Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/MZ5x8YYQCtZ2fXFJddDy_trVU4w.roa
File: MZ5x8YYQCtZ2fXFJddDy_trVU4w.roa (raw, json)
Hash identifier: 8wHdBYHxEBOrAKOM3yZE5JcipReZQ36Vb6p9VdWyjC0=
Subject key identifier: 31:9E:71:F1:86:10:0A:D6:76:7D:71:49:75:D0:F2:FE:DA:D5:53:8C
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 03424C48
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/MZ5x8YYQCtZ2fXFJddDy_trVU4w.roa
Signing time: Sat 01 Jan 2022 08:01:18 +0000
ROA not before: Sat 01 Jan 2022 08:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54676552 (0x3424c48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: Jan 1 08:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=319e71f186100ad6767d714975d0f2fedad5538c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:3d:4c:37:23:c2:44:e7:a6:2f:a6:41:3b:
b5:ea:b6:a8:05:0c:17:0c:f0:10:e9:42:34:8f:97:
bc:cb:37:4c:9a:e2:6b:43:e2:12:49:07:43:16:d2:
a6:be:21:20:27:55:2d:59:45:f6:a4:ab:7e:c3:48:
3e:44:6a:7d:07:11:03:e0:07:81:58:f7:87:b1:d1:
48:2d:9d:84:01:60:57:6e:97:fb:cb:58:22:64:6d:
e7:19:9e:0b:2f:00:f7:50:02:84:c0:d7:ed:84:a9:
7c:e9:74:99:df:d9:4e:97:42:f1:82:ac:29:fb:91:
b0:3b:49:7d:39:74:b5:a1:db:ef:11:b9:4e:2d:a1:
03:18:f1:44:f9:63:38:8a:7f:4e:33:a9:e7:8c:d5:
61:b7:49:8f:ac:3d:6a:2e:66:0e:71:ef:97:4b:fa:
38:3b:b8:06:4b:87:ed:18:94:73:35:b9:fa:e4:47:
c3:73:21:30:26:91:f4:be:45:5f:e0:6f:dd:d1:8b:
bb:8b:c9:8f:a4:2f:78:43:67:28:75:33:84:78:b3:
fb:21:2a:11:cb:77:5c:04:ae:3a:cf:e0:ff:fd:ea:
74:df:16:7b:a7:f3:fb:4b:48:a2:3a:01:2a:35:37:
e4:c5:db:35:5e:9d:10:a0:37:01:69:2f:a5:bd:5c:
2d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9E:71:F1:86:10:0A:D6:76:7D:71:49:75:D0:F2:FE:DA:D5:53:8C
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/MZ5x8YYQCtZ2fXFJddDy_trVU4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:7b:3d:23:aa:b6:d0:1b:6c:76:8e:c8:2f:76:25:ef:69:2f:
6a:fc:23:24:a1:84:ee:f1:9d:b4:7d:64:5c:9a:9f:35:81:1a:
f5:74:20:ca:ef:fd:72:68:18:b4:4a:e8:ac:9a:9c:f1:7e:21:
be:3d:e0:1c:0e:59:b6:3c:36:10:14:3e:03:de:21:2d:eb:fa:
95:13:79:25:36:9c:68:af:f4:64:04:39:56:f0:67:cb:c2:cb:
f7:d7:d3:f7:fb:e9:7e:8a:34:9d:a8:4e:18:90:ac:f2:d5:0e:
aa:51:da:ad:34:18:3e:54:56:d4:89:ff:ed:2d:cc:6f:69:24:
fe:0c:12:e8:83:65:59:20:f4:48:07:d7:0f:96:b1:43:38:21:
c5:dd:e5:16:f2:f4:81:37:cb:77:5b:eb:84:72:9b:06:87:a2:
14:9f:64:64:91:32:f9:f3:32:05:53:9d:11:31:0a:2c:ef:52:
56:a0:c6:a6:96:65:eb:44:b4:2f:2a:ee:91:f6:c6:c1:2c:61:
c9:82:4e:71:49:6a:ee:8a:eb:ea:d3:89:e6:7f:3c:39:99:89:
de:55:f2:79:2c:c7:77:b3:1f:d2:1c:b8:55:a8:be:aa:2c:fe:
ee:98:cc:c4:ef:d4:b6:6e:85:5a:2f:05:c9:41:c0:20:97:bc:
b1:50:96:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEA0JMSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTQzZGFjOGVhNTU2OTM0MzlkZDFiOGI0ODEyYmE3MTgzNGYxMDMxMB4XDTIyMDEw
MTA4MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE5ZTcxZjE4NjEw
MGFkNjc2N2Q3MTQ5NzVkMGYyZmVkYWQ1NTM4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm9PUw3I8JE56YvpkE7teq2qAUMFwzwEOlCNI+XvMs3TJri
a0PiEkkHQxbSpr4hICdVLVlF9qSrfsNIPkRqfQcRA+AHgVj3h7HRSC2dhAFgV26X
+8tYImRt5xmeCy8A91AChMDX7YSpfOl0md/ZTpdC8YKsKfuRsDtJfTl0taHb7xG5
Ti2hAxjxRPljOIp/TjOp54zVYbdJj6w9ai5mDnHvl0v6ODu4BkuH7RiUczW5+uRH
w3MhMCaR9L5FX+Bv3dGLu4vJj6QveENnKHUzhHiz+yEqEct3XASuOs/g//3qdN8W
e6fz+0tIojoBKjU35MXbNV6dEKA3AWkvpb1cLQMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQxnnHxhhAK1nZ9cUl10PL+2tVTjDAfBgNVHSMEGDAWgBQuQ9rI6lVpNDnd
G4tIErpxg08QMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xrUGF5T3BWYVRRNTNSdUxTQks2Y1lOUEVERS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvODZiYTM2LTc4YjgtNDRiYi05ZmI0LTI2YzdjOTYzYTc2OS8x
L01aNXg4WVlRQ3RaMmZYRkpkZER5X3RyVlU0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ODZiYTM2LTc4YjgtNDRiYi05ZmI0LTI2YzdjOTYzYTc2OS8xL0xrUGF5T3BWYVRR
NTNSdUxTQks2Y1lOUEVERS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFjWKAMEAFjWKgMEALnhxjAPBAIA
AjAJAwcAKgmdAAABMA0GCSqGSIb3DQEBCwUAA4IBAQAmez0jqrbQG2x2jsgvdiXv
aS9q/CMkoYTu8Z20fWRcmp81gRr1dCDK7/1yaBi0SuismpzxfiG+PeAcDlm2PDYQ
FD4D3iEt6/qVE3klNpxor/RkBDlW8GfLwsv319P3++l+ijSdqE4YkKzy1Q6qUdqt
NBg+VFbUif/tLcxvaST+DBLog2VZIPRIB9cPlrFDOCHF3eUW8vSBN8t3W+uEcpsG
h6IUn2RkkTL58zIFU50RMQos71JWoMamlmXrRLQvKu6R9sbBLGHJgk5xSWruiuvq
04nmfzw5mYneVfJ5LMd3sx/SHLhVqL6qLP7umMzE79S2boVaLwXJQcAgl7yxUJYU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org