Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/MfG1_miHKW4xqoeU9T3vVOcYBtQ.roa
File: MfG1_miHKW4xqoeU9T3vVOcYBtQ.roa (raw, json)
Hash identifier: E3c6uELerLKHE3LBxIwtGW3m32ZDY3tckEVOCDryceM=
Subject key identifier: 31:F1:B5:FE:68:87:29:6E:31:AA:87:94:F5:3D:EF:54:E7:18:06:D4
Certificate issuer: /CN=be4943f5203d43460a13ad4ea9d7d5b950c613cd
Certificate serial: 05071A25
Authority key identifier: BE:49:43:F5:20:3D:43:46:0A:13:AD:4E:A9:D7:D5:B9:50:C6:13:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/MfG1_miHKW4xqoeU9T3vVOcYBtQ.roa
Signing time: Sat 01 Jan 2022 06:59:28 +0000
ROA not before: Sat 01 Jan 2022 06:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50084
IP address blocks: 185.96.176.0/22 maxlen: 22
194.247.164.0/23 maxlen: 23
194.247.164.0/24 maxlen: 24
194.247.165.0/24 maxlen: 24
2a07:4140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84351525 (0x5071a25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be4943f5203d43460a13ad4ea9d7d5b950c613cd
Validity
Not Before: Jan 1 06:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31f1b5fe6887296e31aa8794f53def54e71806d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:b1:39:5e:a4:2f:e3:fd:2f:c0:c7:ce:fe:
d0:13:b2:b3:ff:bf:73:42:59:e4:0c:9b:80:1f:f8:
d2:cd:e0:de:34:5c:d6:8c:c0:1f:88:e0:79:f7:60:
00:40:15:5d:ff:dc:47:e6:cf:83:08:74:e4:da:b0:
53:ce:50:9a:f8:88:1d:fe:93:bd:fd:77:0c:04:47:
0a:10:ac:80:cd:78:0d:eb:5b:d5:f7:e6:57:26:cb:
d8:21:08:fc:5b:40:4a:6c:9f:12:f5:04:6e:c4:70:
61:ca:83:01:f6:6e:de:50:89:95:27:2d:3d:43:55:
76:b2:38:a5:48:62:ce:3a:e3:93:40:ab:6e:ca:01:
33:23:1c:eb:c7:4e:80:1a:63:76:af:8d:13:da:01:
a7:92:2b:09:7e:d3:8e:dd:16:46:b1:60:71:10:4d:
d8:89:1e:6d:d6:51:71:2d:39:b6:8a:cf:c0:eb:be:
97:e3:28:85:74:f2:ee:37:c9:46:50:78:ee:a3:ae:
89:3b:af:e5:13:3d:c3:50:be:09:6c:ed:66:53:42:
72:b7:fa:6a:76:73:97:c0:49:fa:ef:dd:97:09:95:
23:ef:7b:15:3d:3e:27:0c:96:fd:7b:f0:44:e0:d4:
23:53:d8:71:5e:9c:ce:7d:ba:ce:d2:c7:b3:e4:22:
d8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F1:B5:FE:68:87:29:6E:31:AA:87:94:F5:3D:EF:54:E7:18:06:D4
X509v3 Authority Key Identifier:
keyid:BE:49:43:F5:20:3D:43:46:0A:13:AD:4E:A9:D7:D5:B9:50:C6:13:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/MfG1_miHKW4xqoeU9T3vVOcYBtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/vklD9SA9Q0YKE61OqdfVuVDGE80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.176.0/22
194.247.164.0/23
IPv6:
2a07:4140::/29
Signature Algorithm: sha256WithRSAEncryption
38:4a:42:32:f6:09:01:b9:3a:7b:0a:ec:05:1b:4f:6d:87:f7:
6f:2a:86:7c:87:15:48:8c:68:93:50:26:b8:cc:a5:d0:bf:23:
77:12:80:95:72:87:8c:a1:4d:e2:7f:ee:14:6f:37:f6:f2:dd:
21:4d:09:0a:8e:1b:8e:f6:0d:25:69:83:3c:e9:07:7d:12:82:
dc:46:f4:13:67:3a:39:86:06:0a:c8:6f:62:bc:fc:e1:16:bf:
62:8d:b8:03:c4:a7:ae:e8:9c:95:97:99:3d:88:ef:17:1e:f9:
3f:ee:5a:24:a7:a3:34:4b:da:c2:92:f4:e4:54:9a:ab:88:e7:
1d:74:75:c2:2a:8a:ab:a4:04:b1:06:b6:f3:81:7b:52:4a:5e:
b9:15:47:22:da:bc:0c:7c:91:e9:9d:63:37:f4:32:1b:f2:46:
3b:20:b5:d5:3d:21:f2:2d:57:36:33:e0:16:5a:61:fc:0b:c4:
e1:a4:b3:82:49:87:b2:62:c2:03:2a:4f:ed:76:8d:1c:06:7a:
1d:f1:7d:0a:47:cc:5a:27:28:7d:6e:c6:c6:89:3f:2a:c8:27:
26:84:87:04:b9:b5:61:74:6c:0d:27:c2:77:9a:54:08:ee:28:
1f:c6:9a:bb:2a:e4:33:79:64:2d:78:79:fc:d8:b7:55:e0:34:
55:6a:80:c6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBQcaJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQ5NDNmNTIwM2Q0MzQ2MGExM2FkNGVhOWQ3ZDViOTUwYzYxM2NkMB4XDTIyMDEw
MTA2NTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFmMWI1ZmU2ODg3
Mjk2ZTMxYWE4Nzk0ZjUzZGVmNTRlNzE4MDZkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4YsTlepC/j/S/Ax87+0BOys/+/c0JZ5AybgB/40s3g3jRc
1ozAH4jgefdgAEAVXf/cR+bPgwh05NqwU85QmviIHf6Tvf13DARHChCsgM14Detb
1ffmVybL2CEI/FtASmyfEvUEbsRwYcqDAfZu3lCJlSctPUNVdrI4pUhizjrjk0Cr
bsoBMyMc68dOgBpjdq+NE9oBp5IrCX7Tjt0WRrFgcRBN2IkebdZRcS05torPwOu+
l+MohXTy7jfJRlB47qOuiTuv5RM9w1C+CWztZlNCcrf6anZzl8BJ+u/dlwmVI+97
FT0+JwyW/XvwRODUI1PYcV6czn26ztLHs+Qi2E0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQx8bX+aIcpbjGqh5T1Pe9U5xgG1DAfBgNVHSMEGDAWgBS+SUP1ID1DRgoT
rU6p19W5UMYTzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrbEQ5U0E5UTBZS0U2MU9xZGZWdVZER0U4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvMzMxNGVjLThmZjAtNDk1MC04NThmLWEwNTFhZTYzZGJhMS8x
L01mRzFfbWlIS1c0eHFvZVU5VDN2Vk9jWUJ0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
MzMxNGVjLThmZjAtNDk1MC04NThmLWEwNTFhZTYzZGJhMS8xL3ZrbEQ5U0E5UTBZ
S0U2MU9xZGZWdVZER0U4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlgsAMEAcL3pDANBAIAAjAHAwUD
KgdBQDANBgkqhkiG9w0BAQsFAAOCAQEAOEpCMvYJAbk6ewrsBRtPbYf3byqGfIcV
SIxok1AmuMyl0L8jdxKAlXKHjKFN4n/uFG839vLdIU0JCo4bjvYNJWmDPOkHfRKC
3Eb0E2c6OYYGCshvYrz84Ra/Yo24A8SnruiclZeZPYjvFx75P+5aJKejNEvawpL0
5FSaq4jnHXR1wiqKq6QEsQa284F7UkpeuRVHItq8DHyR6Z1jN/QyG/JGOyC11T0h
8i1XNjPgFlph/AvE4aSzgkmHsmLCAypP7XaNHAZ6HfF9CkfMWicofW7Gxok/Ksgn
JoSHBLm1YXRsDSfCd5pUCO4oH8aauyrkM3lkLXh5/Ni3VeA0VWqAxg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:47 2023 by rpki-client on console-fra.rpki-client.org