Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MA00kSKZa1n327KddpI-5Ss--CY.roa
File: MA00kSKZa1n327KddpI-5Ss--CY.roa (raw, json)
Hash identifier: kZfV29k0VFl1lYWREmMarf4HjRtCyC/Drqg6GUU4GwA=
Subject key identifier: 30:0D:34:91:22:99:6B:59:F7:DB:B2:9D:76:92:3E:E5:2B:3E:F8:26
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01851F80D6CCA0FD89F5487E8C2AD6CA50CA
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MA00kSKZa1n327KddpI-5Ss--CY.roa
Signing time: Sat 17 Dec 2022 09:53:35 +0000
ROA not before: Sat 17 Dec 2022 09:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5606
IP address blocks: 89.39.6.0/24 maxlen: 24
176.223.114.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
185.248.139.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
188.241.73.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
31.14.21.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:80:d6:cc:a0:fd:89:f5:48:7e:8c:2a:d6:ca:50:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Dec 17 09:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=300d349122996b59f7dbb29d76923ee52b3ef826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:15:03:c9:19:16:2b:d6:40:c0:f9:18:c5:a7:
81:73:bc:de:1a:9d:24:b9:96:69:a6:87:08:3a:36:
82:21:28:d5:5d:59:7c:6b:9c:ab:61:b4:8f:3d:a6:
a8:77:d4:8d:5e:b8:43:3c:62:d8:c8:b9:4e:d6:d1:
f4:72:d7:17:96:12:1b:c4:88:24:64:c4:01:b8:49:
74:2a:e9:24:64:be:07:b4:dc:cd:c9:dc:b6:6b:db:
d2:0e:dc:d1:92:7f:c6:39:77:80:c0:ae:78:49:a9:
f1:7a:12:bb:9d:54:32:a2:f2:b6:d2:49:a3:4d:30:
86:80:c2:f3:ad:e3:a8:49:5b:21:aa:75:37:18:69:
ba:f3:9e:12:01:14:fc:c6:3c:dc:ec:58:96:29:de:
2b:ed:f6:83:65:1e:7f:db:74:20:f7:45:a6:99:48:
ad:40:80:5f:65:84:90:5f:da:a1:60:6a:5d:06:70:
60:92:de:db:28:41:5d:15:ee:c3:e2:be:07:57:cd:
6c:ae:c8:9f:4f:fb:40:0d:d9:c0:45:3f:87:a3:fc:
fa:de:5c:37:ed:31:b3:56:eb:59:e7:46:1a:0a:95:
01:02:3b:b3:16:7c:aa:02:0d:44:4a:2d:25:dd:6e:
d6:ae:04:14:b9:34:9c:12:cb:e5:47:6b:35:e4:9d:
02:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0D:34:91:22:99:6B:59:F7:DB:B2:9D:76:92:3E:E5:2B:3E:F8:26
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MA00kSKZa1n327KddpI-5Ss--CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.39.6.0/24
92.114.2.0/23
93.174.160.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
185.248.139.0/24
188.240.0.0/24
188.241.73.0-188.241.75.255
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
56:9d:8a:0d:70:2d:bf:f3:e4:cb:1f:ed:b7:a0:e6:e7:a5:4c:
b1:02:dd:bc:04:9c:7d:a8:e1:7f:22:3c:2a:78:ea:97:99:ef:
22:42:f1:f1:f3:12:e2:6c:d3:65:3a:88:a1:0e:4c:49:71:55:
d9:2d:6f:8f:be:7e:4d:77:2f:c2:a1:60:1e:4b:f7:14:06:c6:
ac:2f:37:80:ec:0b:4b:56:e7:31:f9:af:2c:a5:88:69:5f:2a:
09:63:a0:9d:10:be:77:94:2f:8b:24:94:21:d7:ea:08:a5:07:
f6:cd:d6:80:02:dd:5a:47:82:c1:99:61:e7:54:b2:34:58:3a:
e6:02:02:f8:e1:dd:4f:75:6a:ae:dd:6d:5c:dd:76:d5:ea:c8:
07:64:5e:8d:56:df:14:03:25:ff:79:05:b4:54:78:cc:21:87:
ef:d2:46:f1:d6:f1:17:10:f7:fd:b2:38:a0:fb:a3:bc:de:1d:
69:c3:df:a8:a5:8a:f7:72:fb:f7:59:5e:87:73:6a:7b:2a:3c:
f9:f0:f8:32:36:ce:23:fc:ed:01:25:66:fd:1c:8f:ec:3a:1a:
0e:c0:3c:34:56:a9:83:d4:4e:cc:61:c7:ff:73:ab:69:4c:ed:
55:cc:7f:8b:0c:db:a9:cb:52:89:be:95:86:48:c5:c6:d0:f2:
0e:1d:74:db
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYUfgNbMoP2J9Uh+jCrWylDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjIxMjE3MDk1MzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBkMzQ5MTIyOTk2YjU5ZjdkYmIyOWQ3NjkyM2VlNTJiM2VmODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRUDyRkWK9ZAwPkYxaeBc7zeGp0k
uZZppocIOjaCISjVXVl8a5yrYbSPPaaod9SNXrhDPGLYyLlO1tH0ctcXlhIbxIgk
ZMQBuEl0KukkZL4HtNzNydy2a9vSDtzRkn/GOXeAwK54SanxehK7nVQyovK20kmj
TTCGgMLzreOoSVshqnU3GGm6854SART8xjzc7FiWKd4r7faDZR5/23Qg90WmmUit
QIBfZYSQX9qhYGpdBnBgkt7bKEFdFe7D4r4HV81srsifT/tADdnART+Ho/z63lw3
7TGzVutZ50YaCpUBAjuzFnyqAg1ESi0l3W7WrgQUuTScEsvlR2s15J0CVwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFDANNJEimWtZ99uynXaSPuUrPvgmMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvTUEwMGtTS1phMW4zMjdLZGRwSS01U3MtLUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAfDhUD
BAAtDu4DBAAtQyQDBAEtQyYDBAEtUhwDBABU9xcDBABZJwYDBAFccgIDBABdrqAD
BABdrqcDBACw33IwDAMEA7ncuAMEALncugMEALn4iwMEALzwADAMAwQAvPFJAwQC
vPFIAwQAwRCQAwQBwcg+MA0GCSqGSIb3DQEBCwUAA4IBAQBWnYoNcC2/8+TLH+23
oObnpUyxAt28BJx9qOF/IjwqeOqXme8iQvHx8xLibNNlOoihDkxJcVXZLW+Pvn5N
dy/CoWAeS/cUBsasLzeA7AtLVucx+a8spYhpXyoJY6CdEL53lC+LJJQh1+oIpQf2
zdaAAt1aR4LBmWHnVLI0WDrmAgL44d1PdWqu3W1c3XbV6sgHZF6NVt8UAyX/eQW0
VHjMIYfv0kbx1vEXEPf9sjig+6O83h1pw9+opYr3cvv3WV6Hc2p7Kjz58PgyNs4j
/O0BJWb9HI/sOhoOwDw0VqmD1E7MYcf/c6tpTO1VzH+LDNupy1KJvpWGSMXG0PIO
HXTb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-ams.rpki-client.org