Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/MBbR68yWYBNwHpOre77fDnM7Sgs.roa
File: MBbR68yWYBNwHpOre77fDnM7Sgs.roa (raw, json)
Hash identifier: RQfwLADzLWHLWf/YJBEa5u/VmrQdrmDHtFdpSbzV+Kk=
Subject key identifier: 30:16:D1:EB:CC:96:60:13:70:1E:93:AB:7B:BE:DF:0E:73:3B:4A:0B
Certificate issuer: /CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Certificate serial: 0809969E
Authority key identifier: A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/MBbR68yWYBNwHpOre77fDnM7Sgs.roa
Signing time: Sat 01 Jan 2022 15:00:28 +0000
ROA not before: Sat 01 Jan 2022 15:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48091
IP address blocks: 185.140.236.0/23 maxlen: 24
195.93.216.0/23 maxlen: 24
2001:67c:256c::/48 maxlen: 48
2a05:37c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134846110 (0x809969e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Validity
Not Before: Jan 1 15:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3016d1ebcc966013701e93ab7bbedf0e733b4a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:26:be:21:7f:7b:fd:38:f7:a1:0a:c0:89:
bc:c4:e2:20:b3:84:95:a7:f7:bf:10:48:d9:eb:3a:
71:99:3c:af:3c:74:e5:83:fc:4a:90:6f:b8:92:42:
4e:b2:28:68:8c:98:9e:4b:39:40:5c:01:08:a1:df:
5f:92:a7:dd:f4:29:d3:34:90:2b:65:91:04:f2:91:
e9:d6:87:6a:66:e6:60:89:13:fe:bc:5c:d9:8c:0e:
19:3b:84:b9:18:11:f1:74:50:01:1d:83:b4:99:ce:
c7:8b:fb:62:54:90:04:1b:e0:d0:82:30:46:90:77:
26:4b:53:e0:51:ab:b0:14:cd:fa:af:40:e2:fd:19:
0a:4c:72:00:80:3c:b0:2d:02:95:da:b8:1e:d1:89:
67:f0:cd:61:1c:e9:5a:8e:de:ae:bf:f0:71:c5:ec:
98:d2:d3:5e:ef:f8:89:28:ff:2c:29:ac:dc:cf:92:
d1:30:f8:d2:00:47:44:e7:42:5b:9b:a8:f3:44:a7:
37:bf:f7:fa:7d:47:44:5a:98:14:9a:ea:7a:0b:15:
2a:f5:b9:a0:78:50:a2:a8:f1:8b:8f:0f:04:a8:58:
ed:79:0a:6c:49:e3:4b:7a:d5:df:5f:46:38:7c:84:
ca:94:9e:3d:48:da:1f:50:57:50:dc:fe:79:04:a5:
97:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:16:D1:EB:CC:96:60:13:70:1E:93:AB:7B:BE:DF:0E:73:3B:4A:0B
X509v3 Authority Key Identifier:
keyid:A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/MBbR68yWYBNwHpOre77fDnM7Sgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.236.0/23
195.93.216.0/23
IPv6:
2001:67c:256c::/48
2a05:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:ac:88:cf:20:dd:3e:97:0c:16:b3:32:eb:35:38:8e:f8:47:
ce:f1:ac:9b:68:34:5a:b7:ee:bf:fd:50:2e:30:5e:16:cf:ee:
c1:af:6b:7a:fb:9d:60:be:ce:5e:bf:09:51:92:bb:76:b0:7e:
8e:91:1c:c2:52:4d:0a:a4:18:9c:9c:81:12:af:ea:89:eb:21:
9f:e7:72:3c:ea:5f:10:d4:ef:20:53:0b:5b:b6:0e:01:74:ae:
2f:90:45:75:2f:b4:f6:c0:2d:c1:4c:37:50:c4:59:72:22:3c:
da:f7:d9:bc:5e:58:d3:c7:23:47:94:b8:e3:87:74:10:a2:35:
ae:7b:29:6f:c0:50:30:97:7c:f6:cc:17:e8:80:73:5d:be:3f:
06:2c:64:72:18:50:d5:c3:5c:7f:d4:95:02:4e:cd:5b:44:93:
57:68:72:c9:bc:2b:4c:6d:07:12:20:24:4f:cc:49:b9:ef:65:
f1:03:8c:ec:5e:5d:70:f6:c9:be:67:1c:f5:05:95:33:e2:55:
a4:21:ca:cd:13:49:96:d3:58:4b:ec:81:13:92:20:8e:4f:d4:
7c:f4:ae:86:f4:47:f4:23:e0:c1:cf:6b:4c:24:7c:36:84:ed:
41:d5:a9:48:ee:be:ca:f4:ec:37:76:1e:f0:48:bd:b6:e0:e1:
e3:08:85:73
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECAmWnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OThjZmI5YjVmNDQ1ZmQyZjZjY2ZhMTc5YzM3YzUzNDQ5YjJhZjA2MB4XDTIyMDEw
MTE1MDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAxNmQxZWJjYzk2
NjAxMzcwMWU5M2FiN2JiZWRmMGU3MzNiNGEwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZPJr4hf3v9OPehCsCJvMTiILOElaf3vxBI2es6cZk8rzx0
5YP8SpBvuJJCTrIoaIyYnks5QFwBCKHfX5Kn3fQp0zSQK2WRBPKR6daHambmYIkT
/rxc2YwOGTuEuRgR8XRQAR2DtJnOx4v7YlSQBBvg0IIwRpB3JktT4FGrsBTN+q9A
4v0ZCkxyAIA8sC0Cldq4HtGJZ/DNYRzpWo7err/wccXsmNLTXu/4iSj/LCms3M+S
0TD40gBHROdCW5uo80SnN7/3+n1HRFqYFJrqegsVKvW5oHhQoqjxi48PBKhY7XkK
bEnjS3rV319GOHyEypSePUjaH1BXUNz+eQSllykCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQwFtHrzJZgE3Aek6t7vt8OcztKCzAfBgNVHSMEGDAWgBSpjPubX0Rf0vbM
+hecN8U0SbKvBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FZejdtMTlFWDlMMnpQb1huRGZGTkVteXJ3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvZGY4NTUxLTNmOWYtNDRiMi1iN2U0LTg4NjU5M2Y3ZGNlMC8x
L01CYlI2OHlXWUJOd0hwT3JlNzdmRG5NN1Nncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
ZGY4NTUxLTNmOWYtNDRiMi1iN2U0LTg4NjU5M2Y3ZGNlMC8xL3FZejdtMTlFWDlM
MnpQb1huRGZGTkVteXJ3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAbmM7AMEAcNd2DAWBAIAAjAQAwcA
IAEGfCVsAwUDKgU3wDANBgkqhkiG9w0BAQsFAAOCAQEAd6yIzyDdPpcMFrMy6zU4
jvhHzvGsm2g0Wrfuv/1QLjBeFs/uwa9revudYL7OXr8JUZK7drB+jpEcwlJNCqQY
nJyBEq/qieshn+dyPOpfENTvIFMLW7YOAXSuL5BFdS+09sAtwUw3UMRZciI82vfZ
vF5Y08cjR5S444d0EKI1rnspb8BQMJd89swX6IBzXb4/BixkchhQ1cNcf9SVAk7N
W0STV2hyybwrTG0HEiAkT8xJue9l8QOM7F5dcPbJvmcc9QWVM+JVpCHKzRNJltNY
S+yBE5Igjk/UfPSuhvRH9CPgwc9rTCR8NoTtQdWpSO6+yvTsN3Ye8Ei9tuDh4wiF
cw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:51 2023 by rpki-client on console-fra.rpki-client.org