Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/mB5FKE2NfzRnLKNgExa85dw6bmw.roa
File: mB5FKE2NfzRnLKNgExa85dw6bmw.roa (raw, json)
Hash identifier: ZTMOQSv5uBn642s3uUG6YBJTrKEjn87SqCE80Wn748s=
Subject key identifier: 98:1E:45:28:4D:8D:7F:34:67:2C:A3:60:13:16:BC:E5:DC:3A:6E:6C
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018532B47965B5F3F94E0D0D676B38DC2834
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/mB5FKE2NfzRnLKNgExa85dw6bmw.roa
Signing time: Wed 21 Dec 2022 03:22:46 +0000
ROA not before: Wed 21 Dec 2022 03:22:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198156
IP address blocks: 212.7.217.0/24 maxlen: 24
212.7.216.0/22 maxlen: 22
212.7.216.0/24 maxlen: 24
91.106.29.0/24 maxlen: 24
2a01:6e80:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:32:b4:79:65:b5:f3:f9:4e:0d:0d:67:6b:38:dc:28:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Dec 21 03:22:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=981e45284d8d7f34672ca3601316bce5dc3a6e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f5:33:95:12:51:52:ae:3e:6b:0d:73:74:4e:
94:e9:6d:52:45:d4:4a:c1:1c:20:12:6c:2b:b0:ff:
a6:de:bc:74:a4:99:bb:53:33:17:7e:05:b7:99:b8:
07:f2:d8:e3:78:5f:01:7d:1e:a8:68:48:39:bd:9b:
e3:99:6b:1b:ee:7b:cd:11:24:40:34:8e:f4:4a:1d:
94:01:b8:2b:87:dd:15:8f:9f:f1:bd:b1:06:59:ef:
94:14:ee:14:7d:63:6b:67:63:0f:8f:8e:b7:0e:f5:
6a:b3:22:4e:ed:89:5c:5f:22:03:61:ac:93:f1:19:
16:71:4a:e6:68:11:da:64:17:27:a7:bf:46:bf:54:
11:c5:f5:50:3a:84:a5:b3:72:54:5c:e8:29:72:94:
d6:59:ac:57:61:ca:c9:78:c9:1d:ea:e4:98:25:1a:
84:b5:b4:42:f7:81:69:13:7b:00:26:65:b3:e8:16:
8d:85:24:8f:26:4b:cb:e8:f2:fc:f3:cd:32:fb:f9:
6e:0e:cb:90:83:b4:a1:4a:65:82:3e:de:83:d1:3b:
f3:83:8d:14:fd:c5:c6:f4:5f:5a:67:51:d0:37:ef:
1e:4c:b1:dd:33:be:8e:01:22:07:c7:f9:a3:7b:e4:
11:c8:87:b0:54:36:4b:fd:ed:be:59:0b:76:bb:b3:
63:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1E:45:28:4D:8D:7F:34:67:2C:A3:60:13:16:BC:E5:DC:3A:6E:6C
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/mB5FKE2NfzRnLKNgExa85dw6bmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.29.0/24
212.7.216.0/22
IPv6:
2a01:6e80:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
71:12:5f:5b:fd:a2:44:8f:d4:24:83:2e:a3:50:c2:a3:8f:a0:
a4:36:c9:66:87:80:34:cb:e9:03:7b:3c:0e:8c:28:28:48:1f:
95:7d:39:49:40:d0:49:d2:61:76:cb:6a:3f:04:7e:f1:49:d9:
fc:4a:8b:9f:e5:53:42:e6:da:1d:b4:39:77:1e:ec:39:12:64:
9e:db:6b:b6:8e:0e:96:fc:c6:ad:42:73:39:28:3e:3f:30:e6:
02:66:30:88:04:1a:6c:91:53:f1:7c:10:be:eb:45:47:31:47:
40:01:6a:1d:63:a2:ff:cd:5a:72:34:47:43:52:da:e2:3d:0a:
11:72:ba:f7:2f:f1:e3:46:53:3f:e5:5f:87:9b:04:29:ad:5e:
83:90:fd:1b:4d:19:e0:d2:ca:03:14:b9:d6:c2:e3:e2:83:47:
da:f8:fe:3f:c6:c6:4e:47:6d:c4:f5:6f:85:1a:d0:28:24:96:
6c:82:ca:8d:6b:1c:d2:7f:a3:43:a0:e1:06:18:43:68:0c:cf:
ef:0a:c9:57:b3:22:c7:70:6d:a5:6a:2c:90:62:e1:01:77:8b:
30:05:ba:bf:04:8d:5f:67:a7:36:6a:e5:5b:60:22:67:d0:45:
3b:39:96:b8:4e:73:32:c4:d3:29:e7:cb:35:31:dd:bf:f7:15:
2c:77:55:1a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYUytHlltfP5Tg0NZ2s43Cg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjIxMjIxMDMyMjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFlNDUyODRkOGQ3ZjM0NjcyY2EzNjAxMzE2YmNlNWRjM2E2ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/UzlRJRUq4+aw1zdE6U6W1SRdRK
wRwgEmwrsP+m3rx0pJm7UzMXfgW3mbgH8tjjeF8BfR6oaEg5vZvjmWsb7nvNESRA
NI70Sh2UAbgrh90Vj5/xvbEGWe+UFO4UfWNrZ2MPj463DvVqsyJO7YlcXyIDYayT
8RkWcUrmaBHaZBcnp79Gv1QRxfVQOoSls3JUXOgpcpTWWaxXYcrJeMkd6uSYJRqE
tbRC94FpE3sAJmWz6BaNhSSPJkvL6PL8880y+/luDsuQg7ShSmWCPt6D0Tvzg40U
/cXG9F9aZ1HQN+8eTLHdM76OASIHx/mje+QRyIewVDZL/e2+WQt2u7NjXQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJgeRShNjX80ZyyjYBMWvOXcOm5sMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvbUI1RktFMk5melJuTEtOZ0V4YTg1ZHc2Ym13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW2odAwQC
1AfYMA8EAgACMAkDBwAqAW6A//4wDQYJKoZIhvcNAQELBQADggEBAHESX1v9okSP
1CSDLqNQwqOPoKQ2yWaHgDTL6QN7PA6MKChIH5V9OUlA0EnSYXbLaj8EfvFJ2fxK
i5/lU0Lm2h20OXce7DkSZJ7ba7aODpb8xq1CczkoPj8w5gJmMIgEGmyRU/F8EL7r
RUcxR0ABah1jov/NWnI0R0NS2uI9ChFyuvcv8eNGUz/lX4ebBCmtXoOQ/RtNGeDS
ygMUudbC4+KDR9r4/j/Gxk5HbcT1b4Ua0CgklmyCyo1rHNJ/o0Og4QYYQ2gMz+8K
yVezIsdwbaVqLJBi4QF3izAFur8EjV9npzZq5VtgImfQRTs5lrhOczLE0ynnyzUx
3b/3FSx3VRo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org