Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/mnWLdYLaH-7XCRYmyWcfqS37fnI.roa
File: mnWLdYLaH-7XCRYmyWcfqS37fnI.roa (raw, json)
Hash identifier: 4+JLMB4noGuOowQVtDx3qMnrjLXqWFO5slFCcRnXWHQ=
Subject key identifier: 9A:75:8B:75:82:DA:1F:EE:D7:09:16:26:C9:67:1F:A9:2D:FB:7E:72
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01836A68610A9C80AEC23BA3E84EEF78EA9A
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/mnWLdYLaH-7XCRYmyWcfqS37fnI.roa
Signing time: Fri 23 Sep 2022 12:52:48 +0000
ROA not before: Fri 23 Sep 2022 12:52:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.134.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
147.189.138.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.219.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:68:61:0a:9c:80:ae:c2:3b:a3:e8:4e:ef:78:ea:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Sep 23 12:52:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a758b7582da1feed7091626c9671fa92dfb7e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:c4:ad:70:68:df:e0:1d:7a:dc:cb:d7:26:
45:7b:22:d7:82:ea:ba:96:53:4f:6c:51:ea:3f:34:
4e:ba:39:fc:77:cc:52:9b:59:f2:e1:af:fd:e5:33:
4e:89:7e:d6:05:6c:a3:38:09:b1:83:97:31:c8:33:
17:d8:46:85:75:3e:a6:08:56:f4:4a:db:fb:22:51:
b1:42:b3:cd:92:8e:5a:ee:9c:ee:8d:3a:aa:a6:7b:
30:5e:9e:e5:28:23:7b:4e:3c:5e:7c:c9:7b:28:19:
22:d5:0b:bc:8c:e1:53:dd:1a:ae:58:44:cb:9e:fe:
d0:ce:36:58:72:2b:2a:b5:00:2b:4c:53:eb:f1:bf:
e2:89:a9:23:10:89:1f:e2:4d:28:54:7f:60:5b:e0:
76:7f:55:c0:30:72:9e:f6:f8:c0:fe:ae:9f:54:8f:
e3:94:1a:b9:bf:c6:a6:6b:00:9b:fc:f0:59:d9:11:
07:da:ae:3c:f5:63:a3:ef:e4:ba:8f:38:9a:85:e4:
10:dd:9b:99:12:bd:a9:dd:1d:63:a6:6d:5c:6b:9f:
3c:3b:47:2d:4a:48:83:1a:2b:a6:72:1e:84:5c:57:
0e:24:57:34:4c:cd:e8:0a:56:c2:26:fa:02:cc:0e:
cf:95:f9:f7:7b:99:6e:09:e5:27:92:cb:7b:5c:8b:
7d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:75:8B:75:82:DA:1F:EE:D7:09:16:26:C9:67:1F:A9:2D:FB:7E:72
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/mnWLdYLaH-7XCRYmyWcfqS37fnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/24
45.14.113.0/24
147.189.128.0/24
147.189.131.0/24
147.189.134.0/23
147.189.138.0/24
176.111.217.0/24
176.111.219.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
92:c1:01:bf:05:d6:fa:fa:87:23:8a:36:29:24:eb:10:f2:1b:
dc:4f:29:15:6b:e3:a5:8f:83:75:f6:b8:17:9e:45:32:10:59:
dd:59:d1:70:82:7d:aa:98:5f:b0:e5:f8:74:81:1d:cc:08:f6:
0a:a0:5c:f5:7e:6f:90:1e:90:48:4f:6a:99:0e:fb:67:b2:c9:
05:5c:6b:61:10:73:e9:c9:b9:dc:0c:bd:bf:f8:17:20:65:3e:
b0:53:cd:39:16:aa:84:5b:ed:2f:6f:10:6f:1a:75:9f:3b:b6:
6e:80:cc:9e:04:72:9f:78:77:eb:18:a2:a1:9d:de:ad:bd:88:
ad:d4:d2:80:99:3c:c0:a1:ad:5b:7a:f2:46:5b:2f:d7:2e:8f:
57:82:6f:c3:a9:ad:2d:cd:79:5e:b9:4e:67:79:58:25:dc:3d:
01:18:e6:c5:7f:23:13:a4:ac:b7:f6:46:e8:c8:d7:51:b2:57:
1d:0d:4b:58:1a:7c:69:13:d6:12:3f:63:25:0a:d2:4f:98:bd:
12:3e:76:71:ed:66:cb:f7:91:02:7a:de:34:59:76:0b:4a:cf:
cb:70:8e:04:eb:6a:28:10:c6:d4:5d:3d:84:3c:64:36:5b:c0:
15:58:e8:9f:c3:2e:16:a0:b3:9a:3d:8b:79:ce:af:85:33:17:
43:10:7e:76
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYNqaGEKnICuwjuj6E7veOqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjIwOTIzMTI1MjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTc1OGI3NTgyZGExZmVlZDcwOTE2MjZjOTY3MWZhOTJkZmI3ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF7ErXBo3+AdetzL1yZFeyLXguq6
llNPbFHqPzROujn8d8xSm1ny4a/95TNOiX7WBWyjOAmxg5cxyDMX2EaFdT6mCFb0
Stv7IlGxQrPNko5a7pzujTqqpnswXp7lKCN7TjxefMl7KBki1Qu8jOFT3RquWETL
nv7QzjZYcisqtQArTFPr8b/iiakjEIkf4k0oVH9gW+B2f1XAMHKe9vjA/q6fVI/j
lBq5v8amawCb/PBZ2REH2q489WOj7+S6jziaheQQ3ZuZEr2p3R1jpm1ca588O0ct
SkiDGiumch6EXFcOJFc0TM3oClbCJvoCzA7Plfn3e5luCeUnkst7XIt9SwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJp1i3WC2h/u1wkWJslnH6kt+35yMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL21uV0xkWUxhSC03WENSWW15V2NmcVMzN2ZuSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgaEGCCsGAQUFBwEHAQH/BIGRMIGOMDwEAgABMDYDBAEC
OAgDBAAFt0wDBAAtDnEDBACTvYADBACTvYMDBAGTvYYDBACTvYoDBACwb9kDBACw
b9swTgQCAAIwSAMHACoODIAAAwMHACoODIADIwMHACoODIAEAwMHACoODIAHQwMH
ACoPmYAABgMHACoPmYABlQMHACoPmYAFmAMHACoPmYAJNjANBgkqhkiG9w0BAQsF
AAOCAQEAksEBvwXW+vqHI4o2KSTrEPIb3E8pFWvjpY+Ddfa4F55FMhBZ3VnRcIJ9
qphfsOX4dIEdzAj2CqBc9X5vkB6QSE9qmQ77Z7LJBVxrYRBz6cm53Ay9v/gXIGU+
sFPNORaqhFvtL28Qbxp1nzu2boDMngRyn3h36xiioZ3erb2IrdTSgJk8wKGtW3ry
Rlsv1y6PV4Jvw6mtLc15XrlOZ3lYJdw9ARjmxX8jE6Sst/ZG6MjXUbJXHQ1LWBp8
aRPWEj9jJQrST5i9Ej52ce1my/eRAnreNFl2C0rPy3COBOtqKBDG1F09hDxkNlvA
FVjon8MuFqCzmj2Lec6vhTMXQxB+dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:08 2024 by rpki-client on console-ams.rpki-client.org