Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/Ma-JZ1Uq7aST8tVk4tAqkEJ9-g0.roa
File: Ma-JZ1Uq7aST8tVk4tAqkEJ9-g0.roa (raw, json)
Hash identifier: 987SDvAubw7LGGcvEmGB68UEgVvpPIxiKZZzWn/F+DI=
Subject key identifier: 31:AF:89:67:55:2A:ED:A4:93:F2:D5:64:E2:D0:2A:90:42:7D:FA:0D
Certificate issuer: /CN=b7c8df3da33938bf1b245f1c4479fd24dd9f94f0
Certificate serial: 05CA241B
Authority key identifier: B7:C8:DF:3D:A3:39:38:BF:1B:24:5F:1C:44:79:FD:24:DD:9F:94:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t8jfPaM5OL8bJF8cRHn9JN2flPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/Ma-JZ1Uq7aST8tVk4tAqkEJ9-g0.roa
Signing time: Sat 01 Jan 2022 10:05:22 +0000
ROA not before: Sat 01 Jan 2022 10:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200064
IP address blocks: 185.238.164.0/24 maxlen: 24
185.238.166.0/24 maxlen: 24
185.238.165.0/24 maxlen: 24
185.238.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97133595 (0x5ca241b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7c8df3da33938bf1b245f1c4479fd24dd9f94f0
Validity
Not Before: Jan 1 10:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31af8967552aeda493f2d564e2d02a90427dfa0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b5:ee:48:44:73:33:14:3d:39:5e:a7:cb:38:
47:c7:fc:e3:73:58:17:d0:e9:8d:42:cc:fb:c1:f7:
4a:09:15:48:42:ba:31:ad:5b:a9:c8:10:cb:7b:cd:
b0:c4:df:bd:86:39:32:f2:08:c1:30:f9:3f:ae:8a:
39:87:7b:48:ee:08:b9:be:ce:a8:98:4b:d0:1d:b2:
5b:09:00:40:66:3c:e0:84:d2:dd:48:b0:17:2e:27:
c5:3f:a0:73:78:d6:14:98:a5:b0:ec:00:08:02:b9:
75:bb:29:5a:91:87:87:42:08:d0:10:7f:96:d2:8b:
ff:7e:40:98:b9:4e:4a:9e:e8:db:07:19:c9:23:e2:
81:a2:72:e6:9d:fd:a5:ca:76:32:4a:3c:d4:46:99:
65:b0:a5:75:bf:b5:14:21:16:c1:3d:d2:12:c5:c3:
c4:3b:db:ab:dd:92:d1:88:11:ba:0f:94:fd:89:84:
16:11:fe:55:9c:67:f3:a9:0e:d9:f1:79:e1:5b:78:
3e:09:bb:24:6d:71:16:f2:fe:8f:38:19:26:09:85:
00:50:80:61:de:4c:c7:8a:ec:2e:f8:3c:27:80:f4:
1d:25:9e:ea:f8:45:90:cc:75:01:88:9e:c7:92:87:
d0:2d:36:6f:b4:81:73:6a:e4:79:e5:e3:64:57:81:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AF:89:67:55:2A:ED:A4:93:F2:D5:64:E2:D0:2A:90:42:7D:FA:0D
X509v3 Authority Key Identifier:
keyid:B7:C8:DF:3D:A3:39:38:BF:1B:24:5F:1C:44:79:FD:24:DD:9F:94:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8jfPaM5OL8bJF8cRHn9JN2flPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/Ma-JZ1Uq7aST8tVk4tAqkEJ9-g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/t8jfPaM5OL8bJF8cRHn9JN2flPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:fb:87:67:ba:2f:3f:8d:dc:f2:71:cc:c4:de:ed:74:9e:a0:
3b:48:21:36:b0:20:1b:31:44:42:41:28:2d:5d:9a:39:dd:fd:
8a:b6:2b:5e:02:c3:70:2c:5d:8c:fd:e7:13:bf:b5:ea:ac:e6:
96:60:a7:1e:27:25:24:e4:e6:5c:04:d3:ff:46:0e:65:20:db:
98:5d:d5:62:aa:32:05:f2:25:79:0b:fc:23:d2:6c:62:b5:e7:
f1:73:27:bc:ae:09:4a:b5:ac:92:fb:3c:37:ad:e5:27:1a:ff:
c5:6c:36:7f:0f:ac:ac:fa:4a:65:c0:20:83:e8:64:43:1c:47:
d4:94:34:ff:ed:1b:aa:51:b6:59:d2:f3:65:5c:87:37:c8:3b:
3b:91:10:62:7c:ca:37:55:e5:4c:8a:e0:35:4b:94:e1:cb:33:
4f:2d:05:4b:0c:67:ea:5c:90:64:5f:df:89:5c:0a:44:06:83:
ff:e0:c2:5f:78:5b:b8:3f:17:44:88:87:df:53:e8:86:ff:c1:
d0:23:c3:18:bf:9d:e0:ba:25:01:cf:d9:39:4b:c3:d1:5b:48:
16:56:94:d4:de:b8:c3:29:0f:cd:3b:a3:57:a6:49:d7:02:94:
fb:25:57:48:61:29:31:19:b6:ef:37:d2:00:e0:44:a6:c3:01:
7d:b8:f4:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBcokGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
N2M4ZGYzZGEzMzkzOGJmMWIyNDVmMWM0NDc5ZmQyNGRkOWY5NGYwMB4XDTIyMDEw
MTEwMDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFhZjg5Njc1NTJh
ZWRhNDkzZjJkNTY0ZTJkMDJhOTA0MjdkZmEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMy17khEczMUPTlep8s4R8f843NYF9DpjULM+8H3SgkVSEK6
Ma1bqcgQy3vNsMTfvYY5MvIIwTD5P66KOYd7SO4Iub7OqJhL0B2yWwkAQGY84ITS
3UiwFy4nxT+gc3jWFJilsOwACAK5dbspWpGHh0II0BB/ltKL/35AmLlOSp7o2wcZ
ySPigaJy5p39pcp2Mko81EaZZbCldb+1FCEWwT3SEsXDxDvbq92S0YgRug+U/YmE
FhH+VZxn86kO2fF54Vt4Pgm7JG1xFvL+jzgZJgmFAFCAYd5Mx4rsLvg8J4D0HSWe
6vhFkMx1AYiex5KH0C02b7SBc2rkeeXjZFeBPycCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxr4lnVSrtpJPy1WTi0CqQQn36DTAfBgNVHSMEGDAWgBS3yN89ozk4vxsk
XxxEef0k3Z+U8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Q4amZQYU01T0w4YkpGOGNSSG45Sk4yZmxQQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvNGRkMTk4LTkzY2ItNDU5Yy1iZWUyLTJkMWRhYTI5OWU4My8x
L01hLUpaMVVxN2FTVDh0Vms0dEFxa0VKOS1nMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
NGRkMTk4LTkzY2ItNDU5Yy1iZWUyLTJkMWRhYTI5OWU4My8xL3Q4amZQYU01T0w4
YkpGOGNSSG45Sk4yZmxQQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnupDANBgkqhkiG9w0BAQsFAAOC
AQEAp/uHZ7ovP43c8nHMxN7tdJ6gO0ghNrAgGzFEQkEoLV2aOd39irYrXgLDcCxd
jP3nE7+16qzmlmCnHiclJOTmXATT/0YOZSDbmF3VYqoyBfIleQv8I9JsYrXn8XMn
vK4JSrWskvs8N63lJxr/xWw2fw+srPpKZcAgg+hkQxxH1JQ0/+0bqlG2WdLzZVyH
N8g7O5EQYnzKN1XlTIrgNUuU4cszTy0FSwxn6lyQZF/fiVwKRAaD/+DCX3hbuD8X
RIiH31Pohv/B0CPDGL+d4LolAc/ZOUvD0VtIFlaU1N64wykPzTujV6ZJ1wKU+yVX
SGEpMRm27zfSAOBEpsMBfbj0UQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:44 2024 by rpki-client on console-ams.rpki-client.org