Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/mkhhdeEoke72ZRb7uwr1pJ0Ecbg.roa
File: mkhhdeEoke72ZRb7uwr1pJ0Ecbg.roa (raw, json)
Hash identifier: EEO/eRL29Ghyj7kPiAWqZanl6sLC/DFL366YhPDMb4g=
Subject key identifier: 9A:48:61:75:E1:28:91:EE:F6:65:16:FB:BB:0A:F5:A4:9D:04:71:B8
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0184E63A9026C1D71D39D484EB5BA98AF346
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/mkhhdeEoke72ZRb7uwr1pJ0Ecbg.roa
Signing time: Tue 06 Dec 2022 06:58:28 +0000
ROA not before: Tue 06 Dec 2022 06:58:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197540
IP address blocks: 185.232.68.0/22 maxlen: 22
188.172.228.0/23 maxlen: 24
194.36.144.0/22 maxlen: 22
193.26.156.0/22 maxlen: 22
94.16.30.0/23 maxlen: 23
2a00:11c0:60::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:3a:90:26:c1:d7:1d:39:d4:84:eb:5b:a9:8a:f3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Dec 6 06:58:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a486175e12891eef66516fbbb0af5a49d0471b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2a:66:b0:04:4c:a9:18:30:9d:f3:b9:d6:ae:
9d:3b:09:22:ac:3a:17:6a:99:57:8a:3e:39:46:25:
f6:4b:e2:88:05:90:78:61:f6:9c:cd:66:e5:91:71:
41:45:bd:a9:f9:cb:c6:60:79:6c:8a:55:a8:d8:a7:
64:c8:f4:f5:02:73:ba:a9:45:49:74:15:47:a9:84:
25:fb:83:83:cc:55:6e:5d:f7:90:4b:50:ac:ff:6d:
06:9c:12:0f:d7:c6:b3:c9:5c:67:7c:b3:3d:e4:fe:
43:03:88:ab:0e:22:39:af:19:01:91:6d:aa:24:f4:
c0:a3:8d:32:2c:36:77:5f:a5:05:b4:e8:45:93:c3:
cc:4b:da:3a:bd:b9:91:c1:58:1c:81:72:b6:22:8b:
a0:c2:e4:d7:d8:bb:91:85:22:9b:ed:7e:f1:58:b5:
cc:b1:1b:99:4c:29:50:af:12:d0:10:2e:ca:6a:7a:
16:4b:f7:3b:ea:3a:10:83:a6:b9:90:22:3f:bd:50:
1b:24:28:d4:49:c6:53:62:25:e2:43:4c:1e:52:cb:
d7:68:b1:e1:17:44:98:81:dd:22:e1:4b:bc:dd:aa:
c8:06:25:63:00:66:be:df:3e:d5:f0:30:db:9f:64:
57:95:e7:90:62:ee:ec:4c:ed:25:3b:3e:1f:02:c1:
3a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:48:61:75:E1:28:91:EE:F6:65:16:FB:BB:0A:F5:A4:9D:04:71:B8
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/mkhhdeEoke72ZRb7uwr1pJ0Ecbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.30.0/23
185.232.68.0/22
188.172.228.0/23
193.26.156.0/22
194.36.144.0/22
IPv6:
2a00:11c0:60::/48
Signature Algorithm: sha256WithRSAEncryption
58:86:5b:c2:70:4e:3d:6c:e6:e4:d2:59:b2:09:ec:9e:86:74:
1e:e1:c7:21:56:c4:5b:b7:a4:3e:0d:05:d0:bb:42:84:5f:52:
2d:57:f8:9f:44:a7:af:a5:3b:f4:37:d3:10:56:3d:b8:a9:05:
b7:ff:c1:c4:36:b1:b3:cf:6e:38:df:92:fa:2c:24:6b:38:08:
24:6f:7d:9f:e3:d8:24:8d:64:6e:f1:dc:d6:73:bb:0b:fa:b6:
00:b0:d6:1c:b6:15:70:4e:b2:b0:ec:57:de:cb:d7:b3:f6:cd:
a5:83:49:11:4b:f7:27:3a:f2:1e:18:98:68:2e:57:01:5e:2f:
66:e6:1d:20:8f:63:b3:96:3d:82:fc:36:35:c1:f7:43:11:b5:
17:be:92:86:ea:fa:a2:07:2f:10:f5:5b:cc:53:8d:a6:f8:ae:
08:c8:fa:95:ed:0f:af:a9:b7:b0:be:8b:c8:de:8c:ee:50:21:
9f:cc:cd:32:9f:8d:ee:44:a0:76:ad:08:29:64:6d:17:91:45:
a7:cd:91:6e:96:f4:ab:2e:35:d2:5f:20:cf:5f:83:48:97:48:
1a:8a:de:d9:82:72:24:0a:e6:2d:ad:3f:a6:ea:e9:17:02:d8:
6c:9a:72:c3:19:79:07:b4:4e:a9:12:58:56:27:7b:6c:de:1e:
48:90:ad:ef
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYTmOpAmwdcdOdSE61upivNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjIxMjA2MDY1ODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ4NjE3NWUxMjg5MWVlZjY2NTE2ZmJiYjBhZjVhNDlkMDQ3MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCpmsARMqRgwnfO51q6dOwkirDoX
aplXij45RiX2S+KIBZB4YfaczWblkXFBRb2p+cvGYHlsilWo2KdkyPT1AnO6qUVJ
dBVHqYQl+4ODzFVuXfeQS1Cs/20GnBIP18azyVxnfLM95P5DA4irDiI5rxkBkW2q
JPTAo40yLDZ3X6UFtOhFk8PMS9o6vbmRwVgcgXK2IougwuTX2LuRhSKb7X7xWLXM
sRuZTClQrxLQEC7KanoWS/c76joQg6a5kCI/vVAbJCjUScZTYiXiQ0weUsvXaLHh
F0SYgd0i4Uu83arIBiVjAGa+3z7V8DDbn2RXleeQYu7sTO0lOz4fAsE6TwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJpIYXXhKJHu9mUW+7sK9aSdBHG4MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvbWtoaGRlRW9rZTcyWlJiN3V3cjFwSjBFY2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBXhAeAwQC
uehEAwQBvKzkAwQCwRqcAwQCwiSQMA8EAgACMAkDBwAqABHAAGAwDQYJKoZIhvcN
AQELBQADggEBAFiGW8JwTj1s5uTSWbIJ7J6GdB7hxyFWxFu3pD4NBdC7QoRfUi1X
+J9Ep6+lO/Q30xBWPbipBbf/wcQ2sbPPbjjfkvosJGs4CCRvfZ/j2CSNZG7x3NZz
uwv6tgCw1hy2FXBOsrDsV97L17P2zaWDSRFL9yc68h4YmGguVwFeL2bmHSCPY7OW
PYL8NjXB90MRtRe+kobq+qIHLxD1W8xTjab4rgjI+pXtD6+pt7C+i8jejO5QIZ/M
zTKfje5EoHatCClkbReRRafNkW6W9KsuNdJfIM9fg0iXSBqK3tmCciQK5i2tP6bq
6RcC2GyacsMZeQe0TqkSWFYne2zeHkiQre8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:51 2024 by rpki-client on console-ams.rpki-client.org