Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/mBZicPIgV7SecYU05zaug5QklN4.roa
File: mBZicPIgV7SecYU05zaug5QklN4.roa (raw, json)
Hash identifier: fZ/8rSCQSzIBaAjNwn8T61y23Y54vJCws90pSfH+zEk=
Subject key identifier: 98:16:62:70:F2:20:57:B4:9E:71:85:34:E7:36:AE:83:94:24:94:DE
Certificate issuer: /CN=178235df535526d9e6d6aff6fa7ac52293a92c71
Certificate serial: 0A0CAA46
Authority key identifier: 17:82:35:DF:53:55:26:D9:E6:D6:AF:F6:FA:7A:C5:22:93:A9:2C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/mBZicPIgV7SecYU05zaug5QklN4.roa
Signing time: Wed 02 Feb 2022 10:52:43 +0000
ROA not before: Wed 02 Feb 2022 10:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25467
IP address blocks: 82.214.66.0/24 maxlen: 24
82.214.76.0/24 maxlen: 24
82.214.76.0/23 maxlen: 23
82.214.77.0/24 maxlen: 24
82.214.85.0/24 maxlen: 24
82.214.84.0/24 maxlen: 24
82.214.84.0/23 maxlen: 23
82.214.108.0/22 maxlen: 22
82.214.112.0/24 maxlen: 24
82.214.111.0/24 maxlen: 24
82.214.110.0/24 maxlen: 24
82.214.114.0/24 maxlen: 24
82.214.115.0/24 maxlen: 24
82.214.112.0/21 maxlen: 21
82.214.113.0/24 maxlen: 24
82.214.118.0/24 maxlen: 24
82.214.116.0/24 maxlen: 24
82.214.117.0/24 maxlen: 24
82.214.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168602182 (0xa0caa46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=178235df535526d9e6d6aff6fa7ac52293a92c71
Validity
Not Before: Feb 2 10:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98166270f22057b49e718534e736ae83942494de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:eb:b7:33:89:6f:b1:3a:be:a1:1f:d1:26:
00:19:20:d9:5f:f6:c0:40:15:1c:11:eb:62:9e:01:
32:60:37:ad:15:aa:9f:79:ec:5a:24:6a:7f:ae:fb:
34:8b:67:82:f1:78:85:ae:05:9c:2e:ac:5e:10:66:
03:13:90:80:e9:c8:3b:3b:50:b0:d4:74:5f:08:a5:
6c:df:65:f2:fa:51:c2:5f:0c:76:ca:fd:7a:1c:6f:
9b:54:ab:33:44:ac:2c:85:e1:16:1a:a7:44:45:f5:
7e:98:fe:ee:c8:74:be:44:b4:7f:9a:2e:0b:2e:a8:
a0:0a:f4:c3:66:24:27:e4:fd:9c:1b:33:92:43:fa:
2a:60:52:1e:09:9b:72:68:52:f7:7d:55:81:ca:b3:
58:43:eb:a2:dc:58:5a:4f:c0:29:f7:a6:02:b6:1e:
e5:0c:e9:ea:3f:5d:ac:2e:1d:1b:07:b3:76:5d:f5:
77:38:3c:0a:93:46:4b:50:92:db:4b:e2:47:aa:ef:
80:80:6b:49:51:08:dc:48:9f:cd:48:80:f1:4e:9a:
1f:24:28:16:87:f8:98:c4:95:85:90:0a:dd:f5:d7:
c8:2f:26:45:78:3b:f5:e7:74:51:d8:ff:e1:8d:54:
22:76:6a:1d:ad:11:83:d1:e0:de:a1:36:ce:dc:79:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:16:62:70:F2:20:57:B4:9E:71:85:34:E7:36:AE:83:94:24:94:DE
X509v3 Authority Key Identifier:
keyid:17:82:35:DF:53:55:26:D9:E6:D6:AF:F6:FA:7A:C5:22:93:A9:2C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/mBZicPIgV7SecYU05zaug5QklN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/F4I131NVJtnm1q_2-nrFIpOpLHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.214.66.0/24
82.214.76.0/23
82.214.84.0/23
82.214.108.0-82.214.119.255
Signature Algorithm: sha256WithRSAEncryption
91:2b:16:0f:ef:6c:6d:80:0f:ed:c4:e6:01:2b:f8:c1:7a:d5:
cf:e5:88:88:a3:a4:aa:e2:91:a1:84:fb:5b:96:8e:43:00:a2:
0c:90:64:c0:aa:6f:c3:9e:67:83:22:6d:08:a0:eb:99:81:80:
74:fe:0c:44:ab:3e:13:9f:e9:b3:f6:09:9a:4f:05:d5:58:5e:
ee:3d:bd:7f:8a:0d:d7:41:90:7d:4b:e4:ce:f8:4f:23:10:c1:
4c:33:c2:6a:44:ed:50:e2:47:38:6d:b6:ff:c9:e1:4b:0f:4e:
78:45:46:2c:30:43:76:81:c7:ba:60:ad:34:0a:2c:db:89:fd:
3e:d4:e8:8a:69:c3:76:90:c4:62:bc:05:10:70:d9:ac:09:0a:
dd:f7:90:73:76:22:3a:fb:8d:c1:3a:a3:22:7f:92:14:70:aa:
55:74:63:29:74:08:ad:5e:d5:96:0c:73:56:b5:d1:68:ae:5e:
45:00:5e:38:6e:ad:eb:e0:2e:85:d9:2d:ca:ce:f5:e3:2c:17:
89:5d:76:98:27:e5:fb:a3:36:05:4c:d1:b9:f4:dc:a3:37:e2:
f9:4f:fb:b9:00:30:0b:fa:34:b6:f4:55:a5:2a:bc:19:96:df:
ff:d0:c3:fa:0a:9b:b7:58:39:56:97:39:ac:ae:ee:67:85:1e:
c3:d5:d4:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECgyqRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzgyMzVkZjUzNTUyNmQ5ZTZkNmFmZjZmYTdhYzUyMjkzYTkyYzcxMB4XDTIyMDIw
MjEwNTI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgxNjYyNzBmMjIw
NTdiNDllNzE4NTM0ZTczNmFlODM5NDI0OTRkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3x67cziW+xOr6hH9EmABkg2V/2wEAVHBHrYp4BMmA3rRWq
n3nsWiRqf677NItngvF4ha4FnC6sXhBmAxOQgOnIOztQsNR0XwilbN9l8vpRwl8M
dsr9ehxvm1SrM0SsLIXhFhqnREX1fpj+7sh0vkS0f5ouCy6ooAr0w2YkJ+T9nBsz
kkP6KmBSHgmbcmhS931VgcqzWEProtxYWk/AKfemArYe5Qzp6j9drC4dGwezdl31
dzg8CpNGS1CS20viR6rvgIBrSVEI3EifzUiA8U6aHyQoFof4mMSVhZAK3fXXyC8m
RXg79ed0Udj/4Y1UInZqHa0Rg9Hg3qE2ztx5HU8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSYFmJw8iBXtJ5xhTTnNq6DlCSU3jAfBgNVHSMEGDAWgBQXgjXfU1Um2ebW
r/b6esUik6kscTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y0STEzMU5WSnRubTFxXzItbnJGSXBPcExIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvYzM4M2JiLWU4MDYtNGE2ZC1hMmU4LWVlNWNhMzZmMWQ5YS8x
L21CWmljUElnVjdTZWNZVTA1emF1ZzVRa2xONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
YzM4M2JiLWU4MDYtNGE2ZC1hMmU4LWVlNWNhMzZmMWQ5YS8xL0Y0STEzMU5WSnRu
bTFxXzItbnJGSXBPcExIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFLWQgMEAVLWTAMEAVLWVDAMAwQC
UtZsAwQDUtZwMA0GCSqGSIb3DQEBCwUAA4IBAQCRKxYP72xtgA/txOYBK/jBetXP
5YiIo6Sq4pGhhPtblo5DAKIMkGTAqm/DnmeDIm0IoOuZgYB0/gxEqz4Tn+mz9gma
TwXVWF7uPb1/ig3XQZB9S+TO+E8jEMFMM8JqRO1Q4kc4bbb/yeFLD054RUYsMEN2
gce6YK00Cizbif0+1OiKacN2kMRivAUQcNmsCQrd95BzdiI6+43BOqMif5IUcKpV
dGMpdAitXtWWDHNWtdForl5FAF44bq3r4C6F2S3KzvXjLBeJXXaYJ+X7ozYFTNG5
9NyjN+L5T/u5ADAL+jS29FWlKrwZlt//0MP6Cpu3WDlWlzmsru5nhR7D1dQD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org