Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/0mahR_EZvREWNLu2dZj4o5Tcs0I.roa
File: 0mahR_EZvREWNLu2dZj4o5Tcs0I.roa (raw, json)
Hash identifier: agmYt8m+jFplGMUOIhw2Y6NYK85+hS3J9rV5BtwCS3I=
Subject key identifier: D2:66:A1:47:F1:19:BD:11:16:34:BB:B6:75:98:F8:A3:94:DC:B3:42
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 03772CEE
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/0mahR_EZvREWNLu2dZj4o5Tcs0I.roa
Signing time: Mon 24 Jan 2022 10:32:04 +0000
ROA not before: Mon 24 Jan 2022 10:32:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 188.132.154.0/24 maxlen: 32
188.132.155.0/24 maxlen: 32
188.132.249.0/24 maxlen: 32
188.132.170.0/24 maxlen: 32
188.132.171.0/24 maxlen: 32
188.132.189.0/24 maxlen: 32
188.132.191.0/24 maxlen: 32
188.132.192.0/24 maxlen: 32
188.132.199.0/24 maxlen: 32
188.132.196.0/24 maxlen: 32
188.132.197.0/24 maxlen: 32
188.132.198.0/24 maxlen: 32
188.132.193.0/24 maxlen: 32
188.132.203.0/24 maxlen: 32
188.132.201.0/24 maxlen: 32
188.132.202.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58141934 (0x3772cee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 24 10:32:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d266a147f119bd111634bbb67598f8a394dcb342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fa:3b:09:16:19:4a:a0:fd:46:f4:fa:7d:5f:
47:48:ff:14:92:23:19:e3:8e:55:ec:31:17:6e:31:
ce:c9:c0:a6:6c:f0:0e:aa:31:1e:7a:cd:78:55:0b:
0e:0b:3d:1d:6e:e8:a9:40:20:91:43:6b:8f:26:e0:
66:67:b9:0c:80:46:92:f0:f4:c2:51:ee:fd:dc:e0:
a8:1b:35:6b:88:c1:f7:e1:1a:ce:43:39:db:62:3c:
e9:c0:de:80:3a:cb:b5:98:25:e0:03:2b:d5:12:db:
5d:53:f1:41:03:12:df:7d:02:d3:77:9f:01:3a:b7:
82:d9:f8:15:e3:d2:e8:27:8f:02:53:04:b5:5d:cf:
80:bb:ed:d7:b2:53:23:25:97:a7:4e:76:04:15:82:
84:90:5d:f0:be:ed:0f:1a:7d:fe:61:73:82:10:ec:
6b:9d:4c:fa:03:0b:f9:c2:e2:76:e5:0b:02:35:62:
fb:47:f2:5e:dd:b8:90:7d:8c:b5:7e:8b:f0:dd:06:
1f:48:5f:b4:b2:2d:96:05:02:b9:e6:00:1b:27:20:
38:cd:84:df:b5:b5:b1:24:45:40:1e:48:a4:45:e9:
e2:0b:9d:00:63:42:13:49:d6:c5:dc:a6:c6:7e:8a:
c1:64:d8:0c:db:4d:c4:e0:51:5e:04:0c:7c:41:c6:
a5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:66:A1:47:F1:19:BD:11:16:34:BB:B6:75:98:F8:A3:94:DC:B3:42
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/0mahR_EZvREWNLu2dZj4o5Tcs0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.154.0/23
188.132.170.0/23
188.132.189.0/24
188.132.191.0-188.132.193.255
188.132.196.0/22
188.132.201.0-188.132.203.255
188.132.249.0/24
Signature Algorithm: sha256WithRSAEncryption
80:29:8d:d0:2e:ec:af:ea:57:67:61:ff:51:11:0e:19:af:5f:
bc:a6:91:f3:fe:69:49:61:ca:88:0e:14:67:3b:6e:5e:42:1b:
75:d0:a4:4d:df:d0:25:c3:19:0c:1d:da:31:a7:a5:ac:d9:2e:
fe:64:64:84:2b:25:3b:f8:25:69:34:d3:d5:91:76:21:ab:72:
9c:76:29:49:3f:a2:99:a2:6f:7e:68:b6:4a:d0:b9:3c:ca:45:
a3:d4:61:0b:a3:49:eb:b3:00:46:71:00:51:c4:b4:53:98:98:
60:3f:77:67:eb:46:89:5e:3f:a2:07:4c:bd:a4:7c:8e:2d:18:
44:3f:3e:76:9d:41:4a:18:49:83:ed:5b:7d:29:d4:c7:3d:8a:
62:f3:a9:b9:fb:a5:03:17:c5:d1:69:41:3c:d4:82:cb:b5:c4:
eb:e7:ee:4a:97:ee:73:3a:ce:66:a0:4f:ec:88:5a:24:f6:80:
4a:e4:30:01:3d:e6:2e:df:21:f1:19:d1:45:b6:6c:df:82:19:
d7:02:79:7c:45:81:32:a3:ee:61:72:e0:72:ad:9d:4f:ba:39:
c5:9d:1e:d3:f8:33:af:d8:f0:31:79:fe:e1:70:f4:45:c3:37:
6b:63:f1:b1:0a:08:2a:d8:dc:b4:06:e9:f2:3a:08:04:56:b9:
49:89:2e:28
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEA3cs7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMB4XDTIyMDEy
NDEwMzIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI2NmExNDdmMTE5
YmQxMTE2MzRiYmI2NzU5OGY4YTM5NGRjYjM0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMH6OwkWGUqg/Ub0+n1fR0j/FJIjGeOOVewxF24xzsnApmzw
DqoxHnrNeFULDgs9HW7oqUAgkUNrjybgZme5DIBGkvD0wlHu/dzgqBs1a4jB9+Ea
zkM522I86cDegDrLtZgl4AMr1RLbXVPxQQMS330C03efATq3gtn4FePS6CePAlME
tV3PgLvt17JTIyWXp052BBWChJBd8L7tDxp9/mFzghDsa51M+gML+cLiduULAjVi
+0fyXt24kH2MtX6L8N0GH0hftLItlgUCueYAGycgOM2E37W1sSRFQB5IpEXp4gud
AGNCE0nWxdymxn6KwWTYDNtNxOBRXgQMfEHGpeMCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBTSZqFH8Rm9ERY0u7Z1mPijlNyzQjAfBgNVHSMEGDAWgBTJ1XRH40ILhTh1
tvpANyqt4xksojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8x
LzBtYWhSX0VadlJFV05MdTJkWmo0bzVUY3MwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRV
NGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAbyEmgMEAbyEqgMEALyEvTAMAwQA
vIS/AwQBvITAAwQCvITEMAwDBAC8hMkDBAK8hMgDBAC8hPkwDQYJKoZIhvcNAQEL
BQADggEBAIApjdAu7K/qV2dh/1ERDhmvX7ymkfP+aUlhyogOFGc7bl5CG3XQpE3f
0CXDGQwd2jGnpazZLv5kZIQrJTv4JWk009WRdiGrcpx2KUk/opmib35otkrQuTzK
RaPUYQujSeuzAEZxAFHEtFOYmGA/d2frRoleP6IHTL2kfI4tGEQ/PnadQUoYSYPt
W30p1Mc9imLzqbn7pQMXxdFpQTzUgsu1xOvn7kqX7nM6zmagT+yIWiT2gErkMAE9
5i7fIfEZ0UW2bN+CGdcCeXxFgTKj7mFy4HKtnU+6OcWdHtP4M6/Y8DF5/uFw9EXD
N2tj8bEKCCrY3LQG6fI6CARWuUmJLig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org