Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/MNRsYv0tEhhIpYZXCF1JKLuwT5E.roa
File: MNRsYv0tEhhIpYZXCF1JKLuwT5E.roa (raw, json)
Hash identifier: 7jXvvDTamVkRwTiZdQIUKSanTX8BJ9tRjk9txHN2cek=
Subject key identifier: 30:D4:6C:62:FD:2D:12:18:48:A5:86:57:08:5D:49:28:BB:B0:4F:91
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 09AA2D04
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/MNRsYv0tEhhIpYZXCF1JKLuwT5E.roa
Signing time: Mon 14 Feb 2022 13:09:13 +0000
ROA not before: Mon 14 Feb 2022 13:09:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3399
IP address blocks: 185.157.162.0/24 maxlen: 24
185.157.160.0/23 maxlen: 23
2a07:a880:4603::/48 maxlen: 48
2a07:a880:4701::/48 maxlen: 48
2a07:a880:4601::/48 maxlen: 48
2a07:a880:3101::/48 maxlen: 48
2a07:a880:4604::/48 maxlen: 48
2a07:a880:4602::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162147588 (0x9aa2d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Feb 14 13:09:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30d46c62fd2d121848a58657085d4928bbb04f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e9:d2:09:a2:bd:72:b0:04:2f:bf:91:f7:77:
c1:d4:6b:d1:bf:31:0f:fd:cb:83:15:50:a6:09:14:
da:7b:dc:47:b4:54:ce:32:a0:0c:20:ea:cb:80:d8:
20:b7:00:8d:3c:00:46:80:ab:40:7f:c9:fe:df:3a:
c0:27:17:18:57:d2:60:39:db:ae:d9:e2:92:e1:a7:
a0:60:93:da:55:4f:34:c3:41:98:32:02:89:21:71:
a0:64:84:82:c0:c7:9e:b0:dc:55:0d:47:fb:81:0c:
ec:29:35:2b:7e:70:c0:30:b9:b4:fb:eb:62:b8:ea:
ea:5d:01:ad:7f:31:b6:0e:75:fd:28:e8:be:a5:0f:
e1:d8:0b:51:d7:01:7e:78:b5:1a:c0:f3:34:e2:64:
34:dd:fc:b2:b1:18:68:c4:aa:5f:81:a2:a7:99:08:
fd:2b:b9:2b:ac:92:b7:08:83:f7:1b:12:32:57:65:
b3:6b:82:f9:8a:b7:14:b1:10:07:fd:98:32:e8:0c:
e3:b1:0d:a6:5a:4f:20:cd:98:a5:d2:e4:fe:c5:a5:
a1:04:ce:65:f0:be:91:b8:92:a3:d7:9e:a0:4b:1c:
a1:3d:75:b7:59:86:37:3b:07:3c:79:60:2c:1c:c4:
01:bc:88:ad:cf:ad:68:da:d1:a2:60:b0:b7:42:ca:
2b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D4:6C:62:FD:2D:12:18:48:A5:86:57:08:5D:49:28:BB:B0:4F:91
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/MNRsYv0tEhhIpYZXCF1JKLuwT5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.160.0-185.157.162.255
IPv6:
2a07:a880:3101::/48
2a07:a880:4601::-2a07:a880:4604:ffff:ffff:ffff:ffff:ffff
2a07:a880:4701::/48
Signature Algorithm: sha256WithRSAEncryption
0e:bc:cb:02:e8:79:31:fa:10:38:24:7b:c8:cf:a6:7e:14:50:
2f:3b:aa:4d:77:6d:e3:7d:09:ab:55:58:8c:6f:84:8a:1a:3a:
5c:8c:4f:45:94:8c:75:f0:ac:43:af:ea:cd:d0:75:6c:ca:11:
21:fc:2e:ed:3f:cd:48:ca:cc:6a:1b:3d:a6:5c:71:0c:be:ce:
d3:3b:4f:91:46:37:05:3a:c0:53:e2:45:38:2f:a6:aa:95:87:
7a:91:5c:20:69:e5:49:98:c8:7f:78:1c:59:9f:81:1c:3d:0f:
d5:64:33:dc:90:78:70:a8:2e:0f:7d:d6:bd:38:bb:c6:bd:ea:
96:8d:0b:8d:0e:b6:a1:dd:40:58:51:e8:c0:42:11:6b:fa:0e:
91:a6:9b:bd:d7:22:27:4b:1a:9c:fa:77:92:0a:20:4d:8f:bd:
4c:fe:42:43:49:1b:bf:e0:15:04:4e:5c:2d:fc:2c:8a:6a:46:
91:b9:14:cb:99:24:17:5e:87:e9:ec:d1:30:75:ed:df:bf:1f:
4e:fa:ec:04:38:38:4f:9f:25:fc:d0:59:63:a9:cf:d8:be:22:
ef:3b:f1:0c:7b:a6:79:fc:04:c9:c1:4a:1f:3c:d3:ac:54:92:
7c:68:d1:de:df:fd:77:28:ee:7f:89:d0:87:c8:87:c9:58:71:
22:52:66:cf
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIECaotBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWIzYTcxNzY2NWExMTM3ZTk5ZGM4ZmFkMjJlM2U3Zjk4ZGI4OTczMB4XDTIyMDIx
NDEzMDkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBkNDZjNjJmZDJk
MTIxODQ4YTU4NjU3MDg1ZDQ5MjhiYmIwNGY5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/p0gmivXKwBC+/kfd3wdRr0b8xD/3LgxVQpgkU2nvcR7RU
zjKgDCDqy4DYILcAjTwARoCrQH/J/t86wCcXGFfSYDnbrtnikuGnoGCT2lVPNMNB
mDICiSFxoGSEgsDHnrDcVQ1H+4EM7Ck1K35wwDC5tPvrYrjq6l0BrX8xtg51/Sjo
vqUP4dgLUdcBfni1GsDzNOJkNN38srEYaMSqX4Gip5kI/Su5K6yStwiD9xsSMldl
s2uC+Yq3FLEQB/2YMugM47ENplpPIM2YpdLk/sWloQTOZfC+kbiSo9eeoEscoT11
t1mGNzsHPHlgLBzEAbyIrc+taNrRomCwt0LKK0kCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBQw1Gxi/S0SGEilhlcIXUkou7BPkTAfBgNVHSMEGDAWgBQps6cXZloRN+md
yPrSLj5/mNuJczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tiT25GMlphRVRmcG5jajYwaTQtZjVqYmlYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWNkMjhlLTUyYWUtNGFjOS1iMDI4LTY2OWY3YTc2MTYzMS8x
L01OUnNZdjB0RWhoSXBZWlhDRjFKS0x1d1Q1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWNkMjhlLTUyYWUtNGFjOS1iMDI4LTY2OWY3YTc2MTYzMS8xL0tiT25GMlphRVRm
cG5jajYwaTQtZjVqYmlYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwFAQCAAEwDjAMAwQFuZ2gAwQAuZ2iMCwEAgACMCYD
BwAqB6iAMQEwEgMHACoHqIBGAQMHACoHqIBGBAMHACoHqIBHATANBgkqhkiG9w0B
AQsFAAOCAQEADrzLAuh5MfoQOCR7yM+mfhRQLzuqTXdt430Jq1VYjG+Eiho6XIxP
RZSMdfCsQ6/qzdB1bMoRIfwu7T/NSMrMahs9plxxDL7O0ztPkUY3BTrAU+JFOC+m
qpWHepFcIGnlSZjIf3gcWZ+BHD0P1WQz3JB4cKguD33WvTi7xr3qlo0LjQ62od1A
WFHowEIRa/oOkaabvdciJ0sanPp3kgogTY+9TP5CQ0kbv+AVBE5cLfwsimpGkbkU
y5kkF16H6ezRMHXt378fTvrsBDg4T58l/NBZY6nP2L4i7zvxDHumefwEycFKHzzT
rFSSfGjR3t/9dyjuf4nQh8iHyVhxIlJmzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org