Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/mAf2cmeNKWxgQD1xdKafqw0qIKQ.roa
File: mAf2cmeNKWxgQD1xdKafqw0qIKQ.roa (raw, json)
Hash identifier: 7afBsvwduur8/DOChgWArwfXlUn+6xVyAnlT1GYD+/o=
Subject key identifier: 98:07:F6:72:67:8D:29:6C:60:40:3D:71:74:A6:9F:AB:0D:2A:20:A4
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 0182D6233B1971D382DB96CD90F2D75587A1
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/mAf2cmeNKWxgQD1xdKafqw0qIKQ.roa
Signing time: Thu 25 Aug 2022 17:53:29 +0000
ROA not before: Thu 25 Aug 2022 17:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 194.113.239.0/24 maxlen: 24
185.238.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d6:23:3b:19:71:d3:82:db:96:cd:90:f2:d7:55:87:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Aug 25 17:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9807f672678d296c60403d7174a69fab0d2a20a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:67:48:1c:4c:7f:1e:63:a7:ad:24:fc:ee:87:
bb:19:b6:f0:3b:9f:db:40:71:cb:99:cd:f7:e7:42:
6f:fa:2d:de:ea:2a:f9:d0:a1:c6:67:11:af:91:61:
25:06:2f:85:7d:df:69:9d:1f:d9:17:9e:e2:15:21:
99:27:d5:8c:55:9c:56:fd:b8:33:fe:4b:3a:1a:20:
17:ac:77:64:42:56:46:85:6a:5b:8b:d1:c5:b9:00:
d4:9b:72:0f:30:08:d5:98:62:cb:08:94:2c:66:7f:
0d:5a:40:77:d2:de:c6:21:b3:42:74:ed:13:36:b4:
50:dd:1c:8b:01:89:22:57:d3:0e:86:b5:fe:1a:bb:
3c:2e:9d:e8:c3:9f:b3:aa:92:09:21:50:82:d6:47:
7a:99:59:97:c7:c2:63:c1:92:07:29:3a:06:d0:a3:
ee:67:e1:6f:34:e9:30:a5:d8:f6:41:a5:1e:8b:29:
84:3f:d4:80:af:36:ac:c4:85:57:c1:e2:61:81:9f:
5f:18:b1:94:c3:2c:39:e7:f2:c1:7f:e6:df:32:91:
25:5b:12:80:c9:85:ad:47:73:72:ec:89:92:ec:9c:
95:fa:75:0f:8e:b4:57:3e:3c:2c:61:fd:c2:eb:0b:
a9:4d:20:59:06:7c:c5:05:80:53:03:74:55:6e:96:
31:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:07:F6:72:67:8D:29:6C:60:40:3D:71:74:A6:9F:AB:0D:2A:20:A4
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/mAf2cmeNKWxgQD1xdKafqw0qIKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.88.0/22
194.113.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:97:08:ee:c6:9d:1d:34:f0:f7:18:2d:70:2c:f5:e2:8e:e3:
ab:ab:82:10:b4:86:0a:ad:16:8a:f0:42:b1:d2:33:b1:7d:4b:
7f:2f:68:01:32:64:6f:a0:18:f9:0c:f8:83:fb:2c:f1:7e:9a:
20:00:76:2d:83:0a:99:db:95:5f:92:67:62:d7:cb:bc:2e:9f:
95:c5:3c:3e:3e:da:22:ab:bd:00:da:6e:a1:67:14:be:d7:df:
a1:5d:22:d2:a9:e5:65:92:eb:46:2b:12:f5:54:cc:5f:86:3d:
71:73:40:ec:a8:1b:64:03:d0:88:9d:71:87:27:8f:03:46:a9:
76:f3:ca:40:30:32:b2:78:82:67:9a:16:3e:b1:3e:63:1f:ce:
4d:ca:84:0e:a7:9e:86:1f:a3:59:8a:8b:79:1d:ef:6e:d6:1b:
88:52:ab:41:b4:9e:83:40:76:68:72:3b:54:7c:d4:83:6f:d7:
f4:d0:cb:25:ff:58:ec:05:a6:1e:1d:30:dd:62:9a:c1:50:48:
75:68:69:29:6c:5d:dc:90:f6:27:93:88:85:90:8b:0e:5e:50:
96:41:18:cd:3c:5d:9b:54:97:71:c5:60:f7:84:e5:a2:f2:7a:
61:a0:cf:8b:f1:26:70:01:4f:33:a6:2d:7a:85:12:9f:15:10:
d0:a9:9e:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLWIzsZcdOC25bNkPLXVYehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjIwODI1MTc1MzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODA3ZjY3MjY3OGQyOTZjNjA0MDNkNzE3NGE2OWZhYjBkMmEyMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmdIHEx/HmOnrST87oe7GbbwO5/b
QHHLmc3350Jv+i3e6ir50KHGZxGvkWElBi+Ffd9pnR/ZF57iFSGZJ9WMVZxW/bgz
/ks6GiAXrHdkQlZGhWpbi9HFuQDUm3IPMAjVmGLLCJQsZn8NWkB30t7GIbNCdO0T
NrRQ3RyLAYkiV9MOhrX+Grs8Lp3ow5+zqpIJIVCC1kd6mVmXx8JjwZIHKToG0KPu
Z+FvNOkwpdj2QaUeiymEP9SArzasxIVXweJhgZ9fGLGUwyw55/LBf+bfMpElWxKA
yYWtR3Ny7ImS7JyV+nUPjrRXPjwsYf3C6wupTSBZBnzFBYBTA3RVbpYxxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJgH9nJnjSlsYEA9cXSmn6sNKiCkMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvbUFmMmNtZU5LV3hnUUQxeGRLYWZxdzBxSUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCue5YAwQA
wnHvMA0GCSqGSIb3DQEBCwUAA4IBAQAtlwjuxp0dNPD3GC1wLPXijuOrq4IQtIYK
rRaK8EKx0jOxfUt/L2gBMmRvoBj5DPiD+yzxfpogAHYtgwqZ25Vfkmdi18u8Lp+V
xTw+Ptoiq70A2m6hZxS+19+hXSLSqeVlkutGKxL1VMxfhj1xc0DsqBtkA9CInXGH
J48DRql288pAMDKyeIJnmhY+sT5jH85NyoQOp56GH6NZiot5He9u1huIUqtBtJ6D
QHZocjtUfNSDb9f00Msl/1jsBaYeHTDdYprBUEh1aGkpbF3ckPYnk4iFkIsOXlCW
QRjNPF2bVJdxxWD3hOWi8nphoM+L8SZwAU8zpi16hRKfFRDQqZ47
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:18 2024 by rpki-client on console-ams.rpki-client.org