Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/mdCNMyPRfsoOtOj2vMoG1_8Ncaw.roa
File: mdCNMyPRfsoOtOj2vMoG1_8Ncaw.roa (raw, json)
Hash identifier: 0QO4MYKq8M4s/lGtj5gaEkCIQyKdSN3LjGDbjl4gwzo=
Subject key identifier: 99:D0:8D:33:23:D1:7E:CA:0E:B4:E8:F6:BC:CA:06:D7:FF:0D:71:AC
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 018322627DEC5266AF29158AF569CD26BEEA
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/mdCNMyPRfsoOtOj2vMoG1_8Ncaw.roa
Signing time: Fri 09 Sep 2022 13:13:43 +0000
ROA not before: Fri 09 Sep 2022 13:13:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 217.199.223.0/24 maxlen: 24
217.199.221.0/24 maxlen: 24
217.199.220.0/24 maxlen: 24
193.243.182.0/24 maxlen: 24
78.24.92.0/22 maxlen: 24
185.16.212.0/22 maxlen: 24
37.0.120.0/21 maxlen: 24
89.248.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:62:7d:ec:52:66:af:29:15:8a:f5:69:cd:26:be:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Sep 9 13:13:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99d08d3323d17eca0eb4e8f6bcca06d7ff0d71ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:eb:c3:50:66:f2:a0:b0:b2:c2:10:8a:19:63:
49:96:ec:1d:22:bf:4b:77:a5:57:3d:d8:be:55:f9:
79:bf:f3:89:61:98:29:6b:a0:a6:28:e2:cd:ee:b9:
9f:14:56:ce:5e:54:a2:76:cc:32:ab:2d:04:1b:38:
7c:0e:e2:76:ec:95:fd:fb:6c:74:90:ea:88:be:c9:
14:cb:df:d0:1f:cb:64:5e:ca:a0:d6:49:3b:41:7b:
ca:b3:cc:84:97:16:93:f0:52:ef:25:dc:02:5a:1c:
4e:ab:81:ed:6d:7c:b8:69:c6:77:d6:e9:30:02:d1:
da:98:a3:2f:49:1d:77:f9:7b:a2:b5:9c:62:37:c1:
38:2b:10:05:21:8b:b2:97:75:b7:b8:43:3b:52:07:
32:f7:09:b4:e0:6c:5b:ef:41:23:9a:51:44:68:a6:
db:ef:31:d7:55:b7:bd:0d:4f:b4:73:7e:3b:1e:fe:
7b:3c:a9:40:06:69:bb:bb:a7:97:aa:b1:80:b9:58:
3f:61:6c:70:ae:ab:dc:55:9a:35:23:e7:96:0f:73:
63:ba:3f:a1:44:c7:65:b1:a5:67:48:9c:e6:30:45:
3a:ba:20:fc:ca:07:7e:40:41:58:b3:e6:d2:e8:fa:
37:d0:79:43:a8:13:39:35:e6:65:d0:13:64:60:7f:
49:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D0:8D:33:23:D1:7E:CA:0E:B4:E8:F6:BC:CA:06:D7:FF:0D:71:AC
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/mdCNMyPRfsoOtOj2vMoG1_8Ncaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.120.0/21
78.24.92.0/22
89.248.235.0/24
185.16.212.0/22
193.243.182.0/24
217.199.220.0/23
217.199.223.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c9:85:90:f1:7e:c3:13:46:48:d9:17:f7:a2:d0:55:b8:f8:
23:f7:07:07:d5:a7:a8:73:e5:e9:53:3c:85:cb:83:0b:59:aa:
7f:8a:94:98:74:64:69:5a:04:44:2a:16:32:2d:90:cd:c4:ec:
5b:e4:2f:e9:b2:56:da:7e:62:c6:18:3c:0c:ec:75:9d:4b:fa:
ed:2f:aa:06:99:dd:00:06:32:66:5b:91:04:1c:56:28:8b:2c:
db:67:2f:ef:5d:49:61:29:35:8e:69:ff:eb:04:6c:bc:e7:c1:
b9:4f:da:d8:f2:4a:96:1c:e4:b9:30:77:99:68:1d:e5:4f:9a:
ee:8c:c6:d7:4a:a9:c2:72:34:da:db:99:0b:0d:63:5d:eb:85:
d4:2c:1e:29:2f:eb:c9:d8:07:c6:68:5e:ca:60:a8:f6:19:08:
61:d8:22:73:e6:71:a1:1d:e1:e3:49:01:32:fa:e5:9d:d1:ea:
33:1c:79:99:2d:30:3a:32:60:7f:02:dd:85:92:79:fe:c5:3b:
dc:6d:26:26:d1:06:67:2f:dc:82:7a:62:b2:02:dc:a3:76:c8:
66:0f:6a:05:a0:cd:7d:83:d8:c2:bc:70:7b:46:ca:5a:a6:5b:
ca:8c:c4:fd:26:92:0b:1d:33:56:79:c8:af:25:0f:16:e1:37:
f8:1d:3d:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYMiYn3sUmavKRWK9WnNJr7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjIwOTA5MTMxMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQwOGQzMzIzZDE3ZWNhMGViNGU4ZjZiY2NhMDZkN2ZmMGQ3MWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuvDUGbyoLCywhCKGWNJluwdIr9L
d6VXPdi+Vfl5v/OJYZgpa6CmKOLN7rmfFFbOXlSidswyqy0EGzh8DuJ27JX9+2x0
kOqIvskUy9/QH8tkXsqg1kk7QXvKs8yElxaT8FLvJdwCWhxOq4HtbXy4acZ31ukw
AtHamKMvSR13+XuitZxiN8E4KxAFIYuyl3W3uEM7Ugcy9wm04Gxb70EjmlFEaKbb
7zHXVbe9DU+0c347Hv57PKlABmm7u6eXqrGAuVg/YWxwrqvcVZo1I+eWD3Njuj+h
RMdlsaVnSJzmMEU6uiD8ygd+QEFYs+bS6Po30HlDqBM5NeZl0BNkYH9JMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJnQjTMj0X7KDrTo9rzKBtf/DXGsMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvbWRDTk15UFJmc29PdE9qMnZNb0cxXzhOY2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJQB4AwQC
ThhcAwQAWfjrAwQCuRDUAwQAwfO2AwQB2cfcAwQA2cffMA0GCSqGSIb3DQEBCwUA
A4IBAQBQyYWQ8X7DE0ZI2Rf3otBVuPgj9wcH1aeoc+XpUzyFy4MLWap/ipSYdGRp
WgREKhYyLZDNxOxb5C/pslbafmLGGDwM7HWdS/rtL6oGmd0ABjJmW5EEHFYoiyzb
Zy/vXUlhKTWOaf/rBGy858G5T9rY8kqWHOS5MHeZaB3lT5rujMbXSqnCcjTa25kL
DWNd64XULB4pL+vJ2AfGaF7KYKj2GQhh2CJz5nGhHeHjSQEy+uWd0eozHHmZLTA6
MmB/At2Fknn+xTvcbSYm0QZnL9yCemKyAtyjdshmD2oFoM19g9jCvHB7RspaplvK
jMT9JpILHTNWecivJQ8W4Tf4HT3+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:10 2024 by rpki-client on console-fra.rpki-client.org