Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/mTcLI--HMCPq4QEsdjiQHN9enwo.roa
File: mTcLI--HMCPq4QEsdjiQHN9enwo.roa (raw, json)
Hash identifier: 79BkDjP8tGtqc/ZZ5L2JAkX+PUkbv7mkaYuz4KhS/XE=
Subject key identifier: 99:37:0B:23:EF:87:30:23:EA:E1:01:2C:76:38:90:1C:DF:5E:9F:0A
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 08608B96
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/mTcLI--HMCPq4QEsdjiQHN9enwo.roa
Signing time: Sat 01 Jan 2022 01:59:50 +0000
ROA not before: Sat 01 Jan 2022 01:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44684
IP address blocks: 176.126.240.0/21 maxlen: 24
185.101.96.0/24 maxlen: 24
195.10.223.0/24 maxlen: 24
93.93.128.0/21 maxlen: 24
185.47.60.0/22 maxlen: 22
46.235.224.0/21 maxlen: 24
2a04:ad80::/47 maxlen: 48
2a00:1098::/32 maxlen: 48
2a06:1c80::/29 maxlen: 29
2a04:ad80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140544918 (0x8608b96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 1 01:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99370b23ef873023eae1012c7638901cdf5e9f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8b:7c:14:f7:9f:72:a3:88:11:c0:5e:c9:24:
55:37:ea:40:b8:fb:b4:94:50:07:88:3a:6d:ae:a7:
15:c8:e3:34:60:1a:4f:f6:23:22:7d:de:ec:ff:ae:
15:5c:bd:cc:54:a1:35:44:a5:6d:f3:3c:25:83:14:
4b:6a:e3:76:4f:36:6f:1d:ab:25:9f:c9:f2:f8:a7:
0a:ea:2a:80:61:d4:1a:46:cc:2a:71:a5:95:de:51:
63:4b:7f:68:fb:c9:96:3f:33:a5:56:3a:93:d1:41:
27:11:55:a1:25:79:08:53:49:df:65:c1:47:10:51:
14:4c:fd:16:59:d7:ab:ff:34:36:56:99:ca:27:8c:
e4:7e:5c:1a:6a:24:47:5e:04:ae:dd:b0:8e:7a:69:
d7:55:04:60:19:93:2a:e6:08:db:bb:7b:ba:98:e1:
bf:b6:3c:d8:d8:b8:46:4a:2e:c3:56:1b:fc:55:52:
cf:21:a6:d9:c9:33:86:98:bb:4e:3e:1b:28:d4:bc:
a5:e4:1e:76:45:31:89:8f:b1:f6:c0:a7:3f:18:43:
c6:08:e6:72:99:b3:78:a4:e9:ac:de:e3:b7:33:84:
f1:03:de:96:dc:4f:f1:50:c5:f5:a5:e7:d2:6c:03:
b5:e3:b0:98:45:f2:40:fa:b2:f7:eb:9a:25:11:7f:
af:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:37:0B:23:EF:87:30:23:EA:E1:01:2C:76:38:90:1C:DF:5E:9F:0A
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/mTcLI--HMCPq4QEsdjiQHN9enwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.224.0/21
93.93.128.0/21
176.126.240.0/21
185.47.60.0/22
185.101.96.0/24
195.10.223.0/24
IPv6:
2a00:1098::/32
2a04:ad80::/29
2a06:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
5c:9f:dd:b1:c3:d5:f0:a3:54:4d:de:d7:29:a0:f0:e8:8a:4a:
5d:64:55:25:fd:6a:20:fd:e2:1e:e3:5f:63:21:86:65:c2:47:
a5:0c:e1:0b:87:25:a5:98:34:94:b6:67:cc:11:4a:fd:94:9e:
b8:c0:74:6e:80:9d:89:3c:22:3e:53:ea:22:2a:f8:23:15:f1:
d7:0a:4c:4d:73:e6:1e:b9:60:e8:72:80:ae:55:72:49:50:a9:
a3:a0:24:66:36:d2:fb:c4:e5:c5:c1:0e:7f:ec:89:24:f9:40:
43:14:93:b9:5a:39:af:6f:be:b9:fc:38:97:7d:4b:1d:fb:25:
a9:c5:49:28:fd:d4:44:e3:60:49:97:3a:67:9a:20:11:83:72:
af:dd:77:52:7a:b5:e1:8f:df:80:f3:2c:13:a0:49:d9:2b:41:
64:41:3a:c9:c5:72:ad:e6:85:d4:49:c6:15:86:f1:25:cb:a6:
90:e3:1d:3d:0c:4e:cb:1a:41:75:d5:9c:13:44:a8:e7:ce:97:
f6:6d:cf:e2:5c:b2:f3:fa:08:d0:6a:2c:c8:b8:39:40:00:78:
04:58:34:e5:23:87:ec:83:eb:22:b7:08:a3:aa:5b:d7:98:0b:
8e:02:28:ae:77:ee:d0:7f:fa:97:19:d1:57:16:ce:5e:03:e8:
65:60:74:a2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIECGCLljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODFmYzhjODI5ODYzMTBjNWY2YTliNTZmYjc2YjZiZDk4NzdmY2MwMB4XDTIyMDEw
MTAxNTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTkzNzBiMjNlZjg3
MzAyM2VhZTEwMTJjNzYzODkwMWNkZjVlOWYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+LfBT3n3KjiBHAXskkVTfqQLj7tJRQB4g6ba6nFcjjNGAa
T/YjIn3e7P+uFVy9zFShNUSlbfM8JYMUS2rjdk82bx2rJZ/J8vinCuoqgGHUGkbM
KnGlld5RY0t/aPvJlj8zpVY6k9FBJxFVoSV5CFNJ32XBRxBRFEz9FlnXq/80NlaZ
yieM5H5cGmokR14Ert2wjnpp11UEYBmTKuYI27t7upjhv7Y82Ni4Rkouw1Yb/FVS
zyGm2ckzhpi7Tj4bKNS8peQedkUxiY+x9sCnPxhDxgjmcpmzeKTprN7jtzOE8QPe
ltxP8VDF9aXn0mwDteOwmEXyQPqy9+uaJRF/r48CAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBSZNwsj74cwI+rhASx2OJAc316fCjAfBgNVHSMEGDAWgBT4H8jIKYYxDF9q
m1b7dra9mHf8wDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzhmLzNlNTljOS05ZjAxLTQ1NjItOTIxZC01MTNjYThlNmNlY2Uv
MS9tVGNMSS0tSE1DUHE0UUVzZGppUUhOOWVud28ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhm
LzNlNTljOS05ZjAxLTQ1NjItOTIxZC01MTNjYThlNmNlY2UvMS8xLUJfSXlDbUdN
UXhmYXB0Vy0zYTJ2WmgzX01BLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDLuvgAwQDXV2AAwQDsH7wAwQC
uS88AwQAuWVgAwQAwwrfMBsEAgACMBUDBQAqABCYAwUDKgStgAMFAyoGHIAwDQYJ
KoZIhvcNAQELBQADggEBAFyf3bHD1fCjVE3e1ymg8OiKSl1kVSX9aiD94h7jX2Mh
hmXCR6UM4QuHJaWYNJS2Z8wRSv2UnrjAdG6AnYk8Ij5T6iIq+CMV8dcKTE1z5h65
YOhygK5VcklQqaOgJGY20vvE5cXBDn/siST5QEMUk7laOa9vvrn8OJd9Sx37JanF
SSj91ETjYEmXOmeaIBGDcq/dd1J6teGP34DzLBOgSdkrQWRBOsnFcq3mhdRJxhWG
8SXLppDjHT0MTssaQXXVnBNEqOfOl/Ztz+JcsvP6CNBqLMi4OUAAeARYNOUjh+yD
6yK3CKOqW9eYC44CKK537tB/+pcZ0VcWzl4D6GVgdKI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:01 2024 by rpki-client on console-fra.rpki-client.org