Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/MwAKTWkNE54px-dLlvcxth2jCwA.roa
File: MwAKTWkNE54px-dLlvcxth2jCwA.roa (raw, json)
Hash identifier: Tlj09zm1NHn/J5jqKagwFWlpkIPeP17wTsZVEh4DjVM=
Subject key identifier: 33:00:0A:4D:69:0D:13:9E:29:C7:E7:4B:96:F7:31:B6:1D:A3:0B:00
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 3A81B3A7
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/MwAKTWkNE54px-dLlvcxth2jCwA.roa
Signing time: Sat 01 Jan 2022 06:00:00 +0000
ROA not before: Sat 01 Jan 2022 06:00:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47147
IP address blocks: 213.227.190.0/24 maxlen: 32
144.208.208.0/22 maxlen: 32
2a00:11c0:48::/48 maxlen: 128
2a00:11c0:47::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981578663 (0x3a81b3a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 06:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33000a4d690d139e29c7e74b96f731b61da30b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:44:c5:ae:bf:70:ac:2a:fb:9f:a4:53:fe:28:
89:23:2b:22:63:52:bb:3f:ee:14:69:d3:c4:34:e9:
ee:68:9d:84:b7:85:b7:7f:c3:68:05:70:da:47:17:
5a:11:6e:10:bc:a9:65:b2:f8:75:ea:dc:ba:b0:a0:
02:8c:6e:75:52:27:3b:ef:74:35:f1:42:4b:e2:71:
07:4c:a1:e6:a3:50:af:5e:e1:7f:2a:cf:d7:68:1a:
b3:08:a2:b3:c2:f6:c8:0a:a8:8d:11:6a:12:9e:8a:
b7:e0:14:4a:fd:6b:11:16:1e:7d:45:e9:21:7d:96:
78:c3:8a:b7:a3:da:99:b7:80:51:09:7f:d4:fa:e2:
eb:6d:c2:71:37:dd:83:2f:62:47:07:5e:9e:0f:92:
64:58:e6:ed:59:62:bc:ed:91:6d:a2:59:c5:3b:3f:
ff:1d:a2:c3:b7:3c:f3:54:c7:fb:ce:89:15:25:43:
16:70:8f:dc:72:4e:53:18:38:73:26:f1:01:c4:a8:
3c:49:fa:b8:8a:17:ef:60:1e:09:c6:15:ca:99:e0:
0f:c1:93:a9:98:0f:94:2d:bd:2b:ce:01:79:95:6a:
39:71:dd:9f:fd:1e:f3:9b:80:63:1e:c4:00:fd:e5:
2f:d6:ca:62:a3:27:72:98:47:d9:d2:e7:70:00:b3:
60:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:00:0A:4D:69:0D:13:9E:29:C7:E7:4B:96:F7:31:B6:1D:A3:0B:00
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/MwAKTWkNE54px-dLlvcxth2jCwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.208.0/22
213.227.190.0/24
IPv6:
2a00:11c0:47::-2a00:11c0:48:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:36:ce:c1:8f:00:06:70:d2:7f:9e:a8:cf:a1:b3:15:63:94:
45:50:d5:fc:03:ab:ce:31:fb:d3:b0:f2:d1:16:4e:89:30:83:
5f:d8:56:78:88:92:6b:aa:f8:3c:64:70:67:7a:6f:ac:6f:08:
b9:ce:df:86:15:3a:91:8b:16:82:b2:c0:64:26:aa:17:19:f7:
8b:4d:e5:07:bb:9e:45:5c:17:ef:73:45:58:83:48:32:27:58:
85:48:fb:7e:e0:13:e4:8b:8f:8e:97:4d:ce:f8:77:67:d6:85:
db:c5:85:e1:a9:62:5b:59:16:6e:0b:65:6c:22:10:d5:e2:f6:
f3:25:82:8c:a2:be:40:ba:a3:d4:b5:64:68:26:6e:4e:a4:62:
87:14:cf:d3:b3:1e:ed:13:c7:01:85:9d:13:17:8a:23:62:77:
e0:a4:79:10:ed:e0:ab:06:30:b2:66:f6:6d:4a:c5:ef:ae:7e:
b0:7e:d0:2b:46:64:4f:a6:d0:c1:c2:9d:d6:de:f0:b0:5e:47:
49:7b:dd:e5:c4:d1:cf:5f:94:45:1d:c9:f7:6c:ff:53:a6:0b:
df:ac:36:a3:a5:d5:c1:86:22:70:3c:f6:ff:af:96:ae:b9:55:
7f:de:be:71:53:fb:fa:2b:86:1e:83:00:40:94:5f:c5:dd:09:
e8:0b:f0:70
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEOoGzpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTM5YWZlYmFjZTg5OWE4ZWUwYmI0ZjhiYjQ0NzVmZTI0N2ExNTI4MB4XDTIyMDEw
MTA2MDAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzMwMDBhNGQ2OTBk
MTM5ZTI5YzdlNzRiOTZmNzMxYjYxZGEzMGIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBExa6/cKwq+5+kU/4oiSMrImNSuz/uFGnTxDTp7midhLeF
t3/DaAVw2kcXWhFuELypZbL4dercurCgAoxudVInO+90NfFCS+JxB0yh5qNQr17h
fyrP12gaswiis8L2yAqojRFqEp6Kt+AUSv1rERYefUXpIX2WeMOKt6PambeAUQl/
1Pri623CcTfdgy9iRwdeng+SZFjm7VlivO2RbaJZxTs//x2iw7c881TH+86JFSVD
FnCP3HJOUxg4cybxAcSoPEn6uIoX72AeCcYVypngD8GTqZgPlC29K84BeZVqOXHd
n/0e85uAYx7EAP3lL9bKYqMncphH2dLncACzYLMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQzAApNaQ0TninH50uW9zG2HaMLADAfBgNVHSMEGDAWgBSlOa/rrOiZqO4L
tPi7RHX+JHoVKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BUbXY2NnpvbWFqdUM3VDR1MFIxX2lSNkZTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8x
L013QUtUV2tORTU0cHgtZExsdmN4dGgyakN3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8xL3BUbXY2NnpvbWFq
dUM3VDR1MFIxX2lSNkZTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwEgQCAAEwDAMEApDQ0AMEANXjvjAaBAIAAjAUMBID
BwAqABHAAEcDBwAqABHAAEgwDQYJKoZIhvcNAQELBQADggEBAAU2zsGPAAZw0n+e
qM+hsxVjlEVQ1fwDq84x+9Ow8tEWTokwg1/YVniIkmuq+DxkcGd6b6xvCLnO34YV
OpGLFoKywGQmqhcZ94tN5Qe7nkVcF+9zRViDSDInWIVI+37gE+SLj46XTc74d2fW
hdvFheGpYltZFm4LZWwiENXi9vMlgoyivkC6o9S1ZGgmbk6kYocUz9OzHu0TxwGF
nRMXiiNid+CkeRDt4KsGMLJm9m1Kxe+ufrB+0CtGZE+m0MHCndbe8LBeR0l73eXE
0c9flEUdyfds/1OmC9+sNqOl1cGGInA89v+vlq65VX/evnFT+/orhh6DAECUX8Xd
CegL8HA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:50 2024 by rpki-client on console-ams.rpki-client.org