Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/Mhk_uiSw8ACIwaMKzO5FpJLTFQw.roa
File: Mhk_uiSw8ACIwaMKzO5FpJLTFQw.roa (raw, json)
Hash identifier: 8H59PbYWumeNgUu1wrNs8FfC6DyzeFB7Aet6h+PdP0c=
Subject key identifier: 32:19:3F:BA:24:B0:F0:00:88:C1:A3:0A:CC:EE:45:A4:92:D3:15:0C
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1CA51588
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/Mhk_uiSw8ACIwaMKzO5FpJLTFQw.roa
Signing time: Tue 01 Feb 2022 16:56:34 +0000
ROA not before: Tue 01 Feb 2022 16:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 212.111.222.0/24 maxlen: 24
212.111.223.0/24 maxlen: 24
212.111.220.0/24 maxlen: 24
212.111.221.0/24 maxlen: 24
195.178.140.0/24 maxlen: 24
195.178.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 480581000 (0x1ca51588)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 1 16:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32193fba24b0f00088c1a30accee45a492d3150c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f2:d6:89:b6:8e:1b:64:c4:10:67:36:a2:8e:
7c:f4:e8:c1:e8:c2:48:04:b0:1c:b8:c8:c1:57:b5:
97:96:1d:70:19:f4:50:25:a9:62:fe:9c:e3:6a:9c:
ed:7d:db:36:e5:67:7c:f9:46:02:28:bf:fb:d1:5a:
f8:d4:d4:c1:0d:aa:c5:64:1b:bf:02:bc:2a:cc:be:
a3:03:de:16:96:9e:79:00:47:ec:14:cd:5e:69:f4:
1e:aa:19:24:7a:b3:d6:4d:cf:c0:89:35:1b:3d:84:
0d:75:42:10:c2:3d:cc:8b:88:a4:bf:69:62:ca:de:
dd:bc:f6:7e:89:9d:0c:d0:9a:dd:e0:c5:f1:57:11:
88:75:4e:7d:da:0f:7d:6d:f0:16:ba:8f:49:48:62:
5e:4a:ed:b1:bf:24:d1:04:1f:4f:e3:df:81:bf:4f:
9d:ca:fd:25:66:2f:15:87:70:36:88:23:9c:86:38:
7b:54:a3:17:d8:3c:36:d9:4b:f5:fa:5f:f6:1e:be:
90:4a:a1:cb:1b:e3:0b:6a:79:d7:63:04:4c:17:ee:
aa:b9:9f:26:60:35:6c:aa:ee:d5:09:98:76:27:12:
43:f4:cb:b8:6b:ab:26:d6:10:e5:b0:f9:36:0e:18:
3e:cb:4f:19:04:0e:b5:f8:d8:4f:9d:13:f0:a7:af:
4c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:19:3F:BA:24:B0:F0:00:88:C1:A3:0A:CC:EE:45:A4:92:D3:15:0C
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/Mhk_uiSw8ACIwaMKzO5FpJLTFQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.140.0/23
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
73:23:a5:7f:27:fc:9d:00:88:18:cc:6c:1d:66:81:e9:7f:0a:
89:84:33:41:13:c0:9d:03:c4:6a:18:82:37:b9:73:bd:c1:d0:
bb:d8:0d:d0:45:7e:78:79:f0:0d:e9:c9:87:39:9b:b1:52:80:
d3:3f:a7:51:02:ec:1c:b1:cf:e1:56:9d:4b:0b:d7:e6:01:ec:
e8:f0:d2:80:7b:0d:9d:16:9c:ce:5f:fb:cd:f4:1a:1f:06:b8:
51:7f:58:1a:41:4b:0c:5e:32:76:f5:34:fe:58:3b:f7:b8:6a:
5f:1b:65:90:82:7c:f5:76:2f:59:c4:fe:17:9e:d2:7c:b5:d1:
e2:35:94:7e:d5:78:8d:77:64:a3:60:52:dd:b2:39:18:f4:ec:
e5:e3:56:36:cc:9f:21:f7:d9:76:ac:95:0f:a3:31:6b:42:1e:
20:d6:dd:13:29:ff:f8:c5:3f:f0:5e:92:46:29:33:3b:49:ef:
ff:5b:a2:6d:5e:ab:ce:d0:9b:d6:34:8e:ca:76:3f:56:79:52:
0f:d4:e0:6b:83:8a:b5:21:f7:c5:08:8c:2c:c1:28:79:7a:34:
27:be:7f:ca:59:04:9f:83:0a:05:e6:a4:81:17:a3:cc:40:1a:
06:05:36:2e:06:6d:f4:38:2e:dc:f3:6d:f5:73:d7:ba:4e:f8:
d4:22:2b:dd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHKUViDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDIw
MTE2NTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIxOTNmYmEyNGIw
ZjAwMDg4YzFhMzBhY2NlZTQ1YTQ5MmQzMTUwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLy1om2jhtkxBBnNqKOfPTowejCSASwHLjIwVe1l5YdcBn0
UCWpYv6c42qc7X3bNuVnfPlGAii/+9Fa+NTUwQ2qxWQbvwK8Ksy+owPeFpaeeQBH
7BTNXmn0HqoZJHqz1k3PwIk1Gz2EDXVCEMI9zIuIpL9pYsre3bz2fomdDNCa3eDF
8VcRiHVOfdoPfW3wFrqPSUhiXkrtsb8k0QQfT+Pfgb9Pncr9JWYvFYdwNogjnIY4
e1SjF9g8NtlL9fpf9h6+kEqhyxvjC2p512METBfuqrmfJmA1bKru1QmYdicSQ/TL
uGurJtYQ5bD5Ng4YPstPGQQOtfjYT50T8KevTBcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQyGT+6JLDwAIjBowrM7kWkktMVDDAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L01oa191aVN3OEFDSXdhTUt6TzVGcEpMVEZRdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcOyjAMEAtRv3DANBgkqhkiG9w0B
AQsFAAOCAQEAcyOlfyf8nQCIGMxsHWaB6X8KiYQzQRPAnQPEahiCN7lzvcHQu9gN
0EV+eHnwDenJhzmbsVKA0z+nUQLsHLHP4VadSwvX5gHs6PDSgHsNnRaczl/7zfQa
Hwa4UX9YGkFLDF4ydvU0/lg797hqXxtlkIJ89XYvWcT+F57SfLXR4jWUftV4jXdk
o2BS3bI5GPTs5eNWNsyfIffZdqyVD6Mxa0IeINbdEyn/+MU/8F6SRikzO0nv/1ui
bV6rztCb1jSOynY/VnlSD9Tga4OKtSH3xQiMLMEoeXo0J75/ylkEn4MKBeakgRej
zEAaBgU2LgZt9Dgu3PNt9XPXuk741CIr3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org