Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/mwyKlOloqUH1Euxa_frypEWVhZQ.roa
File: mwyKlOloqUH1Euxa_frypEWVhZQ.roa (raw, json)
Hash identifier: P/niJqP9c7PtdXy2X2M/AUqr+2AQxhAs6p5YT1WKnaY=
Subject key identifier: 9B:0C:8A:94:E9:68:A9:41:F5:12:EC:5A:FD:FA:F2:A4:45:95:85:94
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 01832EE6D63E0597648E8283FE8A18CE65B5
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/mwyKlOloqUH1Euxa_frypEWVhZQ.roa
Signing time: Sun 11 Sep 2022 23:33:43 +0000
ROA not before: Sun 11 Sep 2022 23:33:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 185.62.136.0/22 maxlen: 24
185.160.65.0/24 maxlen: 24
185.160.66.0/23 maxlen: 24
185.141.188.0/22 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.52.148.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.168.108.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.148.44.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
85.187.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:2e:e6:d6:3e:05:97:64:8e:82:83:fe:8a:18:ce:65:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Sep 11 23:33:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b0c8a94e968a941f512ec5afdfaf2a445958594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:a1:b9:14:2a:7e:2c:63:35:64:ea:65:21:
29:cf:51:e8:8f:40:f8:c4:67:df:ad:36:1a:ca:20:
ce:d8:b9:d4:39:ca:ce:43:7c:4d:86:ef:57:fd:c3:
4f:09:cf:04:39:bf:0e:36:ab:77:39:0d:85:c1:99:
a6:f4:6f:9b:35:2b:43:2c:00:9f:70:9b:a4:44:41:
d0:63:ff:cf:90:59:72:c8:d0:51:88:7a:ad:b7:71:
85:7e:24:0f:ff:78:4f:d1:ca:23:e3:66:4a:cb:60:
e1:94:09:79:94:35:0a:9d:32:0f:d1:7d:6e:e6:32:
95:b6:9e:41:91:3c:68:11:c2:92:4f:a9:d0:1c:a1:
52:fd:c2:8d:a0:f9:2a:93:93:fe:cc:90:bd:60:c0:
e7:7c:9c:d3:4c:95:9d:c6:aa:1e:e8:0a:b2:d5:80:
96:8a:b0:7c:cc:0d:90:d3:23:7a:b5:96:ab:25:b6:
dd:a3:20:5f:63:83:d8:1a:ee:8c:ca:7d:33:26:24:
61:35:0a:64:19:26:29:66:a9:e5:9e:4a:32:d2:aa:
9a:12:48:62:92:8e:7e:bc:c5:eb:3c:c8:c3:92:41:
f5:59:35:46:65:ca:6c:ec:f4:84:88:11:c0:7b:11:
32:30:da:e1:f4:96:95:e1:2d:a4:9d:dc:47:29:75:
4c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0C:8A:94:E9:68:A9:41:F5:12:EC:5A:FD:FA:F2:A4:45:95:85:94
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/mwyKlOloqUH1Euxa_frypEWVhZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
16:0c:ce:2a:3b:fc:b1:e7:3f:d3:d6:6a:fd:15:a4:65:67:8a:
df:cf:80:4d:f3:65:01:87:02:fa:09:a9:5f:7e:2d:f1:98:52:
44:f7:58:76:ee:03:1b:0c:79:56:bc:de:09:68:0c:43:bf:24:
6b:65:ea:3f:3c:22:98:93:6a:85:d1:38:0f:1a:31:57:6d:1e:
31:71:42:d3:43:2b:8e:8e:fb:30:3a:61:08:59:99:de:73:f3:
e4:fb:18:db:c2:e0:96:b0:37:6d:ba:da:73:2d:df:99:9c:a5:
4a:9e:0b:b3:76:c8:91:37:49:4c:29:0b:aa:06:a5:c4:1a:66:
1f:f9:13:94:78:6b:33:4c:1e:90:ef:64:1f:5f:75:cc:dd:aa:
5f:70:33:76:ec:a9:5a:46:03:e1:83:f5:53:99:af:9b:b7:be:
bc:bd:63:f6:fe:7b:ff:c4:c5:63:ca:bb:64:36:4d:f5:e2:38:
da:88:9d:50:52:e9:39:d8:9e:e8:55:e3:7f:6d:d6:28:6e:91:
cf:cd:e5:79:53:df:66:37:bb:40:8d:2f:97:ab:cd:26:93:e2:
b9:ea:ad:5a:09:65:e7:8c:a0:30:d5:35:1d:7a:e7:5f:73:1d:
2e:72:5e:f6:26:d2:f8:ac:71:37:fa:39:5b:1e:1d:10:88:21:
51:32:58:93
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYMu5tY+BZdkjoKD/ooYzmW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjIwOTExMjMzMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjBjOGE5NGU5NjhhOTQxZjUxMmVjNWFmZGZhZjJhNDQ1OTU4NTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsqhuRQqfixjNWTqZSEpz1Hoj0D4
xGffrTYayiDO2LnUOcrOQ3xNhu9X/cNPCc8EOb8ONqt3OQ2FwZmm9G+bNStDLACf
cJukREHQY//PkFlyyNBRiHqtt3GFfiQP/3hP0coj42ZKy2DhlAl5lDUKnTIP0X1u
5jKVtp5BkTxoEcKST6nQHKFS/cKNoPkqk5P+zJC9YMDnfJzTTJWdxqoe6Aqy1YCW
irB8zA2Q0yN6tZarJbbdoyBfY4PYGu6Myn0zJiRhNQpkGSYpZqnlnkoy0qqaEkhi
ko5+vMXrPMjDkkH1WTVGZcps7PSEiBHAexEyMNrh9JaV4S2kndxHKXVMnwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJsMipTpaKlB9RLsWv368qRFlYWUMB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvbXd5S2xPbG9xVUgxRXV4YV9mcnlwRVdWaFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBVW7gAME
Ark0lAMEArk+iAMEArmEBAMEArmFFAMEArmNvAMEArmPLAMEArmSFAMEArmSHAME
ArmULAMEArmUgAMEArmVcAMEArmXMDAMAwQAuaBBAwQCuaBAMAwDBAC5ppEDBAK5
ppADBAK5qGwwDQYJKoZIhvcNAQELBQADggEBABYMzio7/LHnP9PWav0VpGVnit/P
gE3zZQGHAvoJqV9+LfGYUkT3WHbuAxsMeVa83gloDEO/JGtl6j88IpiTaoXROA8a
MVdtHjFxQtNDK46O+zA6YQhZmd5z8+T7GNvC4JawN2262nMt35mcpUqeC7N2yJE3
SUwpC6oGpcQaZh/5E5R4azNMHpDvZB9fdczdql9wM3bsqVpGA+GD9VOZr5u3vry9
Y/b+e//ExWPKu2Q2TfXiONqInVBS6TnYnuhV439t1ihukc/N5XlT32Y3u0CNL5er
zSaT4rnqrVoJZeeMoDDVNR16519zHS5yXvYm0viscTf6OVseHRCIIVEyWJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:31 2024 by rpki-client on console-ams.rpki-client.org