Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c4abfe-a8e6-4a14-8b5c-d0e0f213936c/1/Mg1oteqvK3DoBjjxu2fbpa0-6co.roa
File: Mg1oteqvK3DoBjjxu2fbpa0-6co.roa (raw, json)
Hash identifier: SF9Uv3sCHNppHB+yn1VvAXZF40J6PCquyzy+S1/xGGw=
Subject key identifier: 32:0D:68:B5:EA:AF:2B:70:E8:06:38:F1:BB:67:DB:A5:AD:3E:E9:CA
Certificate issuer: /CN=6311a69c8172044854931f100a59bd089cb8881a
Certificate serial: 093339BA
Authority key identifier: 63:11:A6:9C:81:72:04:48:54:93:1F:10:0A:59:BD:08:9C:B8:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxGmnIFyBEhUkx8QClm9CJy4iBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c4abfe-a8e6-4a14-8b5c-d0e0f213936c/1/Mg1oteqvK3DoBjjxu2fbpa0-6co.roa
Signing time: Sat 01 Jan 2022 12:05:53 +0000
ROA not before: Sat 01 Jan 2022 12:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137
IP address blocks: 141.108.0.0/16 maxlen: 16
192.84.127.0/24 maxlen: 24
192.84.128.0/20 maxlen: 20
192.135.8.0/21 maxlen: 21
192.135.16.0/20 maxlen: 20
192.84.144.0/21 maxlen: 21
192.84.152.0/22 maxlen: 22
192.135.32.0/23 maxlen: 23
192.135.36.0/24 maxlen: 24
192.135.37.0/24 maxlen: 24
192.135.34.0/24 maxlen: 24
192.84.156.0/24 maxlen: 24
192.135.35.0/24 maxlen: 24
131.154.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154352058 (0x93339ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6311a69c8172044854931f100a59bd089cb8881a
Validity
Not Before: Jan 1 12:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=320d68b5eaaf2b70e80638f1bb67dba5ad3ee9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:07:ff:4f:ce:75:23:af:56:c6:65:23:12:34:
23:da:74:d0:58:f7:85:30:40:2e:4e:01:51:10:bd:
d1:2f:04:21:63:57:88:31:a4:af:ad:eb:2d:2a:c9:
a6:96:56:9d:72:6f:38:56:33:28:54:f1:a9:41:ba:
7f:da:ee:64:bf:a7:b7:f0:4f:c5:6a:cd:42:ae:db:
51:a7:68:74:38:8c:19:cd:95:e0:59:d6:b4:5c:99:
b2:a2:00:84:24:ce:91:f5:fc:68:ae:6f:71:a4:94:
7d:f8:da:a4:7e:e6:09:2e:93:39:74:76:db:86:6b:
61:fc:09:bc:51:ad:2c:6f:12:3b:01:3d:d0:d5:d3:
7b:40:e7:59:04:fe:9a:69:27:04:14:e2:10:5f:1b:
c8:e6:96:66:c3:26:c8:82:9c:ab:64:e5:69:f2:dc:
75:64:b4:fc:71:f9:90:d9:45:7a:0b:5f:0d:92:28:
2d:56:7e:26:62:8e:1c:71:15:7d:f9:1e:39:f4:82:
89:56:0d:db:68:d8:5c:9e:b4:94:b7:ea:0c:f6:35:
77:8f:9e:5e:2c:07:02:e4:c0:07:af:58:48:67:26:
ca:71:8e:e4:10:e4:ef:e2:32:b7:5b:50:c1:90:66:
02:8f:97:b9:4c:18:09:81:b1:bf:94:1a:3a:2c:d2:
49:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0D:68:B5:EA:AF:2B:70:E8:06:38:F1:BB:67:DB:A5:AD:3E:E9:CA
X509v3 Authority Key Identifier:
keyid:63:11:A6:9C:81:72:04:48:54:93:1F:10:0A:59:BD:08:9C:B8:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxGmnIFyBEhUkx8QClm9CJy4iBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c4abfe-a8e6-4a14-8b5c-d0e0f213936c/1/Mg1oteqvK3DoBjjxu2fbpa0-6co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c4abfe-a8e6-4a14-8b5c-d0e0f213936c/1/YxGmnIFyBEhUkx8QClm9CJy4iBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.154.0.0/16
141.108.0.0/16
192.84.127.0-192.84.156.255
192.135.8.0-192.135.37.255
Signature Algorithm: sha256WithRSAEncryption
00:ca:04:e6:26:0d:f0:6e:20:2b:a8:2b:b4:d6:1a:fe:f7:e9:
8c:6b:6d:68:5d:b8:27:ce:aa:09:ba:db:1b:2c:2f:6b:e6:d5:
68:62:6a:a6:f3:25:2c:9b:37:ae:bc:3b:f5:f4:81:35:e8:a6:
5a:36:ea:71:6f:bc:e6:c5:d8:dd:63:a6:8f:21:38:15:47:f4:
7f:89:8e:cf:4d:31:ae:bc:b9:0c:5c:f9:e2:d7:c4:bc:f5:62:
e1:97:f6:c7:b6:32:5b:b2:ef:55:9d:7e:08:22:93:e0:39:d2:
0f:55:49:ed:e3:2a:7e:d1:40:0a:d2:79:66:7f:c3:1f:d3:54:
90:d3:25:78:53:2c:40:16:29:18:35:e9:40:a4:d1:86:11:67:
5d:fb:d8:d1:71:f4:fb:6d:bb:cc:4f:7f:9c:1e:b2:8a:81:8d:
74:a0:b3:49:aa:e6:e3:bb:8c:fb:26:0c:7e:50:fb:64:49:3c:
8c:66:e7:8e:49:09:10:fc:c6:4e:3d:2f:86:e9:88:7d:d9:d6:
56:c6:bb:4f:aa:d8:cd:3e:b4:91:bd:c7:0a:22:96:aa:35:59:
dc:20:01:18:9d:0d:20:21:16:4f:28:76:d9:54:25:4b:89:d4:
2c:0f:5c:8d:90:ce:1f:87:3d:32:a1:8e:1c:8e:6d:d6:a8:c5:
f8:ba:be:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECTM5ujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzExYTY5YzgxNzIwNDQ4NTQ5MzFmMTAwYTU5YmQwODljYjg4ODFhMB4XDTIyMDEw
MTEyMDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIwZDY4YjVlYWFm
MmI3MGU4MDYzOGYxYmI2N2RiYTVhZDNlZTljYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8H/0/OdSOvVsZlIxI0I9p00Fj3hTBALk4BURC90S8EIWNX
iDGkr63rLSrJppZWnXJvOFYzKFTxqUG6f9ruZL+nt/BPxWrNQq7bUadodDiMGc2V
4FnWtFyZsqIAhCTOkfX8aK5vcaSUffjapH7mCS6TOXR224ZrYfwJvFGtLG8SOwE9
0NXTe0DnWQT+mmknBBTiEF8byOaWZsMmyIKcq2TlafLcdWS0/HH5kNlFegtfDZIo
LVZ+JmKOHHEVffkeOfSCiVYN22jYXJ60lLfqDPY1d4+eXiwHAuTAB69YSGcmynGO
5BDk7+Iyt1tQwZBmAo+XuUwYCYGxv5QaOizSSTECAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQyDWi16q8rcOgGOPG7Z9ulrT7pyjAfBgNVHSMEGDAWgBRjEaacgXIESFST
HxAKWb0InLiIGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l4R21uSUZ5QkVoVWt4OFFDbG05Q0p5NGlCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvYzRhYmZlLWE4ZTYtNGExNC04YjVjLWQwZTBmMjEzOTM2Yy8x
L01nMW90ZXF2SzNEb0Jqanh1MmZicGEwLTZjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
YzRhYmZlLWE4ZTYtNGExNC04YjVjLWQwZTBmMjEzOTM2Yy8xL1l4R21uSUZ5QkVo
VWt4OFFDbG05Q0p5NGlCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMDAIOaAwMAjWwwDAMEAMBUfwMEAMBU
nDAMAwQDwIcIAwQBwIckMA0GCSqGSIb3DQEBCwUAA4IBAQAAygTmJg3wbiArqCu0
1hr+9+mMa21oXbgnzqoJutsbLC9r5tVoYmqm8yUsmzeuvDv19IE16KZaNupxb7zm
xdjdY6aPITgVR/R/iY7PTTGuvLkMXPni18S89WLhl/bHtjJbsu9VnX4IIpPgOdIP
VUnt4yp+0UAK0nlmf8Mf01SQ0yV4UyxAFikYNelApNGGEWdd+9jRcfT7bbvMT3+c
HrKKgY10oLNJqubju4z7Jgx+UPtkSTyMZueOSQkQ/MZOPS+G6Yh92dZWxrtPqtjN
PrSRvccKIpaqNVncIAEYnQ0gIRZPKHbZVCVLidQsD1yNkM4fhz0yoY4cjm3WqMX4
ur6p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:58 2024 by rpki-client on console-ams.rpki-client.org