Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/MqL927F1jRRTqXkmnoUQrPl6eH4.roa
File: MqL927F1jRRTqXkmnoUQrPl6eH4.roa (raw, json)
Hash identifier: oK/XR46zThRkuCpgOUUinzq0KAFzvLaJUWDg9eki4h8=
Subject key identifier: 32:A2:FD:DB:B1:75:8D:14:53:A9:79:26:9E:85:10:AC:F9:7A:78:7E
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 09E198FE
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/MqL927F1jRRTqXkmnoUQrPl6eH4.roa
Signing time: Wed 23 Feb 2022 12:46:40 +0000
ROA not before: Wed 23 Feb 2022 12:46:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 85.209.205.0/24 maxlen: 24
85.209.204.0/24 maxlen: 24
85.209.206.0/24 maxlen: 24
45.150.223.0/24 maxlen: 24
45.150.222.0/24 maxlen: 24
45.150.220.0/24 maxlen: 24
85.209.207.0/24 maxlen: 24
45.150.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165779710 (0x9e198fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Feb 23 12:46:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32a2fddbb1758d1453a979269e8510acf97a787e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:52:2e:c0:8d:2a:6d:7d:19:35:23:c0:b1:7f:
9b:91:39:7b:a8:76:2e:3b:2f:c1:28:0f:f6:69:75:
65:64:0a:31:5c:db:84:e2:58:bd:1b:81:b4:76:1d:
9e:97:84:3e:bf:c5:c6:bc:9d:f5:11:a6:bd:78:a4:
c8:17:77:80:c8:6a:29:2c:d2:91:95:7b:82:7d:28:
b4:7d:5d:a3:6e:c3:9c:a3:a5:fb:46:13:11:e9:a6:
f0:a4:fb:c3:ac:17:18:fd:d1:14:22:c4:8c:18:d2:
44:99:db:ec:e3:49:13:3e:75:6f:52:9a:6c:a1:1c:
7f:05:5a:2c:44:fa:25:61:b4:cd:81:05:c8:06:19:
e6:41:1a:34:3a:a2:da:38:97:d5:7f:32:88:ec:f7:
40:12:b2:6c:1b:a1:cd:fb:33:0b:28:ea:f8:5c:49:
37:df:a5:a2:d7:b5:da:83:9b:e8:92:f4:39:a1:cc:
f9:a1:31:e4:b6:77:3e:0a:51:25:7f:89:a6:db:16:
94:72:b9:a1:62:03:25:84:e1:cc:8b:50:26:4c:23:
68:3e:90:80:72:c9:3f:dd:13:c1:6d:e5:36:1d:0c:
cc:85:74:b0:d3:92:63:8d:66:6e:7c:0d:0a:a9:cc:
a4:39:bb:fd:02:1e:92:b9:d3:bf:e8:29:54:d3:6d:
1e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A2:FD:DB:B1:75:8D:14:53:A9:79:26:9E:85:10:AC:F9:7A:78:7E
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/MqL927F1jRRTqXkmnoUQrPl6eH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.220.0/22
85.209.204.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:0b:4a:dd:c7:5a:06:a6:2e:de:fc:7d:34:48:c8:8a:47:22:
29:50:f5:aa:2f:b1:b8:df:aa:e0:9a:af:82:b6:b5:75:31:5d:
0c:56:44:fd:64:e4:cd:e5:61:b5:10:fd:c4:08:53:b7:37:7b:
32:60:e2:21:23:18:98:60:05:4d:47:42:43:91:5a:8c:3d:8a:
8d:13:57:17:14:a1:34:ea:cc:e2:df:00:ef:a8:a3:33:11:df:
9f:9c:00:79:8d:f0:c8:92:2b:58:ae:09:14:af:f9:e0:b9:6b:
a8:09:9f:e7:18:33:5c:7f:3e:b1:29:43:2d:fc:e0:f5:57:60:
ec:4d:0d:5a:2c:e7:aa:60:3a:91:d7:75:d6:fa:92:c1:50:68:
d8:4c:0f:df:55:0e:7d:3b:1b:27:06:d8:7f:85:be:46:ad:09:
20:dc:ce:a5:3b:ba:0d:8d:9d:e8:69:53:e2:a1:99:b7:81:b3:
83:b3:fa:2d:46:00:a1:ad:ee:25:2f:c9:bf:64:b6:18:55:4b:
ac:cb:78:4c:6c:c0:39:e6:46:70:e4:24:a7:76:a7:cf:ff:ee:
40:06:23:0d:12:60:00:3d:fc:8f:99:5b:47:8a:5b:35:98:5e:
9c:27:be:d2:a4:06:28:97:16:d8:27:43:1a:f5:e8:bb:08:82:
6d:01:ea:d4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECeGY/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmJlY2M0YmE4YTRkNTI0OThhMGQyOTgzYTY4YjYxMzgzYWE3ZmQ3MB4XDTIyMDIy
MzEyNDY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJhMmZkZGJiMTc1
OGQxNDUzYTk3OTI2OWU4NTEwYWNmOTdhNzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhSLsCNKm19GTUjwLF/m5E5e6h2LjsvwSgP9ml1ZWQKMVzb
hOJYvRuBtHYdnpeEPr/Fxryd9RGmvXikyBd3gMhqKSzSkZV7gn0otH1do27DnKOl
+0YTEemm8KT7w6wXGP3RFCLEjBjSRJnb7ONJEz51b1KabKEcfwVaLET6JWG0zYEF
yAYZ5kEaNDqi2jiX1X8yiOz3QBKybBuhzfszCyjq+FxJN9+lote12oOb6JL0OaHM
+aEx5LZ3PgpRJX+JptsWlHK5oWIDJYThzItQJkwjaD6QgHLJP90TwW3lNh0MzIV0
sNOSY41mbnwNCqnMpDm7/QIekrnTv+gpVNNtHrsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQyov3bsXWNFFOpeSaehRCs+Xp4fjAfBgNVHSMEGDAWgBRivsxLqKTVJJig
0pg6aLYTg6p/1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lyN01TNmlrMVNTWW9OS1lPbWkyRTRPcWY5Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvOWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8x
L01xTDkyN0YxalJSVHFYa21ub1VRclBsNmVINC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
OWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8xL1lyN01TNmlrMVNT
WW9OS1lPbWkyRTRPcWY5Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2W3AMEAlXRzDANBgkqhkiG9w0B
AQsFAAOCAQEALgtK3cdaBqYu3vx9NEjIikciKVD1qi+xuN+q4Jqvgra1dTFdDFZE
/WTkzeVhtRD9xAhTtzd7MmDiISMYmGAFTUdCQ5FajD2KjRNXFxShNOrM4t8A76ij
MxHfn5wAeY3wyJIrWK4JFK/54LlrqAmf5xgzXH8+sSlDLfzg9Vdg7E0NWiznqmA6
kdd11vqSwVBo2EwP31UOfTsbJwbYf4W+Rq0JINzOpTu6DY2d6GlT4qGZt4Gzg7P6
LUYAoa3uJS/Jv2S2GFVLrMt4TGzAOeZGcOQkp3anz//uQAYjDRJgAD38j5lbR4pb
NZhenCe+0qQGKJcW2CdDGvXouwiCbQHq1A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:55 2023 by rpki-client on console-fra.rpki-client.org