Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/MVOjXdnJ0b7BRl0fKKv4gMZqKew.roa
File: MVOjXdnJ0b7BRl0fKKv4gMZqKew.roa (raw, json)
Hash identifier: /rjbyvHT0Yu16e7JQn6486swiW4kD++NftGrp2Nwhl4=
Subject key identifier: 31:53:A3:5D:D9:C9:D1:BE:C1:46:5D:1F:28:AB:F8:80:C6:6A:29:EC
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 08D73D22
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/MVOjXdnJ0b7BRl0fKKv4gMZqKew.roa
Signing time: Sat 01 Jan 2022 07:01:23 +0000
ROA not before: Sat 01 Jan 2022 07:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 185.233.16.0/24 maxlen: 24
185.233.16.0/22 maxlen: 22
185.233.17.0/24 maxlen: 24
185.233.18.0/24 maxlen: 24
185.233.19.0/24 maxlen: 24
45.135.236.0/24 maxlen: 24
45.135.236.0/22 maxlen: 22
45.135.238.0/24 maxlen: 24
45.135.237.0/24 maxlen: 24
45.135.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148323618 (0x8d73d22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 1 07:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3153a35dd9c9d1bec1465d1f28abf880c66a29ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d5:3c:e9:f2:12:fe:d2:9f:f7:0b:34:cf:7a:
9c:3c:ed:bd:d3:6b:8b:f0:f3:8d:54:c4:11:8d:e0:
f5:cf:40:17:fd:1b:19:f5:d0:2b:d2:e3:fe:14:03:
22:78:86:06:d8:c0:1a:de:4a:3f:53:08:b8:8b:c5:
e7:a4:23:6a:cd:93:92:2e:97:76:c8:64:ab:1a:7c:
9e:c3:2b:ab:86:26:3e:5e:27:f1:f1:83:e2:34:21:
8b:8f:7b:22:e5:c8:66:48:e0:93:83:59:fb:a6:00:
7f:da:a1:d7:8c:06:ee:26:40:b0:3e:de:d2:98:30:
59:36:a7:d0:f1:3a:f6:af:a9:b4:a5:66:2e:ac:40:
b9:29:95:d8:89:e4:79:7c:a4:6a:cd:23:2d:3e:ac:
37:8d:7f:d0:8d:62:aa:31:61:99:47:1b:d2:5b:1d:
6f:96:21:70:d9:ce:80:4f:f7:71:04:e5:6a:e1:ba:
88:eb:18:ae:3c:2e:a5:d3:b7:02:99:82:ff:41:d7:
38:fd:59:49:61:a6:97:d9:79:78:74:76:b4:4d:41:
cd:eb:ee:bb:af:1e:28:d4:d9:e4:0d:9c:4b:46:31:
ac:bf:bc:10:92:fc:98:02:20:0c:d8:50:cb:27:53:
66:84:dd:5d:9f:85:50:93:7b:3f:64:cb:03:02:bc:
a1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:53:A3:5D:D9:C9:D1:BE:C1:46:5D:1F:28:AB:F8:80:C6:6A:29:EC
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/MVOjXdnJ0b7BRl0fKKv4gMZqKew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.236.0/22
185.233.16.0/22
Signature Algorithm: sha256WithRSAEncryption
85:e8:12:b1:79:5d:2c:ba:62:0b:df:a0:94:8e:8a:ef:d2:6a:
e1:31:86:40:8f:b4:8b:66:2c:47:76:e3:37:23:ee:9a:04:7f:
04:f9:a5:d1:2f:d2:94:5e:c9:6e:bf:f5:e1:09:02:68:b3:d8:
05:5a:c6:91:5a:f2:cb:a4:6f:1f:c2:6f:bd:13:da:5e:f9:f7:
d9:33:59:b5:f7:7c:90:c1:e3:bf:6a:fe:85:d8:24:95:7a:82:
3a:64:66:8b:43:32:4c:55:7b:cb:12:83:71:70:4d:dc:cf:6d:
47:19:fd:47:b5:eb:33:cd:94:e8:80:39:eb:23:71:7c:5f:65:
7b:d7:48:be:7e:57:bd:2e:16:3c:a5:06:8d:cc:b5:f9:55:10:
35:f4:44:3c:1b:bd:d8:38:33:d3:5c:51:3a:7e:19:04:d4:d1:
8f:22:fb:34:01:63:d8:e1:8c:55:36:9d:91:43:bd:08:f9:66:
e2:3f:ce:97:71:0e:0a:77:40:fb:70:5f:15:03:16:3c:ad:88:
45:a9:93:f9:ab:c9:1e:64:40:ca:93:93:47:a7:61:3b:85:2d:
21:35:c9:8e:24:7b:af:f2:be:90:99:dc:bb:25:55:a4:19:63:
ac:2b:6b:b1:b9:b2:16:ea:b5:9c:20:91:18:ea:b2:2c:60:09:
13:91:e9:2a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECNc9IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2QwM2YyOTgxODBjYzEwOWYxOWQ0YjE5OTJjN2Q3MWM1NmM4ZGNjMB4XDTIyMDEw
MTA3MDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE1M2EzNWRkOWM5
ZDFiZWMxNDY1ZDFmMjhhYmY4ODBjNjZhMjllYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTVPOnyEv7Sn/cLNM96nDztvdNri/DzjVTEEY3g9c9AF/0b
GfXQK9Lj/hQDIniGBtjAGt5KP1MIuIvF56Qjas2Tki6Xdshkqxp8nsMrq4YmPl4n
8fGD4jQhi497IuXIZkjgk4NZ+6YAf9qh14wG7iZAsD7e0pgwWTan0PE69q+ptKVm
LqxAuSmV2InkeXykas0jLT6sN41/0I1iqjFhmUcb0lsdb5YhcNnOgE/3cQTlauG6
iOsYrjwupdO3ApmC/0HXOP1ZSWGml9l5eHR2tE1Bzevuu68eKNTZ5A2cS0YxrL+8
EJL8mAIgDNhQyydTZoTdXZ+FUJN7P2TLAwK8obMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQxU6Nd2cnRvsFGXR8oq/iAxmop7DAfBgNVHSMEGDAWgBQX0D8pgYDMEJ8Z
1LGZLH1xxWyNzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y5QV9LWUdBekJDZkdkU3htU3g5Y2NWc2pjdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8x
L01WT2pYZG5KMGI3QlJsMGZLS3Y0Z01acUtldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8xL0Y5QV9LWUdBekJD
ZkdkU3htU3g5Y2NWc2pjdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2H7AMEArnpEDANBgkqhkiG9w0B
AQsFAAOCAQEAhegSsXldLLpiC9+glI6K79Jq4TGGQI+0i2YsR3bjNyPumgR/BPml
0S/SlF7Jbr/14QkCaLPYBVrGkVryy6RvH8JvvRPaXvn32TNZtfd8kMHjv2r+hdgk
lXqCOmRmi0MyTFV7yxKDcXBN3M9tRxn9R7XrM82U6IA56yNxfF9le9dIvn5XvS4W
PKUGjcy1+VUQNfREPBu92Dgz01xROn4ZBNTRjyL7NAFj2OGMVTadkUO9CPlm4j/O
l3EOCndA+3BfFQMWPK2IRamT+avJHmRAypOTR6dhO4UtITXJjiR7r/K+kJncuyVV
pBljrCtrsbmyFuq1nCCRGOqyLGAJE5HpKg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:13 2025 by rpki-client