Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/mt7zYj9A_qswsLc9OjFC9weLcco.roa
File: mt7zYj9A_qswsLc9OjFC9weLcco.roa (raw, json)
Hash identifier: yHbbx1DaaaDrmVyt7JvuVhWna0KyLmNu/VKbzL19CEY=
Subject key identifier: 9A:DE:F3:62:3F:40:FE:AB:30:B0:B7:3D:3A:31:42:F7:07:8B:71:CA
Certificate issuer: /CN=d9d1e220b601b67fe30cbb7b7c1bf22fbe22fb4f
Certificate serial: 0184856ADDA8562049F44ECF25E6C4176629
Authority key identifier: D9:D1:E2:20:B6:01:B6:7F:E3:0C:BB:7B:7C:1B:F2:2F:BE:22:FB:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/mt7zYj9A_qswsLc9OjFC9weLcco.roa
Signing time: Thu 17 Nov 2022 11:48:04 +0000
ROA not before: Thu 17 Nov 2022 11:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62104
IP address blocks: 185.47.213.0/24 maxlen: 24
185.47.212.0/22 maxlen: 22
185.47.212.0/24 maxlen: 24
185.47.215.0/24 maxlen: 24
185.47.214.0/24 maxlen: 24
185.67.76.0/24 maxlen: 24
185.67.76.0/22 maxlen: 22
185.67.78.0/24 maxlen: 24
185.67.77.0/24 maxlen: 24
185.67.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:6a:dd:a8:56:20:49:f4:4e:cf:25:e6:c4:17:66:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d1e220b601b67fe30cbb7b7c1bf22fbe22fb4f
Validity
Not Before: Nov 17 11:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9adef3623f40feab30b0b73d3a3142f7078b71ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b9:be:c9:cd:5c:cc:df:5d:c5:bc:16:bc:96:
f5:55:af:89:0f:aa:ef:7a:f2:80:04:b5:de:57:4b:
60:de:e2:f3:4d:a2:a2:d9:7c:80:52:d8:79:c8:b4:
e4:a8:ce:a0:ec:b6:b4:b2:76:80:07:b1:98:e2:aa:
d1:2f:85:a3:3b:d1:cd:56:04:57:3d:77:e6:2b:71:
d3:72:ea:5d:58:01:5a:17:3c:f7:a6:af:fe:0a:d2:
38:3c:b7:d0:bd:69:7e:f9:b6:b6:b4:ee:bb:6f:11:
09:fd:42:bb:28:62:38:f9:44:03:1e:a0:20:83:4f:
22:4d:8f:15:77:16:3a:b3:48:d2:ed:e8:71:e2:4e:
a7:a3:76:b8:16:d6:73:90:5a:15:9c:d9:66:b8:db:
8f:d4:f5:43:02:ac:78:95:bd:a4:13:9b:aa:65:ff:
c7:aa:2e:24:1c:2b:6f:ad:cf:f3:18:20:3c:cb:1a:
9c:62:a3:ad:38:1f:03:bd:55:81:d0:de:5a:35:69:
07:56:e0:5c:7a:c8:29:e0:2a:89:c8:76:9b:08:ba:
4f:77:02:3f:03:ed:b1:0a:12:ba:84:f5:b1:69:53:
f2:39:22:86:32:5d:e6:b1:3d:a1:68:63:d3:d7:0d:
09:9b:a2:7a:f7:08:11:09:46:89:84:37:aa:ba:14:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DE:F3:62:3F:40:FE:AB:30:B0:B7:3D:3A:31:42:F7:07:8B:71:CA
X509v3 Authority Key Identifier:
keyid:D9:D1:E2:20:B6:01:B6:7F:E3:0C:BB:7B:7C:1B:F2:2F:BE:22:FB:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/mt7zYj9A_qswsLc9OjFC9weLcco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.212.0/22
185.67.76.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:0f:0d:e4:8a:fe:99:d1:70:d2:00:91:af:39:55:e2:4e:f1:
43:bd:f7:fa:4a:e7:0e:c5:8c:99:44:5a:c4:8c:f9:b1:b1:ea:
5e:17:85:c5:c7:f0:45:fe:c2:29:6e:0a:2a:2c:34:1b:da:a9:
22:7c:e1:ad:92:4d:cd:7b:9b:06:e6:69:57:29:7b:18:40:4c:
13:d8:37:58:a6:16:a0:e7:f4:d9:4d:07:f1:9a:67:dc:08:b4:
68:98:b9:93:32:48:20:e7:37:a0:ae:5d:34:13:9a:ce:de:86:
1c:3d:8e:6c:4d:cd:39:71:18:8a:34:95:29:f2:5c:b3:ec:85:
77:fb:9d:70:e6:fc:0b:21:b3:f7:e3:d7:f9:48:06:5c:cd:88:
ed:b8:75:28:3c:7a:85:7d:06:1d:8a:68:92:35:5f:35:37:73:
30:28:ff:95:e7:ff:71:c1:5f:3a:58:0f:8f:79:68:81:2c:39:
ea:80:cb:c4:3d:fc:55:2f:20:f2:7f:62:21:a4:ed:a5:8f:25:
ca:f0:bd:a8:5b:85:98:0a:64:88:51:3e:9f:9a:04:34:d2:36:
80:db:2d:48:c1:84:e4:07:03:8d:8a:27:fe:c3:f7:ac:e6:83:
3e:04:47:aa:49:f5:9b:bb:1a:97:e1:3e:c6:89:bb:5b:28:f3:
8f:da:3f:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSFat2oViBJ9E7PJebEF2YpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDFlMjIwYjYwMWI2N2ZlMzBjYmI3YjdjMWJmMjJmYmUy
MmZiNGYwHhcNMjIxMTE3MTE0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRlZjM2MjNmNDBmZWFiMzBiMGI3M2QzYTMxNDJmNzA3OGI3MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLm+yc1czN9dxbwWvJb1Va+JD6rv
evKABLXeV0tg3uLzTaKi2XyAUth5yLTkqM6g7La0snaAB7GY4qrRL4WjO9HNVgRX
PXfmK3HTcupdWAFaFzz3pq/+CtI4PLfQvWl++ba2tO67bxEJ/UK7KGI4+UQDHqAg
g08iTY8VdxY6s0jS7ehx4k6no3a4FtZzkFoVnNlmuNuP1PVDAqx4lb2kE5uqZf/H
qi4kHCtvrc/zGCA8yxqcYqOtOB8DvVWB0N5aNWkHVuBcesgp4CqJyHabCLpPdwI/
A+2xChK6hPWxaVPyOSKGMl3msT2haGPT1w0Jm6J69wgRCUaJhDequhS9qQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJre82I/QP6rMLC3PToxQvcHi3HKMB8GA1UdIwQY
MBaAFNnR4iC2AbZ/4wy7e3wb8i++IvtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82NDExOWYtOTY4NC00Mjg0LWIyMzIt
YWYyN2Q3Y2ExYmY2LzEvbXQ3ellqOUFfcXN3c0xjOU9qRkM5d2VMY2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82NDExOWYtOTY4NC00Mjg0LWIyMzItYWYyN2Q3Y2ExYmY2
LzEvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS/UAwQC
uUNMMA0GCSqGSIb3DQEBCwUAA4IBAQBbDw3kiv6Z0XDSAJGvOVXiTvFDvff6SucO
xYyZRFrEjPmxsepeF4XFx/BF/sIpbgoqLDQb2qkifOGtkk3Ne5sG5mlXKXsYQEwT
2DdYphag5/TZTQfxmmfcCLRomLmTMkgg5zegrl00E5rO3oYcPY5sTc05cRiKNJUp
8lyz7IV3+51w5vwLIbP349f5SAZczYjtuHUoPHqFfQYdimiSNV81N3MwKP+V5/9x
wV86WA+PeWiBLDnqgMvEPfxVLyDyf2IhpO2ljyXK8L2oW4WYCmSIUT6fmgQ00jaA
2y1IwYTkBwONiif+w/es5oM+BEeqSfWbuxqX4T7GibtbKPOP2j9L
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org