Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mpzPs31KxZt8UNlcldLLrvAISRI.roa
File: mpzPs31KxZt8UNlcldLLrvAISRI.roa (raw, json)
Hash identifier: PlpvOPk5q4eY8nIsHnrzbnSkOocuqzCVjtYR44RZzL4=
Subject key identifier: 9A:9C:CF:B3:7D:4A:C5:9B:7C:50:D9:5C:95:D2:CB:AE:F0:08:49:12
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0184BEED1C9B6C798474AC30290F7AADCB53
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mpzPs31KxZt8UNlcldLLrvAISRI.roa
Signing time: Mon 28 Nov 2022 15:48:41 +0000
ROA not before: Mon 28 Nov 2022 15:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206065
IP address blocks: 185.21.76.0/22 maxlen: 24
217.66.211.0/24 maxlen: 24
217.66.208.0/24 maxlen: 24
185.70.60.0/22 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 23
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 23
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
86.109.32.0/23 maxlen: 23
81.29.250.0/24 maxlen: 24
81.29.250.0/23 maxlen: 23
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
188.75.122.0/23 maxlen: 23
86.109.41.0/24 maxlen: 24
185.142.233.0/24 maxlen: 24
86.109.56.0/23 maxlen: 23
79.132.213.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
87.247.180.0/23 maxlen: 24
176.221.65.0/24 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.124.0/23 maxlen: 23
80.71.122.0/23 maxlen: 23
80.71.127.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
188.136.220.0/23 maxlen: 23
37.114.252.0/24 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
185.104.228.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:ed:1c:9b:6c:79:84:74:ac:30:29:0f:7a:ad:cb:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Nov 28 15:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a9ccfb37d4ac59b7c50d95c95d2cbaef0084912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2c:6e:73:f2:dd:a9:50:5c:e6:f4:9f:b9:a4:
23:98:f5:ac:e0:62:7d:19:b6:bc:60:9f:d2:5e:52:
04:d0:2b:61:bf:35:3f:ec:b7:16:50:36:dc:d5:5d:
50:9d:d2:cc:41:37:b5:d4:53:2e:51:f0:85:95:90:
dd:d5:9d:ab:c9:0c:93:f1:be:25:4b:4e:f7:c5:7d:
86:05:03:f8:94:f2:50:b9:e7:5a:4d:ef:5f:30:3e:
76:d4:d7:67:1a:04:1a:ff:b1:10:e8:f1:24:83:81:
ac:bd:1e:a6:81:88:27:82:b5:b3:a9:b3:54:59:d4:
49:ec:61:d7:41:85:d2:b3:18:5c:fe:72:a2:21:8b:
d3:18:9e:ab:25:4d:6a:4e:2e:b1:56:11:b6:67:e8:
9e:ea:fc:7e:28:f8:11:ef:c4:cd:72:86:2f:5b:9f:
f1:59:e7:da:e7:6d:74:69:b0:f4:71:68:58:b9:9a:
bf:69:02:0a:65:51:a9:8b:30:d2:4e:33:ba:75:39:
06:0c:91:aa:84:23:2b:dc:fa:ff:cb:cc:da:1d:21:
ed:3a:5c:95:f7:a0:01:50:88:11:1b:fe:a0:37:30:
27:5c:08:68:7d:da:1c:b4:7c:78:a6:64:4f:2c:5e:
ba:1a:4e:b8:4b:92:99:d1:c9:66:b0:25:8c:ad:90:
36:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9C:CF:B3:7D:4A:C5:9B:7C:50:D9:5C:95:D2:CB:AE:F0:08:49:12
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mpzPs31KxZt8UNlcldLLrvAISRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.248.0/21
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
79.132.213.0/24
79.132.217.0/24
79.132.219.0/24
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
86.109.32.0/23
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.70.60.0/22
185.104.228.0/24
185.142.233.0-185.142.235.255
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.122.0/23
188.136.220.0/23
217.66.208.0/24
217.66.211.0/24
Signature Algorithm: sha256WithRSAEncryption
52:d2:bc:4e:ba:de:0f:6f:64:74:51:a4:36:56:23:5e:d5:f4:
35:12:91:1b:a6:2a:ff:77:da:3f:8b:50:06:e0:58:3d:50:74:
fb:e2:37:cc:36:5e:aa:22:55:3c:9c:36:3e:04:9b:6d:77:1d:
89:8c:04:bf:35:61:10:65:64:93:ea:4e:6c:ca:46:c4:5c:30:
2c:32:69:f5:b6:c9:5b:c3:1b:9a:6c:d3:c3:3f:44:15:b1:69:
df:94:c1:82:42:5d:4d:9b:3e:9a:8e:94:2c:e1:36:0f:45:f5:
9a:c5:e2:4c:5c:3d:3d:6c:8c:e5:6b:5b:a5:e2:32:aa:04:4b:
9b:cb:14:a4:b4:17:22:c1:96:59:21:e5:e8:b1:e7:a0:99:aa:
3c:46:db:b9:e7:eb:6d:c8:89:63:58:6a:e2:45:23:80:06:9f:
e4:d4:84:ee:64:99:27:11:83:75:ae:f6:b4:8b:d1:8e:78:b6:
0a:34:b4:10:9b:2a:8e:fa:61:45:25:d0:c0:0b:5a:9e:c9:9f:
6c:36:f2:d3:27:d8:87:58:46:c9:30:5c:1a:52:6a:7c:6a:34:
7d:d8:3d:05:9b:66:03:68:60:d1:33:62:f1:6d:ce:1d:dc:10:
e4:94:03:1a:cc:c0:9c:b7:f2:62:99:76:af:dd:ed:0c:a4:bf:
8c:91:07:97
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYS+7RybbHmEdKwwKQ96rctTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjIxMTI4MTU0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTljY2ZiMzdkNGFjNTliN2M1MGQ5NWM5NWQyY2JhZWYwMDg0OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyxuc/LdqVBc5vSfuaQjmPWs4GJ9
Gba8YJ/SXlIE0CthvzU/7LcWUDbc1V1QndLMQTe11FMuUfCFlZDd1Z2ryQyT8b4l
S073xX2GBQP4lPJQuedaTe9fMD521NdnGgQa/7EQ6PEkg4GsvR6mgYgngrWzqbNU
WdRJ7GHXQYXSsxhc/nKiIYvTGJ6rJU1qTi6xVhG2Z+ie6vx+KPgR78TNcoYvW5/x
Wefa5210abD0cWhYuZq/aQIKZVGpizDSTjO6dTkGDJGqhCMr3Pr/y8zaHSHtOlyV
96ABUIgRG/6gNzAnXAhofdoctHx4pmRPLF66Gk64S5KZ0clmsCWMrZA2BwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFJqcz7N9SsWbfFDZXJXSy67wCEkSMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvbXB6UHMzMUt4WnQ4VU5sY2xkTExydkFJU1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAMl
cvgDBAAuIAUDBAAuIAkDBAAuIA4DBABPhNUDBABPhNkDBABPhNsDBABQR3EwDAME
AVBHegMEAVBHfAMEAFBHfwMEAFEd8wMEA1Ed+AMEAVZtIAMEAFZtKQMEAVZtOAME
AVf3tAMEALDdQQMEALkMPgMEArkVTAMEArlGPAMEALlo5DAMAwQAuY7pAwQCuY7o
AwQAvEtcAwQAvEteAwQBvEtmAwQAvEtrAwQBvEtuAwQBvEt6AwQBvIjcAwQA2ULQ
AwQA2ULTMA0GCSqGSIb3DQEBCwUAA4IBAQBS0rxOut4Pb2R0UaQ2ViNe1fQ1EpEb
pir/d9o/i1AG4Fg9UHT74jfMNl6qIlU8nDY+BJttdx2JjAS/NWEQZWST6k5sykbE
XDAsMmn1tslbwxuabNPDP0QVsWnflMGCQl1Nmz6ajpQs4TYPRfWaxeJMXD09bIzl
a1ul4jKqBEubyxSktBciwZZZIeXoseegmao8Rtu55+ttyIljWGriRSOABp/k1ITu
ZJknEYN1rva0i9GOeLYKNLQQmyqO+mFFJdDAC1qeyZ9sNvLTJ9iHWEbJMFwaUmp8
ajR92D0Fm2YDaGDRM2Lxbc4d3BDklAMazMCct/JimXav3e0MpL+MkQeX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org