Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/MCKtEVdOl-oDIuhTkM0QrYhd5-A.roa
File: MCKtEVdOl-oDIuhTkM0QrYhd5-A.roa (raw, json)
Hash identifier: SDWXC3f7cSbHSTk06MaANl8BoI0ugxAQwee9Xyow4vc=
Subject key identifier: 30:22:AD:11:57:4E:97:EA:03:22:E8:53:90:CD:10:AD:88:5D:E7:E0
Certificate issuer: /CN=c4064476c2c47f778474a14816c1e06a40813e5c
Certificate serial: 3657D4B6
Authority key identifier: C4:06:44:76:C2:C4:7F:77:84:74:A1:48:16:C1:E0:6A:40:81:3E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xAZEdsLEf3eEdKFIFsHgakCBPlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/MCKtEVdOl-oDIuhTkM0QrYhd5-A.roa
Signing time: Sat 01 Jan 2022 02:56:40 +0000
ROA not before: Sat 01 Jan 2022 02:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15725
IP address blocks: 185.98.236.0/22 maxlen: 24
217.17.192.0/20 maxlen: 24
2001:4bd8::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911725750 (0x3657d4b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4064476c2c47f778474a14816c1e06a40813e5c
Validity
Not Before: Jan 1 02:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3022ad11574e97ea0322e85390cd10ad885de7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e9:dc:5e:a1:0d:a3:23:77:87:2b:47:61:9c:
a3:42:5d:29:ab:5b:4b:fe:16:20:dd:72:d2:4b:21:
1b:61:d2:f4:6e:21:78:54:18:e8:c1:83:df:99:da:
8e:71:d3:68:df:44:97:ad:2b:8f:4d:7a:a6:23:62:
68:65:8f:fc:9a:d3:0b:a1:eb:15:5e:48:6f:ac:ad:
73:c5:d4:a6:60:e4:78:79:b2:96:2e:98:85:94:53:
d9:a6:a3:e5:74:f4:b4:61:bc:a8:9c:f7:40:82:4f:
d4:c1:32:b8:c3:95:67:24:af:e3:1f:09:a9:e6:81:
fe:51:b4:a7:7b:ff:3b:c3:55:31:f9:37:1e:11:08:
c3:72:09:fc:ef:2a:30:36:61:15:a8:f5:ef:30:60:
f0:9d:66:8e:35:29:6b:0d:47:59:77:a3:ef:69:22:
4b:8a:f3:ea:ff:0b:20:db:2c:09:fa:cc:d8:13:a2:
01:f7:45:51:b6:94:90:9e:e5:a4:fe:d6:5f:36:a2:
13:c7:d7:08:24:de:60:2b:af:dd:e0:bc:54:fa:90:
f8:1f:8b:58:9b:a8:86:df:3a:9d:2c:4b:98:28:23:
3e:e7:f1:6b:3e:d6:34:37:5c:85:51:57:4d:16:66:
9a:db:f3:1a:e1:1e:e7:70:69:66:fe:2f:08:5d:31:
0d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:22:AD:11:57:4E:97:EA:03:22:E8:53:90:CD:10:AD:88:5D:E7:E0
X509v3 Authority Key Identifier:
keyid:C4:06:44:76:C2:C4:7F:77:84:74:A1:48:16:C1:E0:6A:40:81:3E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAZEdsLEf3eEdKFIFsHgakCBPlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/MCKtEVdOl-oDIuhTkM0QrYhd5-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/xAZEdsLEf3eEdKFIFsHgakCBPlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.236.0/22
217.17.192.0/20
IPv6:
2001:4bd8::/29
Signature Algorithm: sha256WithRSAEncryption
4b:3b:44:b1:c1:d1:da:e8:b4:37:4a:7f:17:79:72:23:33:c9:
e3:53:d1:4f:21:43:b1:34:d5:14:c7:ab:f8:f4:af:ab:91:1c:
e5:3c:2a:5e:4f:91:b2:c1:f6:03:8f:bb:96:72:5f:b7:af:fa:
49:7d:11:41:e1:46:1b:b7:b5:86:0e:95:de:a3:11:37:c2:57:
a0:6d:07:1a:61:93:15:f2:7e:72:52:b8:a4:7f:9c:75:83:8f:
ef:37:0b:a1:d3:4b:71:7e:81:d5:79:ba:e7:73:be:4a:e8:e2:
61:08:d4:1a:52:e1:86:dc:fd:b8:01:ec:4e:9d:b0:c1:00:6c:
f0:f6:68:ae:c5:10:3c:9f:54:7f:fe:c7:87:37:40:6b:4e:df:
cc:1a:e5:48:d6:5a:6b:05:46:c5:c9:dd:ab:1d:de:55:e5:9f:
0f:11:80:8e:bc:dd:5e:eb:66:c0:78:77:24:a2:ef:3e:4f:8c:
66:53:42:37:e9:43:ff:40:fd:ea:7e:08:3a:08:f5:d9:0b:a7:
c5:89:63:c1:6d:78:50:8f:60:cf:ea:16:7d:b2:7d:ea:64:16:
30:f6:0d:3d:20:a9:1d:73:4b:b2:a6:e7:a4:af:a8:f8:35:95:
f9:a6:17:03:10:91:a6:17:f7:8c:47:01:ff:01:0d:78:f6:64:
8c:80:5b:59
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENlfUtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDA2NDQ3NmMyYzQ3Zjc3ODQ3NGExNDgxNmMxZTA2YTQwODEzZTVjMB4XDTIyMDEw
MTAyNTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAyMmFkMTE1NzRl
OTdlYTAzMjJlODUzOTBjZDEwYWQ4ODVkZTdlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTp3F6hDaMjd4crR2Gco0JdKatbS/4WIN1y0kshG2HS9G4h
eFQY6MGD35najnHTaN9El60rj016piNiaGWP/JrTC6HrFV5Ib6ytc8XUpmDkeHmy
li6YhZRT2aaj5XT0tGG8qJz3QIJP1MEyuMOVZySv4x8JqeaB/lG0p3v/O8NVMfk3
HhEIw3IJ/O8qMDZhFaj17zBg8J1mjjUpaw1HWXej72kiS4rz6v8LINssCfrM2BOi
AfdFUbaUkJ7lpP7WXzaiE8fXCCTeYCuv3eC8VPqQ+B+LWJuoht86nSxLmCgjPufx
az7WNDdchVFXTRZmmtvzGuEe53BpZv4vCF0xDckCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQwIq0RV06X6gMi6FOQzRCtiF3n4DAfBgNVHSMEGDAWgBTEBkR2wsR/d4R0
oUgWweBqQIE+XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hBWkVkc0xFZjNlRWRLRklGc0hnYWtDQlBsdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvOWE3ZGY3LTE4YmEtNDFmNy04ODBhLTc0Njc3N2UyMWM1Yi8x
L01DS3RFVmRPbC1vREl1aFRrTTBRclloZDUtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
OWE3ZGY3LTE4YmEtNDFmNy04ODBhLTc0Njc3N2UyMWM1Yi8xL3hBWkVkc0xFZjNl
RWRLRklGc0hnYWtDQlBsdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArli7AMEBNkRwDANBAIAAjAHAwUD
IAFL2DANBgkqhkiG9w0BAQsFAAOCAQEASztEscHR2ui0N0p/F3lyIzPJ41PRTyFD
sTTVFMer+PSvq5Ec5TwqXk+RssH2A4+7lnJft6/6SX0RQeFGG7e1hg6V3qMRN8JX
oG0HGmGTFfJ+clK4pH+cdYOP7zcLodNLcX6B1Xm653O+SujiYQjUGlLhhtz9uAHs
Tp2wwQBs8PZorsUQPJ9Uf/7HhzdAa07fzBrlSNZaawVGxcndqx3eVeWfDxGAjrzd
XutmwHh3JKLvPk+MZlNCN+lD/0D96n4IOgj12QunxYljwW14UI9gz+oWfbJ96mQW
MPYNPSCpHXNLsqbnpK+o+DWV+aYXAxCRphf3jEcB/wENePZkjIBbWQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-fra.rpki-client.org