Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/o-MT_o4tXaq_cqcqxEMfWZKBE00.roa
File: o-MT_o4tXaq_cqcqxEMfWZKBE00.roa (raw, json)
Hash identifier: x+KY5xOoRjLhcSY5cMG3IwW5fXV42pQZF3rNN4YqP2Q=
Subject key identifier: A3:E3:13:FE:8E:2D:5D:AA:BF:72:A7:2A:C4:43:1F:59:92:81:13:4D
Certificate issuer: /CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Certificate serial: 03327FB1
Authority key identifier: 20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/o-MT_o4tXaq_cqcqxEMfWZKBE00.roa
Signing time: Sat 01 Jan 2022 15:06:43 +0000
ROA not before: Sat 01 Jan 2022 15:06:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208365
IP address blocks: 81.22.33.0/24 maxlen: 24
81.22.35.0/24 maxlen: 24
81.22.32.0/24 maxlen: 24
81.22.34.0/24 maxlen: 24
45.151.76.0/24 maxlen: 24
31.223.186.0/24 maxlen: 24
45.151.78.0/24 maxlen: 24
45.151.77.0/24 maxlen: 24
45.151.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53641137 (0x3327fb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Validity
Not Before: Jan 1 15:06:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3e313fe8e2d5daabf72a72ac4431f599281134d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1f:5a:9e:b4:ee:b0:a6:70:db:3b:44:91:40:
de:13:ec:94:cd:19:01:38:c7:19:4e:a2:b0:6b:a7:
10:49:0d:7a:13:5c:42:80:f0:9c:4a:a3:30:b6:60:
05:6a:66:f5:5b:37:8e:38:ce:79:21:fc:cb:ce:f7:
79:9c:48:1a:bb:20:d3:67:c0:f5:6c:f0:cb:36:a9:
cc:d7:42:9a:c3:9c:a3:85:c4:11:61:be:cc:34:67:
f6:6f:42:b4:06:f3:64:88:eb:7d:fc:4d:49:a7:68:
5a:7f:80:7e:6f:c9:8e:3e:15:63:df:08:19:88:54:
16:16:89:0c:c3:b8:48:46:8e:19:92:3a:be:15:89:
0e:77:1e:9e:a6:56:ac:af:ef:7a:b9:49:34:8a:6e:
4f:52:a1:93:bf:6a:87:6a:de:19:a9:f6:b0:71:fa:
16:6b:6e:00:7d:55:88:67:db:c0:3e:35:e6:56:3d:
1a:f2:27:85:60:97:ef:15:c2:22:2f:90:f3:99:b1:
16:98:15:f3:54:b3:62:76:0c:40:54:c3:f1:e3:bb:
c5:5d:e0:43:94:35:d7:16:d7:42:2a:26:9c:09:3c:
48:e8:13:38:57:38:f8:98:f2:ea:04:6b:ec:46:40:
c7:c7:72:1d:0c:71:43:c9:24:64:aa:46:44:3a:34:
d6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E3:13:FE:8E:2D:5D:AA:BF:72:A7:2A:C4:43:1F:59:92:81:13:4D
X509v3 Authority Key Identifier:
keyid:20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/o-MT_o4tXaq_cqcqxEMfWZKBE00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.186.0/24
45.151.76.0/22
81.22.32.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:e4:bf:69:c6:e7:8a:d6:bd:a3:32:e3:79:f6:c9:15:22:32:
20:e3:ed:2d:f2:23:a5:96:3f:f0:ad:09:f1:cc:4c:eb:95:1b:
2c:8c:24:48:11:81:25:e0:29:35:fa:b0:81:c9:2f:6f:15:33:
14:fe:c9:9c:6e:d3:34:a3:79:78:06:6d:5e:4d:09:ac:3c:21:
01:5f:63:25:d6:8c:ac:dd:fd:7d:5f:f1:d6:ee:7d:34:37:d7:
79:bd:88:d8:bd:48:42:04:3b:f8:b4:9d:82:19:ac:db:e0:7e:
b2:ed:16:e0:01:1d:97:0a:9d:29:82:86:6c:08:19:0c:b3:4c:
4f:2d:3f:32:8a:b3:f3:c8:08:bd:83:5c:34:76:46:a9:9d:55:
f3:1d:98:89:f5:47:93:02:b1:e6:15:b3:75:10:1c:27:68:30:
c2:75:2a:12:87:fb:06:3a:4a:3e:3d:74:2e:49:da:fa:20:9f:
e1:2d:32:81:e1:7e:51:18:8d:46:b7:c1:a5:9b:43:64:b0:57:
fe:cb:45:06:cb:35:ba:89:6e:ee:29:78:f9:b4:cb:d2:6e:5e:
fe:9d:3b:d3:da:cf:dd:d5:5b:7d:63:e7:52:02:80:61:a9:3e:
b3:5c:c9:91:89:38:a8:63:48:4c:7e:27:25:8b:33:84:74:24:
00:07:ee:0b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAzJ/sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGE3ZmNiZTU5MzE0YzM3MmI2OGYyMzIyMjM4MjhiMWUzM2EwM2VjMB4XDTIyMDEw
MTE1MDY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNlMzEzZmU4ZTJk
NWRhYWJmNzJhNzJhYzQ0MzFmNTk5MjgxMTM0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsfWp607rCmcNs7RJFA3hPslM0ZATjHGU6isGunEEkNehNc
QoDwnEqjMLZgBWpm9Vs3jjjOeSH8y873eZxIGrsg02fA9WzwyzapzNdCmsOco4XE
EWG+zDRn9m9CtAbzZIjrffxNSadoWn+Afm/Jjj4VY98IGYhUFhaJDMO4SEaOGZI6
vhWJDncenqZWrK/verlJNIpuT1Khk79qh2reGan2sHH6FmtuAH1ViGfbwD415lY9
GvInhWCX7xXCIi+Q85mxFpgV81SzYnYMQFTD8eO7xV3gQ5Q11xbXQiomnAk8SOgT
OFc4+Jjy6gRr7EZAx8dyHQxxQ8kkZKpGRDo01s8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSj4xP+ji1dqr9ypyrEQx9ZkoETTTAfBgNVHSMEGDAWgBQgp/y+WTFMNyto
8jIiOCix4zoD7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lLZjh2bGt4VERjcmFQSXlJamdvc2VNNkEtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvYzM5ODhlLTg2NTQtNDMxMS04MjkyLTQyNjAzOTc4ODkxOS8x
L28tTVRfbzR0WGFxX2NxY3F4RU1mV1pLQkUwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
YzM5ODhlLTg2NTQtNDMxMS04MjkyLTQyNjAzOTc4ODkxOS8xL0lLZjh2bGt4VERj
cmFQSXlJamdvc2VNNkEtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAB/fugMEAi2XTAMEAlEWIDANBgkq
hkiG9w0BAQsFAAOCAQEAyeS/acbnita9ozLjefbJFSIyIOPtLfIjpZY/8K0J8cxM
65UbLIwkSBGBJeApNfqwgckvbxUzFP7JnG7TNKN5eAZtXk0JrDwhAV9jJdaMrN39
fV/x1u59NDfXeb2I2L1IQgQ7+LSdghms2+B+su0W4AEdlwqdKYKGbAgZDLNMTy0/
Moqz88gIvYNcNHZGqZ1V8x2YifVHkwKx5hWzdRAcJ2gwwnUqEof7BjpKPj10Lkna
+iCf4S0ygeF+URiNRrfBpZtDZLBX/stFBss1uolu7il4+bTL0m5e/p0709rP3dVb
fWPnUgKAYak+s1zJkYk4qGNITH4nJYszhHQkAAfuCw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:12 2023 by rpki-client on console-fra.rpki-client.org