af:8a:2e:82:
14:40:6c:fc:ca:da:bf:22:01:f0:91:1c:08:3c:7e:37:87:c3:
77:dc:77:51:52:07:47:d5:d4:23:55:5d:a0:1d:52:1d:64:73:
40:e7:5e:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECEnquDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjIwYzFhYWUwM2MyNzRmMDI5NDI4ZWVhMGE0NDI0MjA4ZDRmM2VkMB4XDTIyMDEw
MTE2MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBhMmRjN2RiZDhj
MzRjODMxZTM1MWQ2ZGRiYjUxYWQ1NDU0NTM1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOhCX0GjvLTqkmsq+5lTU0DegLUpkbmeDcclSqnp7SCXIpr
MyxlfGtc/9WIMTdfxpz/psCSbghTIrMX6L0OrWg58c4WKnTjyBaVIcFytz/GFsNE
5f6X7cOqFMjMfzBWtG5K0PERkiyyoQvYjAwSFK+uvE92eMnlgVlb5cK76Et1OcNK
sYU3lTXp6yKoDO1IxXe5i0WM0EydyA6sVJXmlqA4TRMDFuHbHRT67/3jxDkAdC9j
Zzka5Nj41Soyv57tNwOYe2ss4BxRDkiAnKQM/ZtPWYh8IcHpN+AAoYBlyXtAoGDU
yrzbHHJ6+VsOVz0p8WlvlXChYcMt1KlwQAv+90ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwotx9vYw0yDHjUdbdu1GtVFRTWzAfBgNVHSMEGDAWgBRvIMGq4DwnTwKU
KO6gpEJCCNTz7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J5REJxdUE4SjA4Q2xDanVvS1JDUWdqVTgtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvN2U0YmE3LWY1OTItNGVlYy1iY2FlLTA5NWQwYmQyNTU1Zi8x
L01LTGNmYjJNTk1neDQxSFczYnRSclZSVVUxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
N2U0YmE3LWY1OTItNGVlYy1iY2FlLTA5NWQwYmQyNTU1Zi8xL2J5REJxdUE4SjA4
Q2xDanVvS1JDUWdqVTgtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn1kDANBgkqhkiG9w0BAQsFAAOC
AQEAAMk2Ai2ZfwJyNsG0RnG3vIMijC+gbERMGMTnYe3Ln6dO7wjUr5LpGNNORP0G
aQVDNbEN7gJSiaeEeXRkWoYz+hc1CPoT9DMYDFDLRMF9TiL00vDsfMZBTg47QRmj
5fEi62Wz1HKa09e1abIYpl4HyxY3bK3HRsDJgn+EjDOK8ntNx208WzedpyqLTNOT
GvCMlzQXreOEF/B9H5dkSY8Y8u3Diu6ELFtyKnjMiObP3zHW3Zd4RljEoq9rMudz
LNc7k6MCla/Qb2pe9c90wbLgr97srnqvii6CFEBs/MravyIB8JEcCDx+N4fDd9x3
UVIHR9XUI1VdoB1SHWRzQOdeFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:33 2024 by rpki-client on console-ams.rpki-client.org