Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/mLqQTz-rQtz2qBtIFkOJeI2mLbg.roa
File: mLqQTz-rQtz2qBtIFkOJeI2mLbg.roa (raw, json)
Hash identifier: b+b16iuXs5WlEnHjAxLsxeb+6LwIt6FnZUg4+kmG/K0=
Subject key identifier: 98:BA:90:4F:3F:AB:42:DC:F6:A8:1B:48:16:43:89:78:8D:A6:2D:B8
Certificate issuer: /CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Certificate serial: 09034E
Authority key identifier: 9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/mLqQTz-rQtz2qBtIFkOJeI2mLbg.roa
Signing time: Sat 01 Jan 2022 01:59:44 +0000
ROA not before: Sat 01 Jan 2022 01:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43940
IP address blocks: 62.4.32.0/19 maxlen: 19
109.72.96.0/20 maxlen: 20
213.133.0.0/19 maxlen: 19
185.64.0.0/22 maxlen: 22
185.179.92.0/22 maxlen: 22
2a03:7a0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 590670 (0x9034e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Validity
Not Before: Jan 1 01:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98ba904f3fab42dcf6a81b48164389788da62db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:50:a4:e2:89:a3:1f:86:f2:ae:5a:95:d0:
f9:18:30:3e:22:fb:71:7a:15:18:e1:56:bd:f8:d0:
01:aa:1a:57:6f:e6:eb:d2:8a:e5:3c:d4:94:4a:24:
79:bc:0d:52:e4:16:74:44:b4:2c:ab:d3:70:78:26:
e3:9a:2f:5b:32:d5:94:4c:9c:df:a2:e2:97:5b:06:
13:37:b9:d9:89:23:9d:53:1e:de:1e:5e:1a:57:7e:
12:41:a7:09:cc:5f:2c:45:a2:bc:f9:7e:24:9f:67:
31:b5:73:b2:af:41:b7:81:58:a0:35:70:9c:2d:90:
b8:6a:9a:71:1c:25:01:fe:d1:f7:05:ac:40:70:58:
f5:0d:cd:13:4d:10:e8:62:45:5a:8e:51:6c:45:cb:
c6:46:d6:fd:90:43:3e:c4:4d:bb:3e:9a:3a:f4:a8:
14:08:b7:8d:eb:dd:e3:21:19:73:d6:ee:9d:1e:58:
63:99:34:6a:c9:c4:62:a3:b4:12:91:c9:99:56:3e:
e8:84:45:89:9a:c9:8e:cc:6d:00:ce:6d:e3:a0:77:
58:75:f2:5a:43:c2:b6:12:8f:a3:49:af:45:cb:ed:
05:bf:8a:c4:8a:96:24:de:44:2b:f4:56:3a:29:3a:
b4:b9:f6:3f:76:5a:4f:2f:40:3a:d1:da:45:3a:20:
ba:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BA:90:4F:3F:AB:42:DC:F6:A8:1B:48:16:43:89:78:8D:A6:2D:B8
X509v3 Authority Key Identifier:
keyid:9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/mLqQTz-rQtz2qBtIFkOJeI2mLbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/m7xCOcnLmB8ZpJXmM9O-yIn8vok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.32.0/19
109.72.96.0/20
185.64.0.0/22
185.179.92.0/22
213.133.0.0/19
IPv6:
2a03:7a0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:5f:94:f1:0d:9d:0a:2c:8a:a1:17:9c:ad:7b:79:91:d9:ad:
76:4c:56:eb:75:15:b4:59:d6:cf:f6:1e:72:e6:c0:22:64:ce:
e2:6e:97:77:d5:80:c9:34:5d:88:16:dc:ac:33:a0:ee:b2:dc:
ce:95:6e:f1:08:7a:db:6b:d4:46:99:86:ec:5e:c5:35:27:59:
04:d6:9c:7d:36:9e:45:9d:91:30:b1:de:25:09:49:58:ac:07:
1f:38:2e:0f:8f:23:0e:74:ac:c2:b6:9b:71:0b:0b:34:ac:51:
52:f5:d7:05:ee:86:7d:c3:9e:6e:ec:af:52:f9:70:9e:1e:82:
7e:51:eb:65:aa:67:cd:1b:b5:83:90:a9:bf:c0:e8:5c:79:72:
78:aa:0c:60:15:cd:e8:93:0a:63:18:8a:ff:c3:41:1d:e0:23:
56:fc:67:40:d7:b9:16:65:f8:37:4e:69:cc:3a:5c:37:f6:2d:
85:82:dc:b2:78:fb:9f:95:70:24:11:d0:2f:48:db:da:b3:67:
8a:26:34:25:c7:35:f1:5c:6d:fa:80:9d:02:3f:41:13:60:46:
21:15:88:b8:be:53:7b:eb:64:f0:22:fa:9d:00:66:ea:e8:77:
ae:c8:d8:a5:98:f8:36:1d:78:14:35:ee:db:f4:2e:55:38:1d:
ea:76:5b:e1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIDCQNOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDli
YmM0MjM5YzljYjk4MWYxOWE0OTVlNjMzZDNiZWM4ODlmY2JlODkwHhcNMjIwMTAx
MDE1OTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5OGJhOTA0ZjNmYWI0
MmRjZjZhODFiNDgxNjQzODk3ODhkYTYyZGI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAok1QpOKJox+G8q5aldD5GDA+IvtxehUY4Va9+NABqhpXb+br
0orlPNSUSiR5vA1S5BZ0RLQsq9NweCbjmi9bMtWUTJzfouKXWwYTN7nZiSOdUx7e
Hl4aV34SQacJzF8sRaK8+X4kn2cxtXOyr0G3gVigNXCcLZC4appxHCUB/tH3BaxA
cFj1Dc0TTRDoYkVajlFsRcvGRtb9kEM+xE27Ppo69KgUCLeN693jIRlz1u6dHlhj
mTRqycRio7QSkcmZVj7ohEWJmsmOzG0Azm3joHdYdfJaQ8K2Eo+jSa9Fy+0Fv4rE
ipYk3kQr9FY6KTq0ufY/dlpPL0A60dpFOiC6MQIDAQABo4ICMDCCAiwwHQYDVR0O
BBYEFJi6kE8/q0Lc9qgbSBZDiXiNpi24MB8GA1UdIwQYMBaAFJu8QjnJy5gfGaSV
5jPTvsiJ/L6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmItMDFhYTA1NmIxZjZmLzEv
bUxxUVR6LXJRdHoycUJ0SUZrT0plSTJtTGJnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9j
ODRhNGQtOWU1Ny00NzU2LWJkYmItMDFhYTA1NmIxZjZmLzEvbTd4Q09jbkxtQjha
cEpYbU05Ty15SW44dm9rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYG
CCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPgQgAwQEbUhgAwQCuUAAAwQCubNc
AwQF1YUAMA0EAgACMAcDBQMqAwegMA0GCSqGSIb3DQEBCwUAA4IBAQBdX5TxDZ0K
LIqhF5yte3mR2a12TFbrdRW0WdbP9h5y5sAiZM7ibpd31YDJNF2IFtysM6DustzO
lW7xCHrba9RGmYbsXsU1J1kE1px9Np5FnZEwsd4lCUlYrAcfOC4PjyMOdKzCtptx
Cws0rFFS9dcF7oZ9w55u7K9S+XCeHoJ+UetlqmfNG7WDkKm/wOhceXJ4qgxgFc3o
kwpjGIr/w0Ed4CNW/GdA17kWZfg3TmnMOlw39i2FgtyyePuflXAkEdAvSNvas2eK
JjQlxzXxXG36gJ0CP0ETYEYhFYi4vlN762TwIvqdAGbq6HeuyNilmPg2HXgUNe7b
9C5VOB3qdlvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org