Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/cmysMKLRFpWpwMu3PeOPOTthFUY.roa
File: cmysMKLRFpWpwMu3PeOPOTthFUY.roa (raw, json)
Hash identifier: Z8Zv3WzjEvnwutQW77z9yLBo1Bb+5m1dS3z5Gqnanm4=
Subject key identifier: 72:6C:AC:30:A2:D1:16:95:A9:C0:CB:B7:3D:E3:8F:39:3B:61:15:46
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 4037DB51
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/cmysMKLRFpWpwMu3PeOPOTthFUY.roa
Signing time: Sat 01 Jan 2022 06:04:38 +0000
ROA not before: Sat 01 Jan 2022 06:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6786
IP address blocks: 85.215.0.0/19 maxlen: 24
85.214.9.0/24 maxlen: 24
85.214.11.0/24 maxlen: 24
2a01:238:e000::/35 maxlen: 48
2a01:238:3000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1077402449 (0x4037db51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Jan 1 06:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=726cac30a2d11695a9c0cbb73de38f393b611546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:20:8a:36:53:79:3b:96:24:3a:a1:5b:0a:
62:85:1a:b0:d0:fb:ff:80:f8:92:5f:10:26:e0:2b:
af:58:12:84:c7:47:96:85:3d:7b:ae:4c:82:5d:e5:
c2:de:92:bb:3e:36:2b:d2:42:d2:64:eb:7a:d9:cf:
42:9c:3b:85:58:da:02:92:a0:b5:16:0f:f5:25:35:
b2:33:78:11:1f:25:02:6e:08:e6:f9:52:9f:2c:db:
56:d9:3e:54:17:c1:c3:de:93:28:b0:f7:d6:b9:a5:
17:3f:72:c4:fd:bf:05:a3:8e:cc:e3:2d:0d:ad:7c:
2c:ca:36:54:98:d2:0d:8e:3d:14:11:a9:6d:ce:c6:
e5:1c:b0:fb:64:91:cc:c5:16:c8:ec:25:e6:d2:b1:
6e:37:8b:0d:c7:26:a7:61:7a:c3:4e:5b:c0:be:79:
04:a0:08:de:e3:66:79:1f:0c:8f:12:3e:cc:f0:e3:
8c:51:79:45:56:c1:20:04:d4:02:7f:9b:cc:53:8f:
74:b0:ef:06:b5:50:8e:17:e1:2f:6b:50:aa:ac:89:
62:63:99:f8:ac:74:de:7e:93:77:94:93:27:73:5a:
b4:ea:24:b8:ff:3a:88:3e:bd:f1:18:d3:24:ce:e6:
ea:91:1a:80:1e:d5:eb:86:61:23:d5:d0:f3:7b:9b:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6C:AC:30:A2:D1:16:95:A9:C0:CB:B7:3D:E3:8F:39:3B:61:15:46
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/cmysMKLRFpWpwMu3PeOPOTthFUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.214.9.0/24
85.214.11.0/24
85.215.0.0/19
IPv6:
2a01:238:3000::/36
2a01:238:e000::/35
Signature Algorithm: sha256WithRSAEncryption
4c:80:ad:6f:9f:68:72:c2:ae:47:a2:7a:11:1f:dc:0d:d5:bd:
f9:c8:30:ea:5d:69:03:c1:f8:6a:ba:1f:b7:42:46:5d:16:4c:
87:c8:46:a6:eb:00:e4:e8:a9:02:cc:bc:b1:7b:e9:86:a3:d1:
e4:58:74:b6:a2:29:bf:0b:69:d0:ae:ac:79:9c:7b:71:a2:56:
ec:e3:e9:ef:3a:54:68:0c:f5:ee:b1:83:15:e3:f0:d9:79:ff:
f9:66:b8:b3:37:1e:f9:b5:91:a0:5d:05:e5:7d:9b:63:41:24:
20:de:cb:81:67:c2:97:1a:a8:98:c0:ce:b0:80:6c:d3:b1:90:
77:69:36:2e:24:5c:23:f5:44:b8:d9:f5:01:95:6f:5d:11:e2:
2c:42:2f:b1:47:47:b0:9b:16:a8:e8:27:41:37:80:25:f8:59:
2f:6b:23:10:99:14:4d:c3:f8:36:e4:a3:ec:0d:aa:4e:57:a9:
ef:a9:d2:aa:2e:b4:a9:82:13:ec:06:57:94:f5:d7:fb:25:77:
d1:88:5c:28:35:f0:9c:96:56:e6:4e:92:73:e4:65:69:84:38:
61:c4:7b:6b:5d:ad:65:d9:ea:43:16:c8:80:93:c2:60:d7:8e:
ef:b0:60:a3:97:e6:06:ab:2d:9a:af:8d:82:83:70:4b:50:0f:
38:1a:ba:dc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEQDfbUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGQyZDI3MTVmNDNmNzQ3YmVhNzYyZGNlMTY2YmNhNGI4ZTk2NWViMB4XDTIyMDEw
MTA2MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI2Y2FjMzBhMmQx
MTY5NWE5YzBjYmI3M2RlMzhmMzkzYjYxMTU0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI5IIo2U3k7liQ6oVsKYoUasND7/4D4kl8QJuArr1gShMdH
loU9e65Mgl3lwt6Suz42K9JC0mTretnPQpw7hVjaApKgtRYP9SU1sjN4ER8lAm4I
5vlSnyzbVtk+VBfBw96TKLD31rmlFz9yxP2/BaOOzOMtDa18LMo2VJjSDY49FBGp
bc7G5Ryw+2SRzMUWyOwl5tKxbjeLDccmp2F6w05bwL55BKAI3uNmeR8MjxI+zPDj
jFF5RVbBIATUAn+bzFOPdLDvBrVQjhfhL2tQqqyJYmOZ+Kx03n6Td5STJ3NatOok
uP86iD698RjTJM7m6pEagB7V64ZhI9XQ83ubFOUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRybKwwotEWlanAy7c94485O2EVRjAfBgNVHSMEGDAWgBRY0tJxX0P3R76n
YtzhZrykuOll6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dOTFNjVjlEOTBlLXAyTGM0V2E4cExqcFplcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvZDY3YjdiLWM3OTgtNDkwMS04MGY5LWUzODM0NTE2ZmMwOC8x
L2NteXNNS0xSRnBXcHdNdTNQZU9QT1R0aEZVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ZDY3YjdiLWM3OTgtNDkwMS04MGY5LWUzODM0NTE2ZmMwOC8xL1dOTFNjVjlEOTBl
LXAyTGM0V2E4cExqcFplcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGAQCAAEwEgMEAFXWCQMEAFXWCwMEBVXXADAWBAIA
AjAQAwYEKgECODADBgUqAQI44DANBgkqhkiG9w0BAQsFAAOCAQEATICtb59ocsKu
R6J6ER/cDdW9+cgw6l1pA8H4aroft0JGXRZMh8hGpusA5OipAsy8sXvphqPR5Fh0
tqIpvwtp0K6seZx7caJW7OPp7zpUaAz17rGDFePw2Xn/+Wa4szce+bWRoF0F5X2b
Y0EkIN7LgWfClxqomMDOsIBs07GQd2k2LiRcI/VEuNn1AZVvXRHiLEIvsUdHsJsW
qOgnQTeAJfhZL2sjEJkUTcP4NuSj7A2qTlep76nSqi60qYIT7AZXlPXX+yV30Yhc
KDXwnJZW5k6Sc+RlaYQ4YcR7a12tZdnqQxbIgJPCYNeO77Bgo5fmBqstmq+NgoNw
S1APOBq63A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:51 2023 by rpki-client on console-ams.rpki-client.org