Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MGlaRag2sodLJ2KmfpwJA6kWVAg.roa
File: MGlaRag2sodLJ2KmfpwJA6kWVAg.roa (raw, json)
Hash identifier: 87Y4UbzJqYoiPV3sdCwiM9jGSK3+oGDrlvUmNGRfAAQ=
Subject key identifier: 30:69:5A:45:A8:36:B2:87:4B:27:62:A6:7E:9C:09:03:A9:16:54:08
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018400D556F14975EC5173EB997011CD90AD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MGlaRag2sodLJ2KmfpwJA6kWVAg.roa
Signing time: Sat 22 Oct 2022 17:54:52 +0000
ROA not before: Sat 22 Oct 2022 17:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 82.152.178.0/24 maxlen: 24
82.152.179.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:00:d5:56:f1:49:75:ec:51:73:eb:99:70:11:cd:90:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 22 17:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30695a45a836b2874b2762a67e9c0903a9165408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:73:67:85:26:67:bc:2c:d2:7a:7e:f8:af:2e:
f2:c3:43:76:2e:cb:fd:c3:92:96:66:77:64:97:a5:
cc:fe:9e:c0:f4:12:21:40:20:17:26:56:ca:e1:5c:
62:92:23:71:2b:0a:68:da:4b:34:e8:55:3a:75:c7:
a0:a5:18:98:3b:10:ff:3f:76:e2:3a:06:6a:1d:32:
6f:c5:ff:52:85:50:28:ff:d7:ec:55:d4:a8:33:c2:
ee:3d:99:f6:50:c8:e4:3f:fc:a3:60:77:79:4c:96:
84:0d:72:09:7d:86:ec:62:1f:17:93:f8:5e:8e:a3:
6f:39:4a:9b:f9:be:6b:f2:29:11:80:16:f6:bf:33:
e9:a3:38:08:8b:2d:3a:a4:fc:64:09:00:39:8e:1f:
3c:79:96:31:cd:fd:2f:88:75:01:61:cd:de:0e:63:
4e:a2:48:74:4c:70:ca:41:87:af:62:43:a1:0d:85:
92:d5:e3:10:a1:93:15:d1:c6:d2:df:97:d6:18:c6:
cc:08:c6:f7:0e:fd:d2:9a:d4:54:0e:d3:c2:54:92:
c2:05:0c:de:54:af:3b:24:6c:a5:82:73:45:f5:5f:
0e:30:72:ad:26:b3:5c:0b:68:f0:03:97:35:eb:42:
73:c8:43:ad:1e:45:41:c6:80:3e:83:8d:05:a4:41:
14:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:69:5A:45:A8:36:B2:87:4B:27:62:A6:7E:9C:09:03:A9:16:54:08
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MGlaRag2sodLJ2KmfpwJA6kWVAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.178.0/23
82.153.69.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c5:0e:a4:c7:0a:a6:e4:38:ec:2a:d4:be:af:7b:7e:08:44:
1b:1b:7b:90:ec:15:53:a2:21:12:11:71:e6:bf:1e:d0:a9:32:
22:24:ee:f1:5c:ec:7f:d6:95:cf:37:3a:08:df:9d:fc:69:0f:
6d:4f:38:d3:4c:f1:ec:af:cd:47:6c:60:b9:53:1f:2e:3f:7f:
13:07:c8:9f:78:15:99:56:e6:25:64:22:93:90:23:44:6b:7e:
60:7a:9b:53:55:9a:e2:2c:82:c6:11:05:d7:5c:58:33:51:97:
28:ea:11:a4:54:15:79:47:f4:38:69:1c:cf:32:c3:e6:ee:30:
49:e9:e5:bb:0a:bb:b7:aa:76:6b:02:6f:52:96:cf:35:80:4b:
95:e1:e8:85:16:27:f5:df:c5:41:15:66:06:d7:c2:8b:5b:1c:
86:f0:34:a7:4c:ae:74:03:51:88:a2:a1:79:5d:95:be:89:7b:
5b:66:8c:2d:bb:cc:98:cc:22:66:30:de:fa:06:0a:11:2a:23:
24:ae:a6:8f:fb:64:4f:bd:ef:f7:a4:59:e9:4d:da:e9:8a:56:
a5:53:23:39:d0:37:78:29:da:aa:3c:0f:3a:93:ec:e7:4f:f8:
18:b2:ff:4d:e0:48:38:07:c9:99:55:d2:e3:03:c6:c3:34:e4:
fa:81:8a:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQA1VbxSXXsUXPrmXARzZCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDIyMTc1NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY5NWE0NWE4MzZiMjg3NGIyNzYyYTY3ZTljMDkwM2E5MTY1NDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3NnhSZnvCzSen74ry7yw0N2Lsv9
w5KWZndkl6XM/p7A9BIhQCAXJlbK4VxikiNxKwpo2ks06FU6dcegpRiYOxD/P3bi
OgZqHTJvxf9ShVAo/9fsVdSoM8LuPZn2UMjkP/yjYHd5TJaEDXIJfYbsYh8Xk/he
jqNvOUqb+b5r8ikRgBb2vzPpozgIiy06pPxkCQA5jh88eZYxzf0viHUBYc3eDmNO
okh0THDKQYevYkOhDYWS1eMQoZMV0cbS35fWGMbMCMb3Dv3SmtRUDtPCVJLCBQze
VK87JGylgnNF9V8OMHKtJrNcC2jwA5c160JzyEOtHkVBxoA+g40FpEEUgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDBpWkWoNrKHSydipn6cCQOpFlQIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTUdsYVJhZzJzb2RMSjJLbWZwd0pBNmtXVkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpiyAwQA
UplFAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQBoxQ6kxwqm5DjsKtS+r3t+CEQb
G3uQ7BVToiESEXHmvx7QqTIiJO7xXOx/1pXPNzoI3538aQ9tTzjTTPHsr81HbGC5
Ux8uP38TB8ifeBWZVuYlZCKTkCNEa35geptTVZriLILGEQXXXFgzUZco6hGkVBV5
R/Q4aRzPMsPm7jBJ6eW7Cru3qnZrAm9Sls81gEuV4eiFFif138VBFWYG18KLWxyG
8DSnTK50A1GIoqF5XZW+iXtbZowtu8yYzCJmMN76BgoRKiMkrqaP+2RPve/3pFnp
TdrpilalUyM50Dd4KdqqPA86k+znT/gYsv9N4Eg4B8mZVdLjA8bDNOT6gYqD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org