Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MGczQZ8A1gOBOOwxIkq7tN0Yd8o.roa
File: MGczQZ8A1gOBOOwxIkq7tN0Yd8o.roa (raw, json)
Hash identifier: WXdKuSyKJbj5wXztbIdipCi0vyCCGma71I6YwF/1jhk=
Subject key identifier: 30:67:33:41:9F:00:D6:03:81:38:EC:31:22:4A:BB:B4:DD:18:77:CA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018239531B82D42B273ED8367A261B728A9D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MGczQZ8A1gOBOOwxIkq7tN0Yd8o.roa
Signing time: Tue 26 Jul 2022 07:05:23 +0000
ROA not before: Tue 26 Jul 2022 07:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:53:1b:82:d4:2b:27:3e:d8:36:7a:26:1b:72:8a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 26 07:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=306733419f00d6038138ec31224abbb4dd1877ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:02:f9:21:7d:d8:fc:ca:90:ac:43:d8:e1:
8d:bf:d5:71:71:34:d1:b0:a4:43:a5:6b:39:7b:28:
04:b6:8c:c2:fc:d4:67:a8:fc:8f:90:9d:21:2c:0f:
67:b9:1a:b2:ba:6b:9c:0a:b9:a9:f6:5d:2b:07:07:
80:8a:69:cc:41:38:08:51:3c:b4:38:50:10:88:22:
ea:ad:3f:0f:a0:34:b4:83:6c:56:48:fa:d9:0b:82:
32:df:e6:a0:5f:2d:b7:16:b5:fb:d4:d9:c7:45:51:
47:d4:bc:48:73:d5:34:58:51:e6:2a:f1:c9:97:82:
c4:c0:81:aa:53:d8:6e:22:47:ee:97:94:a9:73:93:
62:28:d1:33:28:6c:34:21:7b:f0:9f:b4:99:a2:9d:
f3:61:35:1a:c3:d4:72:cc:dd:16:96:97:0a:b7:f9:
88:43:62:09:2d:3b:d0:57:56:72:14:b1:3c:41:81:
f2:b0:7b:3d:40:43:47:bb:e5:66:db:3a:b2:c9:bc:
56:11:50:5a:90:29:81:42:b4:e7:7a:0c:89:c3:8c:
b6:7d:e5:76:d4:14:51:4d:73:80:85:87:24:e2:f7:
83:05:89:12:72:73:1a:56:a0:87:67:39:de:d2:17:
8c:ad:01:da:c7:c6:38:54:f3:7a:47:b3:71:87:57:
55:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:67:33:41:9F:00:D6:03:81:38:EC:31:22:4A:BB:B4:DD:18:77:CA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MGczQZ8A1gOBOOwxIkq7tN0Yd8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
Signature Algorithm: sha256WithRSAEncryption
c5:15:13:d2:48:bf:bd:4d:55:08:ad:1d:ef:22:bb:9e:ec:b3:
7b:8e:88:49:07:7d:17:62:98:81:0e:5f:04:a1:af:cf:b2:bd:
e3:10:d9:69:d4:80:d9:00:d9:e9:d1:40:33:75:b3:7a:1e:0c:
e2:02:db:96:fa:1c:93:dd:11:44:5b:86:e8:c5:e4:42:68:ba:
13:59:db:79:1d:15:a7:5e:87:1d:bb:8f:49:60:bf:2a:81:d5:
8c:8c:d5:ac:e1:1f:50:97:40:90:5f:53:1f:7b:6b:85:d1:3c:
af:1d:73:5a:af:d4:af:a2:de:22:05:39:1d:30:73:48:ab:01:
ab:bd:b2:a6:0f:ca:8f:1e:ac:b6:fc:68:57:e7:2f:60:96:29:
af:e3:bd:f5:60:cb:18:c9:32:d9:1e:32:3e:b9:35:da:b5:fe:
2a:88:cf:5f:48:84:dc:28:2b:eb:8d:0d:73:5c:11:61:d8:bb:
bf:1d:e3:3a:fa:18:20:6f:8b:94:26:3d:58:83:16:f5:a2:56:
de:11:08:b0:f8:7b:21:cb:89:36:21:f3:8e:35:9a:19:80:e3:
7e:8f:a6:af:4a:fc:a6:ff:d4:f4:58:2b:83:38:b4:15:85:c6:
4d:d9:10:db:06:dc:df:bc:e5:c6:39:bf:a5:a5:0f:29:19:93:
33:a3:e7:2a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYI5UxuC1CsnPtg2eiYbcoqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzI2MDcwNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY3MzM0MTlmMDBkNjAzODEzOGVjMzEyMjRhYmJiNGRkMTg3N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe8C+SF92PzKkKxD2OGNv9VxcTTR
sKRDpWs5eygEtozC/NRnqPyPkJ0hLA9nuRqyumucCrmp9l0rBweAimnMQTgIUTy0
OFAQiCLqrT8PoDS0g2xWSPrZC4Iy3+agXy23FrX71NnHRVFH1LxIc9U0WFHmKvHJ
l4LEwIGqU9huIkful5Spc5NiKNEzKGw0IXvwn7SZop3zYTUaw9RyzN0WlpcKt/mI
Q2IJLTvQV1ZyFLE8QYHysHs9QENHu+Vm2zqyybxWEVBakCmBQrTnegyJw4y2feV2
1BRRTXOAhYck4veDBYkScnMaVqCHZzne0heMrQHax8Y4VPN6R7Nxh1dVuwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFDBnM0GfANYDgTjsMSJKu7TdGHfKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTUdjelFaOEExZ09CT093eElrcTd0TjBZZDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljA2BAIAATAwAwQCLYiI
AwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJvMFwEAgAC
MFYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMHACoO
sQcJ8gMHACoOsQcRZQMHACoOsQcXhgMHACoP5AQBAgMHBCoQzEABwDANBgkqhkiG
9w0BAQsFAAOCAQEAxRUT0ki/vU1VCK0d7yK7nuyze46ISQd9F2KYgQ5fBKGvz7K9
4xDZadSA2QDZ6dFAM3Wzeh4M4gLblvock90RRFuG6MXkQmi6E1nbeR0Vp16HHbuP
SWC/KoHVjIzVrOEfUJdAkF9TH3trhdE8rx1zWq/Ur6LeIgU5HTBzSKsBq72ypg/K
jx6stvxoV+cvYJYpr+O99WDLGMky2R4yPrk12rX+KojPX0iE3Cgr640Nc1wRYdi7
vx3jOvoYIG+LlCY9WIMW9aJW3hEIsPh7IcuJNiHzjjWaGYDjfo+mr0r8pv/U9Fgr
gzi0FYXGTdkQ2wbc37zlxjm/paUPKRmTM6PnKg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org