Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/meGuB_uq3U2HbTBkMNCrsT4jyQQ.roa
File: meGuB_uq3U2HbTBkMNCrsT4jyQQ.roa (raw, json)
Hash identifier: ++KhZtDyf4oYFKWK/XcwKxxL970Klf+D4dIYglmsZH4=
Subject key identifier: 99:E1:AE:07:FB:AA:DD:4D:87:6D:30:64:30:D0:AB:B1:3E:23:C9:04
Certificate issuer: /CN=33b9f91816dd4d8226a41e3b4c3b09c7bdcc64a9
Certificate serial: 018474EF2EAF2A3E309765D290D4F4E3ED42
Authority key identifier: 33:B9:F9:18:16:DD:4D:82:26:A4:1E:3B:4C:3B:09:C7:BD:CC:64:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/meGuB_uq3U2HbTBkMNCrsT4jyQQ.roa
Signing time: Mon 14 Nov 2022 06:59:02 +0000
ROA not before: Mon 14 Nov 2022 06:59:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39257
IP address blocks: 91.212.106.0/24 maxlen: 24
78.31.200.0/22 maxlen: 22
185.26.200.0/22 maxlen: 22
87.238.184.0/21 maxlen: 21
87.238.190.0/24 maxlen: 24
87.238.187.0/24 maxlen: 24
91.214.127.0/24 maxlen: 24
2a02:8c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:74:ef:2e:af:2a:3e:30:97:65:d2:90:d4:f4:e3:ed:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b9f91816dd4d8226a41e3b4c3b09c7bdcc64a9
Validity
Not Before: Nov 14 06:59:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99e1ae07fbaadd4d876d306430d0abb13e23c904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:13:bf:d3:04:6f:de:ae:9c:c5:cd:90:27:42:
ff:87:5f:58:5d:51:2d:84:42:9b:dd:6e:44:b4:2b:
a2:c1:c8:67:84:47:00:fa:14:32:0e:13:97:cb:31:
aa:6b:cb:47:72:f6:9b:d7:db:ce:e9:0f:97:67:0c:
1c:c1:42:a8:be:35:ab:72:c2:00:df:50:3b:bf:c0:
ce:e2:5d:ce:32:54:1b:5a:dd:14:58:14:5b:98:df:
20:a5:99:75:8e:79:79:d9:ee:57:86:ad:ed:46:a4:
d4:77:67:d9:42:f3:ed:37:c3:11:c7:36:ff:ee:bf:
73:1e:72:bb:37:02:1d:72:40:d5:6a:e1:37:80:9a:
fb:23:b6:18:f6:0f:be:56:15:4a:ae:3a:f5:fe:02:
50:4c:d8:3c:9b:ae:50:22:bb:fb:b5:2a:5f:0b:93:
cf:81:45:9c:98:d4:22:f6:e3:aa:bf:46:3c:e3:33:
70:82:d4:43:bc:05:87:fe:dc:c2:6f:c8:a4:74:e9:
5e:a7:64:13:67:79:75:c8:71:05:aa:2d:60:3d:74:
a2:cb:82:62:84:b2:1d:78:80:59:97:53:fb:39:2f:
95:4a:34:74:a1:27:cc:42:b8:74:9b:06:1a:74:d0:
be:78:87:dc:bc:8f:0a:fb:1c:af:1e:6d:bb:0b:52:
d7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E1:AE:07:FB:AA:DD:4D:87:6D:30:64:30:D0:AB:B1:3E:23:C9:04
X509v3 Authority Key Identifier:
keyid:33:B9:F9:18:16:DD:4D:82:26:A4:1E:3B:4C:3B:09:C7:BD:CC:64:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/meGuB_uq3U2HbTBkMNCrsT4jyQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/M7n5GBbdTYImpB47TDsJx73MZKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.200.0/22
87.238.184.0/21
91.212.106.0/24
91.214.127.0/24
185.26.200.0/22
IPv6:
2a02:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:ae:36:10:6c:12:13:d5:63:12:e7:e5:65:87:be:62:ee:5e:
84:c5:66:54:2d:4b:ec:84:f6:76:0b:16:c5:19:3e:ef:2b:af:
26:4b:ce:50:f8:ea:b1:5a:41:fe:a3:7c:30:01:e8:1d:91:80:
04:a2:d9:f3:2e:fb:5a:e9:46:d8:b1:b9:77:b1:67:64:12:00:
59:57:6d:54:96:fc:5f:a7:25:ff:a8:30:c8:37:0f:57:d9:1f:
0b:f2:76:28:bd:b7:c2:7b:73:39:8a:3b:23:86:d7:4d:59:0e:
db:a8:25:48:14:31:50:00:e6:37:f4:64:f1:5d:05:59:43:80:
15:e0:22:fe:c3:01:2b:d7:f2:de:6e:0b:67:ea:0e:cb:2a:25:
c5:28:41:ae:51:4d:23:e0:24:df:9d:a2:6e:38:3a:05:14:f9:
b3:77:04:e8:d6:e7:b2:6a:82:a4:36:6e:7c:47:2e:18:2b:5a:
a3:c7:eb:90:44:20:0b:66:40:3e:a9:87:bb:f7:60:97:1b:ca:
ab:d1:d5:7d:91:a2:e5:29:be:1b:2b:24:82:8f:b4:3a:60:08:
2c:d9:34:8d:f2:9f:d9:54:51:59:37:4c:51:c3:5c:61:1a:1a:
1a:bd:86:61:4a:b2:73:cd:95:be:ba:0f:ba:fb:c5:1e:d7:2a:
3f:ab:be:2c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYR07y6vKj4wl2XSkNT04+1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjlmOTE4MTZkZDRkODIyNmE0MWUzYjRjM2IwOWM3YmRj
YzY0YTkwHhcNMjIxMTE0MDY1OTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWUxYWUwN2ZiYWFkZDRkODc2ZDMwNjQzMGQwYWJiMTNlMjNjOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxO/0wRv3q6cxc2QJ0L/h19YXVEt
hEKb3W5EtCuiwchnhEcA+hQyDhOXyzGqa8tHcvab19vO6Q+XZwwcwUKovjWrcsIA
31A7v8DO4l3OMlQbWt0UWBRbmN8gpZl1jnl52e5Xhq3tRqTUd2fZQvPtN8MRxzb/
7r9zHnK7NwIdckDVauE3gJr7I7YY9g++VhVKrjr1/gJQTNg8m65QIrv7tSpfC5PP
gUWcmNQi9uOqv0Y84zNwgtRDvAWH/tzCb8ikdOlep2QTZ3l1yHEFqi1gPXSiy4Ji
hLIdeIBZl1P7OS+VSjR0oSfMQrh0mwYadNC+eIfcvI8K+xyvHm27C1LXkQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJnhrgf7qt1Nh20wZDDQq7E+I8kEMB8GA1UdIwQY
MBaAFDO5+RgW3U2CJqQeO0w7Cce9zGSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTduNUdCYmRUWUltcEI0N1REc0p4NzNNWktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi84MTMyZjAtNzAyZS00MDQ0LWI2ZDYt
Y2E4Y2Y2YWNmYWViLzEvbWVHdUJfdXEzVTJIYlRCa01OQ3JzVDRqeVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi84MTMyZjAtNzAyZS00MDQ0LWI2ZDYtY2E4Y2Y2YWNmYWVi
LzEvTTduNUdCYmRUWUltcEI0N1REc0p4NzNNWktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCTh/IAwQD
V+64AwQAW9RqAwQAW9Z/AwQCuRrIMA0EAgACMAcDBQAqAgjAMA0GCSqGSIb3DQEB
CwUAA4IBAQC0rjYQbBIT1WMS5+Vlh75i7l6ExWZULUvshPZ2CxbFGT7vK68mS85Q
+OqxWkH+o3wwAegdkYAEotnzLvta6UbYsbl3sWdkEgBZV21UlvxfpyX/qDDINw9X
2R8L8nYovbfCe3M5ijsjhtdNWQ7bqCVIFDFQAOY39GTxXQVZQ4AV4CL+wwEr1/Le
bgtn6g7LKiXFKEGuUU0j4CTfnaJuODoFFPmzdwTo1ueyaoKkNm58Ry4YK1qjx+uQ
RCALZkA+qYe792CXG8qr0dV9kaLlKb4bKySCj7Q6YAgs2TSN8p/ZVFFZN0xRw1xh
GhoavYZhSrJzzZW+ug+6+8Ue1yo/q74s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:49 2024 by rpki-client on console-ams.rpki-client.org