Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MBFzff8u8tYr6LXpchJ57BNU2aU.roa
File: MBFzff8u8tYr6LXpchJ57BNU2aU.roa (raw, json)
Hash identifier: u/ffnUKO80gWNWDeIlJf2ah3qq35MLTqihAvFzGM+Y8=
Subject key identifier: 30:11:73:7D:FF:2E:F2:D6:2B:E8:B5:E9:72:12:79:EC:13:54:D9:A5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183B65CD9959AA9B84FA0FFC3D4BE343996
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MBFzff8u8tYr6LXpchJ57BNU2aU.roa
Signing time: Sat 08 Oct 2022 06:51:21 +0000
ROA not before: Sat 08 Oct 2022 06:51:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
92.114.44.0/22 maxlen: 24
149.126.92.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b6:5c:d9:95:9a:a9:b8:4f:a0:ff:c3:d4:be:34:39:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 8 06:51:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3011737dff2ef2d62be8b5e9721279ec1354d9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:86:91:65:91:99:a6:40:d3:8f:ce:58:80:
a2:92:ad:2c:46:18:64:cd:27:5a:f0:81:44:3e:bc:
0f:d8:3c:72:40:8c:b1:b8:7e:b7:21:b8:57:ea:c8:
18:b9:1c:bf:8a:27:38:31:6b:b4:75:2c:38:e1:df:
f6:02:4e:6f:eb:1e:4b:11:8e:b6:b3:45:da:a2:77:
86:00:d2:5b:a6:4a:d3:21:03:b3:94:88:0f:3b:3b:
1a:00:25:0e:20:56:7e:cf:6c:71:b5:32:3e:71:87:
ea:c9:8a:30:09:02:d5:1a:f1:f0:c2:4c:72:27:75:
96:2b:95:46:78:ee:0a:00:ad:cf:ed:a0:f4:b8:af:
66:69:4e:44:96:5b:f5:19:4e:f9:f6:34:ca:7d:b3:
93:fa:fd:7c:5c:6a:17:d4:29:6f:8c:85:fb:cd:82:
39:b6:70:c3:6e:c4:65:ff:4f:d2:af:ec:2a:30:d5:
a2:c1:e4:bb:5e:2e:8b:a3:59:73:df:a2:50:f9:76:
6d:76:e6:4d:f6:3c:83:b4:22:e0:cb:4e:3f:ab:2e:
1b:3a:b8:df:ed:80:3a:c9:43:0f:b2:24:a2:58:d7:
86:40:16:4d:ba:65:ce:77:a1:2f:32:ee:7c:25:cb:
3e:42:b8:94:6c:d1:31:0c:86:27:d8:09:8d:cf:5b:
d9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:11:73:7D:FF:2E:F2:D6:2B:E8:B5:E9:72:12:79:EC:13:54:D9:A5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MBFzff8u8tYr6LXpchJ57BNU2aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
82.163.168.0/22
92.114.40.0/21
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:7b:f5:d6:a6:e2:3f:4c:00:11:10:f7:46:5f:d5:32:87:c2:
44:ab:21:8f:61:ca:1b:6e:8b:41:05:32:5b:34:da:c9:1b:1e:
de:22:21:ad:b8:37:cf:f0:64:0a:fe:7e:9b:b1:8e:af:d1:e4:
b6:06:9c:f3:33:0b:84:68:b8:a3:f7:c8:d8:df:52:4e:c9:c0:
22:2b:50:10:d4:21:51:fd:04:f3:7b:fc:ad:ed:90:42:f7:1f:
f6:3b:b7:66:db:f5:20:ef:2a:21:9c:b4:25:a7:b6:d7:d5:35:
df:f1:3d:e3:1b:a3:23:65:0f:eb:35:fa:24:9b:ff:5f:31:b0:
c4:f3:99:a6:6e:9a:4c:58:28:47:8d:43:f3:7c:d0:51:83:28:
96:94:6b:36:dd:5f:90:55:f9:82:dc:3b:dc:2c:63:4e:99:bb:
7d:73:3d:6f:37:25:b8:ed:86:6f:94:d2:58:f5:78:46:a0:7b:
02:09:10:34:f2:8a:73:05:e5:07:29:6f:ed:bb:fd:9f:42:3f:
db:17:1c:c0:7a:c1:e1:2b:af:37:18:6d:83:e2:dc:ff:18:2b:
03:96:7d:06:76:89:35:67:e1:44:de:8b:1d:4b:70:25:7b:b7:
5d:c5:40:2b:9d:10:c6:a5:0c:c7:5f:3a:92:af:68:61:51:24:
d1:e9:5c:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYO2XNmVmqm4T6D/w9S+NDmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDA4MDY1MTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDExNzM3ZGZmMmVmMmQ2MmJlOGI1ZTk3MjEyNzllYzEzNTRkOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlniGkWWRmaZA04/OWICikq0sRhhk
zSda8IFEPrwP2DxyQIyxuH63IbhX6sgYuRy/iic4MWu0dSw44d/2Ak5v6x5LEY62
s0XaoneGANJbpkrTIQOzlIgPOzsaACUOIFZ+z2xxtTI+cYfqyYowCQLVGvHwwkxy
J3WWK5VGeO4KAK3P7aD0uK9maU5Ellv1GU759jTKfbOT+v18XGoX1ClvjIX7zYI5
tnDDbsRl/0/Sr+wqMNWiweS7Xi6Lo1lz36JQ+XZtduZN9jyDtCLgy04/qy4bOrjf
7YA6yUMPsiSiWNeGQBZNumXOd6EvMu58Jcs+QriUbNExDIYn2AmNz1vZMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDARc33/LvLWK+i16XISeewTVNmlMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTUJGemZmOHU4dFlyNkxYcGNoSjU3Qk5VMmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQC
UqOoAwQDXHIoAwQClX5cMA0GCSqGSIb3DQEBCwUAA4IBAQAfe/XWpuI/TAAREPdG
X9Uyh8JEqyGPYcobbotBBTJbNNrJGx7eIiGtuDfP8GQK/n6bsY6v0eS2BpzzMwuE
aLij98jY31JOycAiK1AQ1CFR/QTze/yt7ZBC9x/2O7dm2/Ug7yohnLQlp7bX1TXf
8T3jG6MjZQ/rNfokm/9fMbDE85mmbppMWChHjUPzfNBRgyiWlGs23V+QVfmC3Dvc
LGNOmbt9cz1vNyW47YZvlNJY9XhGoHsCCRA08opzBeUHKW/tu/2fQj/bFxzAesHh
K683GG2D4tz/GCsDln0Gdok1Z+FE3osdS3Ale7ddxUArnRDGpQzHXzqSr2hhUSTR
6VzK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org