Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/mnPTTVGOpr_NSJp6KwmGyXZlo60.roa
File: mnPTTVGOpr_NSJp6KwmGyXZlo60.roa (raw, json)
Hash identifier: RXreGIJGkOwnOPLdbGPnaQOS9rEgcPHKW436W+SifOg=
Subject key identifier: 9A:73:D3:4D:51:8E:A6:BF:CD:48:9A:7A:2B:09:86:C9:76:65:A3:AD
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 3A6C6D83
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/mnPTTVGOpr_NSJp6KwmGyXZlo60.roa
Signing time: Sat 01 Jan 2022 04:51:50 +0000
ROA not before: Sat 01 Jan 2022 04:51:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35281
IP address blocks: 195.136.198.0/24 maxlen: 24
195.136.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980184451 (0x3a6c6d83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 04:51:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a73d34d518ea6bfcd489a7a2b0986c97665a3ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7d:1c:c2:65:62:6d:36:f8:75:21:a6:26:df:
12:e2:e5:2f:5e:ae:27:21:87:41:65:dc:13:6f:df:
ab:3a:6c:f0:48:75:94:6f:29:7a:a2:d5:c9:45:d4:
72:98:78:08:13:53:29:80:a6:c5:1b:c4:ba:9f:ac:
42:cc:75:62:d4:c8:ac:18:da:20:5e:d4:02:e0:cc:
48:64:cb:ed:63:0f:0f:44:83:f1:6e:e4:06:a0:bd:
68:e0:ce:85:45:f3:d2:7b:6f:cf:87:4c:10:e9:e5:
b1:89:c8:5b:44:1a:7e:74:bd:2d:cd:7d:d7:d5:8c:
4d:ae:8c:ed:fc:54:4d:19:bd:d0:23:19:29:67:bb:
0d:81:89:16:ed:20:7d:66:b9:56:09:9a:5b:6c:17:
7e:ee:6a:7f:9f:08:66:bc:83:2c:15:34:00:93:58:
da:46:ad:5a:7a:d3:ab:5f:1d:b2:55:45:24:66:c3:
72:96:e8:f6:cd:b1:a1:a5:34:b4:1e:7e:44:5a:f1:
27:09:f2:38:13:d2:27:3f:3d:21:fc:0f:e3:c7:ad:
24:f8:9f:ec:87:00:06:44:da:cf:f8:22:a2:22:a8:
74:fd:34:24:12:f2:6d:cf:70:ee:39:04:b4:43:01:
16:cb:b0:7c:cf:9c:a0:d2:b5:6a:51:8a:70:ad:c0:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:73:D3:4D:51:8E:A6:BF:CD:48:9A:7A:2B:09:86:C9:76:65:A3:AD
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/mnPTTVGOpr_NSJp6KwmGyXZlo60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.198.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:07:34:25:7c:3d:00:56:33:e0:90:96:ea:20:39:10:e5:93:
ed:d6:67:6c:69:83:84:ea:92:ef:c0:c4:a4:14:bd:b1:13:e5:
ec:3e:63:c4:5a:7c:06:36:04:25:67:b7:97:d8:65:04:e0:32:
e1:e2:70:b3:4e:cd:df:3f:d1:68:c7:b8:05:1b:41:76:8e:4b:
4c:ce:31:68:5c:7f:98:98:16:65:29:6c:72:8b:82:99:9d:e6:
51:ea:09:2f:f2:ef:6b:b5:c3:e1:4a:d2:90:20:0a:f6:27:de:
3a:f0:d6:b3:5c:de:2e:51:04:16:2f:d1:eb:9b:15:a4:5a:52:
62:e5:73:6a:48:ff:bd:66:a3:db:38:ba:46:0d:49:33:d9:c0:
81:25:fc:88:77:e0:f6:88:f1:62:82:62:86:b8:25:91:0a:d7:
62:3d:b9:69:ab:4b:88:b5:09:25:92:54:0e:32:39:58:f9:3f:
b2:fc:2c:e7:c3:94:56:ae:c6:43:aa:a5:b1:76:2f:05:b3:2d:
c0:16:fa:3e:29:fc:81:58:34:9c:95:d6:d7:fb:d3:f1:24:60:
0e:4a:b9:49:a0:3d:a7:95:cc:87:07:d3:2e:f5:ba:3b:f7:1d:
ad:c9:fc:47:27:54:81:3c:89:55:2f:c8:45:b7:b7:f2:c0:b9:
1b:66:29:ff
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOmxtgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDY4MzRlNjg4OTBmMzk4NmExYjA0NTdjZTBmNTRhZTAzYzJkNzZiMB4XDTIyMDEw
MTA0NTE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE3M2QzNGQ1MThl
YTZiZmNkNDg5YTdhMmIwOTg2Yzk3NjY1YTNhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJR9HMJlYm02+HUhpibfEuLlL16uJyGHQWXcE2/fqzps8Eh1
lG8peqLVyUXUcph4CBNTKYCmxRvEup+sQsx1YtTIrBjaIF7UAuDMSGTL7WMPD0SD
8W7kBqC9aODOhUXz0ntvz4dMEOnlsYnIW0QafnS9Lc1919WMTa6M7fxUTRm90CMZ
KWe7DYGJFu0gfWa5VgmaW2wXfu5qf58IZryDLBU0AJNY2katWnrTq18dslVFJGbD
cpbo9s2xoaU0tB5+RFrxJwnyOBPSJz89IfwP48etJPif7IcABkTaz/gioiKodP00
JBLybc9w7jkEtEMBFsuwfM+coNK1alGKcK3AHSkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSac9NNUY6mv81ImnorCYbJdmWjrTAfBgNVHSMEGDAWgBRUaDTmiJDzmGob
BFfOD1SuA8LXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZHZzA1b2lRODVocUd3Ulh6ZzlVcmdQQzEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8x
L21uUFRUVkdPcHJfTlNKcDZLd21HeVhabG82MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8xL1ZHZzA1b2lRODVo
cUd3Ulh6ZzlVcmdQQzEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcOIxjANBgkqhkiG9w0BAQsFAAOC
AQEAwwc0JXw9AFYz4JCW6iA5EOWT7dZnbGmDhOqS78DEpBS9sRPl7D5jxFp8BjYE
JWe3l9hlBOAy4eJws07N3z/RaMe4BRtBdo5LTM4xaFx/mJgWZSlscouCmZ3mUeoJ
L/Lva7XD4UrSkCAK9ifeOvDWs1zeLlEEFi/R65sVpFpSYuVzakj/vWaj2zi6Rg1J
M9nAgSX8iHfg9ojxYoJihrglkQrXYj25aatLiLUJJZJUDjI5WPk/svws58OUVq7G
Q6qlsXYvBbMtwBb6Pin8gVg0nJXW1/vT8SRgDkq5SaA9p5XMhwfTLvW6O/cdrcn8
RydUgTyJVS/IRbe38sC5G2Yp/w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:21 2023 by rpki-client on console-fra.rpki-client.org