Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/mW0lX4q_B1wP9rAyZ9qB34QBC0c.roa
File: mW0lX4q_B1wP9rAyZ9qB34QBC0c.roa (raw, json)
Hash identifier: dLNEnohXWyC+YbT1XPrT177HjW4XSad6ObLX+lVch8s=
Subject key identifier: 99:6D:25:5F:8A:BF:07:5C:0F:F6:B0:32:67:DA:81:DF:84:01:0B:47
Certificate issuer: /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial: 057538D3
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/mW0lX4q_B1wP9rAyZ9qB34QBC0c.roa
Signing time: Sat 01 Jan 2022 09:00:20 +0000
ROA not before: Sat 01 Jan 2022 09:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198537
IP address blocks: 45.159.238.0/24 maxlen: 24
45.159.239.0/24 maxlen: 24
45.159.237.0/24 maxlen: 24
45.159.236.0/24 maxlen: 24
45.159.236.0/22 maxlen: 22
185.146.55.0/24 maxlen: 24
185.146.53.0/24 maxlen: 24
185.146.54.0/24 maxlen: 24
185.146.52.0/24 maxlen: 24
77.83.42.0/24 maxlen: 24
77.83.43.0/24 maxlen: 24
77.83.40.0/24 maxlen: 24
77.83.41.0/24 maxlen: 24
37.221.102.0/24 maxlen: 24
37.221.103.0/24 maxlen: 24
37.221.100.0/24 maxlen: 24
37.221.101.0/24 maxlen: 24
2a07:4bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91568339 (0x57538d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
Validity
Not Before: Jan 1 09:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=996d255f8abf075c0ff6b03267da81df84010b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fb:70:dd:dc:d3:65:59:8a:34:3a:1e:c6:6a:
17:05:80:0f:62:26:87:86:3d:58:18:95:dd:8a:65:
84:41:24:77:21:26:fe:3f:7d:f2:14:e9:a1:71:f5:
c6:b6:6c:ed:39:56:bd:da:ec:2a:ba:25:63:5c:ae:
e9:52:14:71:7d:6c:f4:ab:e2:2c:f7:bd:8b:1b:7d:
5d:bd:d8:f8:de:86:b1:24:b2:3a:5d:da:0e:ef:3a:
98:5f:6d:58:1d:3b:6f:09:81:ce:56:d0:32:6b:77:
56:8d:71:61:a1:c4:8c:e2:4f:29:78:ab:16:20:a9:
4c:f5:63:48:47:95:d5:e7:2a:2e:44:16:a5:dc:8a:
6c:1d:67:f4:d7:46:22:04:db:ec:cc:35:fd:ce:40:
1a:d9:ae:ac:1d:01:88:9a:2b:7f:8d:13:0c:d5:29:
5f:2e:87:48:54:a5:b4:de:dd:9e:5f:66:cd:99:32:
79:2f:3b:d5:2f:87:9c:4b:9e:56:de:ff:8c:e5:e1:
97:9f:47:01:20:d1:40:a8:f7:70:00:91:18:7d:8c:
31:98:ab:44:75:fd:b6:b7:7c:70:8f:a0:23:a3:5a:
56:51:54:27:1b:e6:42:eb:66:7b:14:19:99:34:b0:
5a:ca:6a:6e:c1:94:cf:61:f0:2f:eb:4a:c3:3b:45:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6D:25:5F:8A:BF:07:5C:0F:F6:B0:32:67:DA:81:DF:84:01:0B:47
X509v3 Authority Key Identifier:
keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/mW0lX4q_B1wP9rAyZ9qB34QBC0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.100.0/22
45.159.236.0/22
77.83.40.0/22
185.146.52.0/22
IPv6:
2a07:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
90:2c:6b:d6:8d:74:91:51:3f:c2:f4:db:0f:42:b9:2c:28:2e:
fb:d7:98:1a:2e:fa:ac:c0:89:04:3b:42:44:f1:7f:e6:62:80:
9d:e5:b4:d0:d4:4c:7f:20:7d:90:51:aa:25:e7:b1:20:a5:78:
0c:21:f5:4a:71:cd:3f:0e:68:e6:36:b3:f0:5a:45:86:e3:7e:
b8:65:32:35:fd:db:87:96:60:9b:1b:42:d2:a7:0f:34:f0:df:
a9:52:de:5c:d0:11:a0:94:7e:91:50:97:41:81:81:05:f9:75:
9f:f1:31:88:be:51:d7:12:74:59:c4:c2:65:f3:e2:cd:e7:6f:
12:ff:42:39:38:f6:cf:88:1e:a3:b2:a4:e9:26:14:cd:25:bc:
ff:ac:c4:41:28:39:71:a8:e7:db:8a:c1:ae:2b:f4:4a:bd:dc:
c5:b9:b3:34:d2:a1:6d:2b:5a:3f:d6:93:41:ff:d9:a3:e8:f9:
c6:c4:58:de:c0:1f:30:d9:81:6b:06:06:e6:ad:0e:be:c0:7c:
d4:eb:d6:67:5c:a0:c1:bf:8d:b7:85:41:06:85:ee:a6:10:b7:
ab:e4:d4:46:5d:d2:19:b5:3d:c6:e0:9a:02:d4:6d:9d:e5:56:
62:f6:5c:b9:e1:7e:48:c1:6d:01:97:23:ca:1a:e1:cd:45:02:
b5:b2:df:a7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBXU40zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmJjYWUyYjI5MGM4MDFkNTdkMDlkMDI1YTkzNDhlMTY3MDZmMTgyMB4XDTIyMDEw
MTA5MDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk2ZDI1NWY4YWJm
MDc1YzBmZjZiMDMyNjdkYTgxZGY4NDAxMGI0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIv7cN3c02VZijQ6HsZqFwWAD2Imh4Y9WBiV3YplhEEkdyEm
/j998hTpoXH1xrZs7TlWvdrsKrolY1yu6VIUcX1s9KviLPe9ixt9Xb3Y+N6GsSSy
Ol3aDu86mF9tWB07bwmBzlbQMmt3Vo1xYaHEjOJPKXirFiCpTPVjSEeV1ecqLkQW
pdyKbB1n9NdGIgTb7Mw1/c5AGtmurB0BiJorf40TDNUpXy6HSFSltN7dnl9mzZky
eS871S+HnEueVt7/jOXhl59HASDRQKj3cACRGH2MMZirRHX9trd8cI+gI6NaVlFU
JxvmQutmexQZmTSwWspqbsGUz2HwL+tKwztFUiMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSZbSVfir8HXA/2sDJn2oHfhAELRzAfBgNVHSMEGDAWgBT/vK4rKQyAHVfQ
nQJak0jhZwbxgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L183eXVLeWtNZ0IxWDBKMENXcE5JNFdjRzhZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNTliY2QxLTFlMGItNDg1ZC05NTEwLTA5NmFmNDc4ZjA0Yi8x
L21XMGxYNHFfQjF3UDlyQXlaOXFCMzRRQkMwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NTliY2QxLTFlMGItNDg1ZC05NTEwLTA5NmFmNDc4ZjA0Yi8xL183eXVLeWtNZ0Ix
WDBKMENXcE5JNFdjRzhZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAiXdZAMEAi2f7AMEAk1TKAMEArmS
NDANBAIAAjAHAwUDKgdLwDANBgkqhkiG9w0BAQsFAAOCAQEAkCxr1o10kVE/wvTb
D0K5LCgu+9eYGi76rMCJBDtCRPF/5mKAneW00NRMfyB9kFGqJeexIKV4DCH1SnHN
Pw5o5jaz8FpFhuN+uGUyNf3bh5ZgmxtC0qcPNPDfqVLeXNARoJR+kVCXQYGBBfl1
n/ExiL5R1xJ0WcTCZfPizedvEv9COTj2z4geo7Kk6SYUzSW8/6zEQSg5cajn24rB
riv0Sr3cxbmzNNKhbStaP9aTQf/Zo+j5xsRY3sAfMNmBawYG5q0OvsB81OvWZ1yg
wb+Nt4VBBoXuphC3q+TURl3SGbU9xuCaAtRtneVWYvZcueF+SMFtAZcjyhrhzUUC
tbLfpw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:25 2023 by rpki-client on console-fra.rpki-client.org