Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/MWcsz2JR5ltOayJyPF0Q9cHotYk.roa
File: MWcsz2JR5ltOayJyPF0Q9cHotYk.roa (raw, json)
Hash identifier: xilXvteJSEiw8Eo9n8nxrY0K6XCiH8CfLpADFMICMMY=
Subject key identifier: 31:67:2C:CF:62:51:E6:5B:4E:6B:22:72:3C:5D:10:F5:C1:E8:B5:89
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0184C788CB1EADF82F150DD656F4A3A41536
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/MWcsz2JR5ltOayJyPF0Q9cHotYk.roa
Signing time: Wed 30 Nov 2022 07:55:41 +0000
ROA not before: Wed 30 Nov 2022 07:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 31.129.21.0/24 maxlen: 24
31.129.30.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
77.83.117.0/24 maxlen: 24
194.28.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:88:cb:1e:ad:f8:2f:15:0d:d6:56:f4:a3:a4:15:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Nov 30 07:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31672ccf6251e65b4e6b22723c5d10f5c1e8b589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:b7:e1:aa:e4:bd:d5:16:cf:10:a9:30:ba:
1c:4c:4b:5d:54:15:b2:c7:5d:bf:97:43:16:ad:2d:
fc:e3:11:1c:0b:4e:40:21:8a:18:8f:81:7a:9e:58:
26:4c:d1:15:3d:25:f7:a3:06:1e:fb:b7:c8:2d:4d:
94:10:5c:a8:c5:69:f5:40:76:c5:82:76:5f:6f:1f:
d6:36:d5:91:c5:6c:90:72:47:c2:b6:3b:b3:65:f3:
19:43:bd:d9:06:3c:81:1e:dc:30:e5:55:33:a4:9f:
87:9f:d9:d3:45:95:12:6b:c6:93:0a:4a:58:10:69:
63:8b:ac:b6:91:fd:a2:29:e0:e1:ae:46:a5:2e:4d:
b1:60:cb:0f:06:82:92:3b:b2:9f:c3:e0:14:d4:2a:
c9:99:70:9d:d9:fd:48:7a:3b:ef:dd:7f:fa:c0:e4:
16:1d:fa:49:f8:d6:fe:d1:f1:1e:62:32:8f:34:2e:
77:3f:ed:a6:be:35:5f:f4:32:be:10:a1:01:34:e6:
10:c3:55:12:9d:1c:61:75:50:0d:40:89:81:55:66:
50:12:54:63:0a:5d:ea:66:2d:1d:94:4b:db:b2:20:
8a:67:3a:51:d9:f9:86:2b:a8:7a:f3:1b:71:06:bc:
d9:35:b2:25:f6:58:a3:8a:91:4d:6f:ce:1d:f8:63:
f4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:67:2C:CF:62:51:E6:5B:4E:6B:22:72:3C:5D:10:F5:C1:E8:B5:89
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/MWcsz2JR5ltOayJyPF0Q9cHotYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.21.0/24
31.129.30.0/24
45.8.99.0/24
77.83.116.0/23
194.28.193.0/24
Signature Algorithm: sha256WithRSAEncryption
87:46:b5:de:10:97:2b:13:76:f9:86:1e:d9:17:76:65:99:ae:
e2:3f:91:13:33:20:d0:6a:92:e1:80:8f:85:22:9c:42:02:5f:
79:59:e9:57:e3:46:6f:da:dd:b0:e6:7f:7e:90:5a:55:7d:7b:
5d:30:fd:6f:95:dc:ef:14:dd:0f:42:b5:25:3a:91:16:6e:f9:
b1:07:fe:02:75:60:46:87:a6:cf:11:ca:35:6a:b4:74:3c:f3:
4e:1a:f6:40:5d:c4:4f:c0:93:f4:8f:11:c3:1a:bf:52:2b:40:
0d:ae:93:9d:27:23:27:f6:7c:67:ec:d5:ed:29:75:f8:5a:f1:
17:5d:de:10:08:d8:64:12:60:c6:a5:94:0a:8d:fd:75:23:97:
e4:b7:c0:cb:f4:f5:31:34:01:ef:d1:a2:2b:58:4b:c1:4b:82:
2e:cb:eb:b2:ca:a2:80:5e:6e:8d:43:fe:e4:9b:02:f2:88:75:
4a:34:cc:bf:2b:a9:68:1f:59:aa:2a:3b:ea:09:e1:f7:68:20:
c7:0e:88:d7:da:3f:96:4f:a0:2a:3c:af:fb:46:b6:c7:36:ba:
cd:fc:ea:66:e6:5d:f2:8c:7e:49:12:52:2f:b2:56:e2:e0:02:
87:00:70:36:f9:b7:82:08:9a:6d:8c:b7:ce:09:db:ed:dc:7f:
68:71:4b:e4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTHiMserfgvFQ3WVvSjpBU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMTMwMDc1NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY3MmNjZjYyNTFlNjViNGU2YjIyNzIzYzVkMTBmNWMxZThiNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmO34arkvdUWzxCpMLocTEtdVBWy
x12/l0MWrS384xEcC05AIYoYj4F6nlgmTNEVPSX3owYe+7fILU2UEFyoxWn1QHbF
gnZfbx/WNtWRxWyQckfCtjuzZfMZQ73ZBjyBHtww5VUzpJ+Hn9nTRZUSa8aTCkpY
EGlji6y2kf2iKeDhrkalLk2xYMsPBoKSO7Kfw+AU1CrJmXCd2f1Iejvv3X/6wOQW
HfpJ+Nb+0fEeYjKPNC53P+2mvjVf9DK+EKEBNOYQw1USnRxhdVANQImBVWZQElRj
Cl3qZi0dlEvbsiCKZzpR2fmGK6h68xtxBrzZNbIl9lijipFNb84d+GP0zQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDFnLM9iUeZbTmsicjxdEPXB6LWJMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTVdjc3oySlI1bHRPYXlKeVBGMFE5Y0hvdFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH4EVAwQA
H4EeAwQALQhjAwQBTVN0AwQAwhzBMA0GCSqGSIb3DQEBCwUAA4IBAQCHRrXeEJcr
E3b5hh7ZF3Zlma7iP5ETMyDQapLhgI+FIpxCAl95WelX40Zv2t2w5n9+kFpVfXtd
MP1vldzvFN0PQrUlOpEWbvmxB/4CdWBGh6bPEco1arR0PPNOGvZAXcRPwJP0jxHD
Gr9SK0ANrpOdJyMn9nxn7NXtKXX4WvEXXd4QCNhkEmDGpZQKjf11I5fkt8DL9PUx
NAHv0aIrWEvBS4Iuy+uyyqKAXm6NQ/7kmwLyiHVKNMy/K6loH1mqKjvqCeH3aCDH
DojX2j+WT6AqPK/7RrbHNrrN/Opm5l3yjH5JElIvslbi4AKHAHA2+beCCJptjLfO
Cdvt3H9ocUvk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org