Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/mkfVbXNJxmk34DncbTl0K9RRUCY.roa
File: mkfVbXNJxmk34DncbTl0K9RRUCY.roa (raw, json)
Hash identifier: NrYeCG5cEmMzLGvdhcYRPE5l/o2XRF2N/01IS93+1gM=
Subject key identifier: 9A:47:D5:6D:73:49:C6:69:37:E0:39:DC:6D:39:74:2B:D4:51:50:26
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 0CFF966D
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/mkfVbXNJxmk34DncbTl0K9RRUCY.roa
Signing time: Sat 01 Jan 2022 02:57:20 +0000
ROA not before: Sat 01 Jan 2022 02:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202909
IP address blocks: 45.155.184.0/22 maxlen: 24
185.151.20.0/22 maxlen: 22
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 23
2a07:7540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218076781 (0xcff966d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Jan 1 02:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a47d56d7349c66937e039dc6d39742bd4515026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3a:86:5c:36:10:5d:c7:05:e7:6c:25:8b:73:
5c:9a:b2:44:09:e9:79:d5:2e:94:2e:5a:03:8a:95:
de:a9:33:31:42:c0:86:40:0a:95:c7:32:15:ee:72:
1b:ff:ae:85:61:e4:9a:d9:2d:f0:e0:a5:07:ee:2f:
1f:4c:31:7d:45:84:a7:8d:d1:8d:ec:b4:e8:6b:e9:
f9:09:f9:12:37:25:2c:56:7b:d6:d6:77:df:1b:91:
d4:8d:b6:f7:6e:ac:30:32:ad:02:22:92:66:d9:a7:
e6:e8:6e:f2:dd:8e:db:dd:c9:59:93:77:69:85:fe:
cf:8a:a1:bc:a3:54:83:27:52:dc:91:f5:9c:32:f1:
53:c0:75:b6:2e:da:fd:b7:be:a9:24:e1:36:6c:e6:
bb:8e:bf:d4:9b:5e:da:4d:86:f0:20:e5:46:6b:13:
5c:15:44:c2:3b:06:16:c0:4d:da:1f:52:d1:f4:f8:
19:53:ef:04:e6:ca:a2:6f:88:36:2b:5c:2b:4e:42:
77:e8:b4:93:3a:e9:36:26:ca:d2:0f:00:67:91:43:
b4:61:2a:2e:8f:14:05:00:be:e7:18:e5:e9:d0:5e:
32:5f:a6:e5:4a:93:59:cf:46:dd:7f:48:b3:e2:ce:
80:a0:61:af:d3:2f:c4:c1:87:f5:21:ea:be:fa:59:
66:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:47:D5:6D:73:49:C6:69:37:E0:39:DC:6D:39:74:2B:D4:51:50:26
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/mkfVbXNJxmk34DncbTl0K9RRUCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
185.151.20.0/22
185.236.164.0-185.236.166.255
IPv6:
2a07:7540::/29
Signature Algorithm: sha256WithRSAEncryption
2b:92:c4:23:db:dd:f8:08:57:9c:ea:5a:2e:58:bb:da:03:25:
ab:a3:30:a8:41:74:f2:8d:71:b5:af:3b:c2:db:28:06:d9:f0:
4b:76:94:f4:28:d6:47:1b:bd:fd:b1:fc:9c:1c:3b:2d:3d:b0:
a3:89:cf:4f:e8:66:62:9d:9a:42:0a:c7:be:35:d1:d2:42:82:
89:45:f0:84:a1:52:87:44:39:6b:e5:34:e5:bc:90:90:44:04:
b6:54:52:1f:05:e3:ab:7a:5c:73:c3:a0:22:92:a4:b7:30:44:
71:46:39:7a:29:8f:09:09:0c:6f:42:01:6c:1d:79:2a:32:46:
8c:de:b7:0d:a6:aa:5a:9a:58:29:55:a1:a5:3d:99:bc:e4:bd:
11:5a:16:bf:08:5b:76:11:a9:86:66:5d:8d:2c:e0:95:59:0f:
af:95:1a:42:2b:68:73:2b:71:98:83:e0:36:83:f6:8e:d1:c0:
80:f1:01:a4:d6:bc:7e:9d:e6:d1:9c:09:d6:78:70:b5:ba:94:
be:26:bd:af:5e:b5:1a:24:04:fc:00:56:28:4f:c9:24:dc:d8:
84:42:58:f4:66:02:38:fc:80:6a:8e:6e:52:37:f5:b1:35:b5:
8f:61:37:a5:9f:e1:d5:29:8b:51:48:37:1f:5a:58:ae:61:f0:
63:78:80:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEDP+WbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzQ2NGJhOWQyNjM4NWY1NGRmNjI1NGFjMjQ4OTI2ZDM3MDQ0NWIwMB4XDTIyMDEw
MTAyNTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE0N2Q1NmQ3MzQ5
YzY2OTM3ZTAzOWRjNmQzOTc0MmJkNDUxNTAyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOA6hlw2EF3HBedsJYtzXJqyRAnpedUulC5aA4qV3qkzMULA
hkAKlccyFe5yG/+uhWHkmtkt8OClB+4vH0wxfUWEp43Rjey06Gvp+Qn5EjclLFZ7
1tZ33xuR1I22926sMDKtAiKSZtmn5uhu8t2O293JWZN3aYX+z4qhvKNUgydS3JH1
nDLxU8B1ti7a/be+qSThNmzmu46/1Jte2k2G8CDlRmsTXBVEwjsGFsBN2h9S0fT4
GVPvBObKom+INitcK05Cd+i0kzrpNibK0g8AZ5FDtGEqLo8UBQC+5xjl6dBeMl+m
5UqTWc9G3X9Is+LOgKBhr9MvxMGH9SHqvvpZZkcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSaR9Vtc0nGaTfgOdxtOXQr1FFQJjAfBgNVHSMEGDAWgBS8Rkup0mOF9U32
JUrCSJJtNwRFsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZFWkxxZEpqaGZWTjlpVkt3a2lTYlRjRVJiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNTAxZjJiLWZkMWYtNDVlYS1iNDk0LWQ3M2RjNGI0MWNlMS8x
L21rZlZiWE5KeG1rMzREbmNiVGwwSzlSUlVDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NTAxZjJiLWZkMWYtNDVlYS1iNDk0LWQ3M2RjNGI0MWNlMS8xL3ZFWkxxZEpqaGZW
TjlpVkt3a2lTYlRjRVJiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAi2buAMEArmXFDAMAwQCueykAwQA
ueymMA0EAgACMAcDBQMqB3VAMA0GCSqGSIb3DQEBCwUAA4IBAQArksQj2934CFec
6louWLvaAyWrozCoQXTyjXG1rzvC2ygG2fBLdpT0KNZHG739sfycHDstPbCjic9P
6GZinZpCCse+NdHSQoKJRfCEoVKHRDlr5TTlvJCQRAS2VFIfBeOrelxzw6AikqS3
MERxRjl6KY8JCQxvQgFsHXkqMkaM3rcNpqpamlgpVaGlPZm85L0RWha/CFt2EamG
Zl2NLOCVWQ+vlRpCK2hzK3GYg+A2g/aO0cCA8QGk1rx+nebRnAnWeHC1upS+Jr2v
XrUaJAT8AFYoT8kk3NiEQlj0ZgI4/IBqjm5SN/WxNbWPYTeln+HVKYtRSDcfWliu
YfBjeIAK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org