Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/m2wPC1Z34Fpxl-e64zWCJT8_sc0.roa
File: m2wPC1Z34Fpxl-e64zWCJT8_sc0.roa (raw, json)
Hash identifier: gu0mzvzu42td9+xcKrochm5Lp0F5zo8bH6gZV9hWQqI=
Subject key identifier: 9B:6C:0F:0B:56:77:E0:5A:71:97:E7:BA:E3:35:82:25:3F:3F:B1:CD
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 04011889
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/m2wPC1Z34Fpxl-e64zWCJT8_sc0.roa
Signing time: Thu 20 Jan 2022 14:59:37 +0000
ROA not before: Thu 20 Jan 2022 14:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8362
IP address blocks: 5.158.240.0/20 maxlen: 20
79.141.192.0/24 maxlen: 24
79.141.193.0/24 maxlen: 24
79.141.197.0/24 maxlen: 24
37.220.48.0/20 maxlen: 20
46.162.128.0/18 maxlen: 18
213.151.176.0/20 maxlen: 20
185.9.96.0/22 maxlen: 22
62.64.32.0/19 maxlen: 19
185.72.248.0/22 maxlen: 22
2a01:8e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67180681 (0x4011889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Jan 20 14:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b6c0f0b5677e05a7197e7bae33582253f3fb1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b4:f3:e9:3d:8d:0f:4d:97:a8:a0:95:1c:51:
c8:f6:42:d5:75:2e:22:f0:c3:c9:7d:7c:e2:72:97:
b8:6c:09:0d:d1:4f:7d:54:e2:6f:d5:aa:9b:f2:d8:
3a:d5:c9:f8:6a:07:cb:e7:78:29:72:a7:59:95:a4:
ee:81:e2:50:14:7e:6b:fb:f9:5f:dc:d1:1a:62:65:
3b:7e:62:1f:5d:24:f6:71:a1:b5:f6:2f:5b:0a:5a:
a9:6a:59:0c:19:1a:37:f9:80:2e:7c:ed:24:3b:f6:
c1:09:76:66:5b:54:92:59:96:c9:06:ba:c5:a4:af:
38:9a:f5:0b:66:aa:74:22:d8:21:5b:b7:1e:a6:34:
6c:9c:83:95:a1:06:a2:29:38:c0:09:e8:7b:06:64:
2d:02:20:5d:d5:b4:a6:7f:26:5c:a8:66:76:35:2b:
78:a2:97:e1:26:30:49:77:86:e8:01:3e:62:9c:c2:
22:b3:47:1e:9d:c8:42:c6:fa:cd:e0:c8:13:8a:69:
69:d0:36:c8:61:d5:3b:16:46:a0:b8:21:e3:f3:c9:
fa:18:b8:a7:3e:2a:09:68:94:cf:4c:8c:74:5b:b9:
e9:9c:93:ad:ee:34:0f:d6:bf:79:17:a6:d1:c1:60:
3c:36:df:9e:00:c5:b6:dd:3c:30:3c:87:d8:03:c6:
6e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6C:0F:0B:56:77:E0:5A:71:97:E7:BA:E3:35:82:25:3F:3F:B1:CD
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/m2wPC1Z34Fpxl-e64zWCJT8_sc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.240.0/20
37.220.48.0/20
46.162.128.0/18
62.64.32.0/19
79.141.192.0/23
79.141.197.0/24
185.9.96.0/22
185.72.248.0/22
213.151.176.0/20
IPv6:
2a01:8e80::/29
Signature Algorithm: sha256WithRSAEncryption
00:7f:32:d3:c5:42:de:89:ec:30:6b:9b:46:c9:9b:ab:bd:2c:
6a:5e:89:e8:3d:40:c7:ee:d0:b6:6e:b7:38:98:7c:4f:68:69:
f4:f0:53:54:4d:a7:ff:69:91:30:6f:c1:61:04:22:25:b8:44:
14:d7:a5:41:32:f0:32:71:b4:64:f1:86:b4:01:bb:ca:d7:7c:
9c:75:ee:96:bd:7a:63:e0:2e:41:e5:16:84:dc:a0:3b:e7:8b:
77:b5:70:a7:e4:28:3e:1c:58:e6:93:0d:10:9c:46:96:05:99:
b3:7b:67:59:54:bd:9a:90:2d:dc:4f:8e:57:a1:f3:1f:4a:38:
a4:df:4e:55:50:12:16:02:91:e5:ae:0c:1b:03:35:b6:91:92:
04:d7:0f:a5:36:c9:02:f4:5c:8a:34:39:0f:cd:83:04:2e:da:
44:25:9c:43:31:c1:47:03:67:54:26:f9:3f:bf:50:0e:a6:e1:
9a:c4:21:50:4f:a4:84:05:e8:f9:f8:81:c9:d8:70:6c:a6:2f:
8a:38:be:bd:fb:f8:42:85:e3:c4:76:83:60:9d:8a:65:23:ed:
5a:c0:1a:14:29:7c:e8:0e:77:14:b6:d5:47:69:f8:7c:ad:b3:
5d:52:80:96:e3:e4:39:e6:8f:48:59:1b:ea:84:d9:d6:48:15:
c5:7a:94:af
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBAEYiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODEyZTQ5MWFhYTY1NWI2MzI0ZGJjYzBjZmYwMGE4ZDYzMTkxMDc2MB4XDTIyMDEy
MDE0NTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI2YzBmMGI1Njc3
ZTA1YTcxOTdlN2JhZTMzNTgyMjUzZjNmYjFjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALa08+k9jQ9Nl6iglRxRyPZC1XUuIvDDyX184nKXuGwJDdFP
fVTib9Wqm/LYOtXJ+GoHy+d4KXKnWZWk7oHiUBR+a/v5X9zRGmJlO35iH10k9nGh
tfYvWwpaqWpZDBkaN/mALnztJDv2wQl2ZltUklmWyQa6xaSvOJr1C2aqdCLYIVu3
HqY0bJyDlaEGoik4wAnoewZkLQIgXdW0pn8mXKhmdjUreKKX4SYwSXeG6AE+YpzC
IrNHHp3IQsb6zeDIE4ppadA2yGHVOxZGoLgh4/PJ+hi4pz4qCWiUz0yMdFu56ZyT
re40D9a/eRem0cFgPDbfngDFtt08MDyH2APGbgECAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSbbA8LVnfgWnGX57rjNYIlPz+xzTAfBgNVHSMEGDAWgBSYEuSRqqZVtjJN
vMDP8AqNYxkQdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21CTGtrYXFtVmJZeVRiekF6X0FLaldNWkVIWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvMGU3ZWQzLTQ4Y2ItNGFmZS04ZDE1LWRmZmUxN2YzZGI1NC8x
L20yd1BDMVozNEZweGwtZTY0eldDSlQ4X3NjMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
MGU3ZWQzLTQ4Y2ItNGFmZS04ZDE1LWRmZmUxN2YzZGI1NC8xL21CTGtrYXFtVmJZ
eVRiekF6X0FLaldNWkVIWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBAWe8AMEBCXcMAMEBi6igAMEBT5A
IAMEAU+NwAMEAE+NxQMEArkJYAMEArlI+AMEBNWXsDANBAIAAjAHAwUDKgGOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAH8y08VC3onsMGubRsmbq70sal6J6D1Ax+7Qtm63
OJh8T2hp9PBTVE2n/2mRMG/BYQQiJbhEFNelQTLwMnG0ZPGGtAG7ytd8nHXulr16
Y+AuQeUWhNygO+eLd7Vwp+QoPhxY5pMNEJxGlgWZs3tnWVS9mpAt3E+OV6HzH0o4
pN9OVVASFgKR5a4MGwM1tpGSBNcPpTbJAvRcijQ5D82DBC7aRCWcQzHBRwNnVCb5
P79QDqbhmsQhUE+khAXo+fiBydhwbKYviji+vfv4QoXjxHaDYJ2KZSPtWsAaFCl8
6A53FLbVR2n4fK2zXVKAluPkOeaPSFkb6oTZ1kgVxXqUrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:25 2024 by rpki-client on console-ams.rpki-client.org