Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/MnUT4hzDNnhrLSTwEF77MCrIDUM.roa
File: MnUT4hzDNnhrLSTwEF77MCrIDUM.roa (raw, json)
Hash identifier: zaim0mjJQt2Im971jlh/u4eEjaErVP01KnsbWcw6eoo=
Subject key identifier: 32:75:13:E2:1C:C3:36:78:6B:2D:24:F0:10:5E:FB:30:2A:C8:0D:43
Certificate issuer: /CN=e4a9308742e7eb66506219d829d86185899a1e34
Certificate serial: 1018D2BE
Authority key identifier: E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/MnUT4hzDNnhrLSTwEF77MCrIDUM.roa
Signing time: Sat 01 Jan 2022 00:56:55 +0000
ROA not before: Sat 01 Jan 2022 00:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 31.11.50.0/24 maxlen: 24
31.11.51.0/24 maxlen: 24
31.11.48.0/24 maxlen: 24
31.11.49.0/24 maxlen: 24
31.11.52.0/24 maxlen: 24
31.11.53.0/24 maxlen: 24
31.11.54.0/24 maxlen: 24
31.11.55.0/24 maxlen: 24
80.76.165.0/24 maxlen: 24
80.76.166.0/24 maxlen: 24
80.76.169.0/24 maxlen: 24
80.76.167.0/24 maxlen: 24
80.76.168.0/24 maxlen: 24
212.70.100.0/24 maxlen: 24
212.70.101.0/24 maxlen: 24
212.70.102.0/24 maxlen: 24
212.70.103.0/24 maxlen: 24
212.70.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270062270 (0x1018d2be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9308742e7eb66506219d829d86185899a1e34
Validity
Not Before: Jan 1 00:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=327513e21cc336786b2d24f0105efb302ac80d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c7:46:66:7d:e2:6f:6a:15:95:91:b8:a4:f8:
eb:51:91:6e:f7:fb:be:60:84:eb:1b:01:4d:4a:dc:
30:2a:7a:47:ef:8d:72:9f:1a:89:be:7a:33:4b:94:
ac:99:39:68:e0:69:67:e9:20:bd:65:4f:65:68:bb:
18:44:20:36:b5:70:4d:d2:bb:53:c7:38:8c:76:e3:
db:63:a4:df:7b:d4:9c:ff:c1:fb:92:17:51:f3:ec:
2f:64:78:37:3c:f8:07:dc:bd:65:0a:5b:60:cf:ef:
97:07:68:32:c4:aa:dd:6a:ad:98:cd:18:6b:73:88:
2e:c1:f2:7c:9c:fc:ba:e8:a4:12:1c:3d:69:f1:ca:
3d:b1:74:76:f1:7e:36:64:50:ed:04:cb:4b:a6:ef:
8d:05:9f:51:6f:ac:21:e7:cb:fe:7b:d3:4f:e8:c8:
d7:e7:e2:e2:f8:10:52:b9:bb:3c:e7:5c:db:5a:f4:
ea:d3:76:85:9d:20:66:8b:0f:69:d1:6e:dd:c2:3b:
32:75:79:00:0b:3b:42:de:85:f6:16:73:84:41:f3:
02:64:cb:f5:53:af:17:7b:ec:12:62:c5:b1:88:f5:
0b:91:8a:4e:35:cb:64:c5:85:ee:40:4b:b7:59:5d:
ae:3c:55:47:85:fe:ee:21:64:b3:3e:93:fc:4f:1e:
74:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:75:13:E2:1C:C3:36:78:6B:2D:24:F0:10:5E:FB:30:2A:C8:0D:43
X509v3 Authority Key Identifier:
keyid:E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/MnUT4hzDNnhrLSTwEF77MCrIDUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.48.0/21
80.76.165.0-80.76.169.255
212.70.100.0/22
212.70.121.0/24
Signature Algorithm: sha256WithRSAEncryption
44:63:7a:54:e7:5f:b9:8e:8a:01:93:de:38:de:7a:40:62:f8:
fd:e9:f6:5e:f3:22:ed:21:80:6a:1d:f0:11:b0:cc:37:a4:9c:
de:4d:78:a3:d1:2f:87:fc:3a:59:ab:67:78:bc:4c:d9:03:4a:
01:04:28:79:30:d6:8b:57:68:e4:e7:6e:08:9e:99:0f:9b:ab:
19:85:42:e1:e1:2a:6c:de:70:ef:06:0f:cb:66:d7:3d:2b:e0:
46:06:5f:26:d6:23:e1:05:dd:74:87:f2:3d:ba:ff:af:f7:8f:
d5:b3:fc:c6:6c:0c:32:a2:a2:62:07:75:22:5f:7a:be:78:3c:
23:14:2f:aa:64:82:6a:a9:67:e1:2d:2f:8a:1e:88:d2:5b:18:
ad:3c:46:e5:63:85:ba:70:a1:ef:f4:59:d8:39:41:2a:33:98:
23:7f:5a:21:36:f5:09:f4:1e:31:c4:c5:b2:39:2e:cb:7f:a3:
06:cd:5c:85:a7:f5:58:21:b2:fb:3a:77:ff:a7:11:20:57:a0:
ac:b4:96:f5:72:f9:93:22:88:4c:0e:d1:83:28:3f:e0:74:ee:
b9:3b:87:33:0b:bd:72:b7:55:0a:59:c1:75:6d:33:68:f7:bd:
1d:a2:d3:49:ed:70:10:82:8d:ee:a4:3a:20:2d:0c:80:69:19:
2f:ce:5c:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEEBjSvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NGE5MzA4NzQyZTdlYjY2NTA2MjE5ZDgyOWQ4NjE4NTg5OWExZTM0MB4XDTIyMDEw
MTAwNTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI3NTEzZTIxY2Mz
MzY3ODZiMmQyNGYwMTA1ZWZiMzAyYWM4MGQ0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvHRmZ94m9qFZWRuKT461GRbvf7vmCE6xsBTUrcMCp6R++N
cp8aib56M0uUrJk5aOBpZ+kgvWVPZWi7GEQgNrVwTdK7U8c4jHbj22Ok33vUnP/B
+5IXUfPsL2R4Nzz4B9y9ZQpbYM/vlwdoMsSq3WqtmM0Ya3OILsHyfJz8uuikEhw9
afHKPbF0dvF+NmRQ7QTLS6bvjQWfUW+sIefL/nvTT+jI1+fi4vgQUrm7POdc21r0
6tN2hZ0gZosPadFu3cI7MnV5AAs7Qt6F9hZzhEHzAmTL9VOvF3vsEmLFsYj1C5GK
TjXLZMWF7kBLt1ldrjxVR4X+7iFksz6T/E8edL0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQydRPiHMM2eGstJPAQXvswKsgNQzAfBgNVHSMEGDAWgBTkqTCHQufrZlBi
Gdgp2GGFiZoeNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVLa3doMExuNjJaUVlobllLZGhoaFltYUhqUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvMWM5ZGJiLTA1MmMtNGVlYS1hZGU2LWVjNWI4OGQwMTM4YS8x
L01uVVQ0aHpETm5ockxTVHdFRjc3TUNySURVTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
MWM5ZGJiLTA1MmMtNGVlYS1hZGU2LWVjNWI4OGQwMTM4YS8xLzVLa3doMExuNjJa
UVlobllLZGhoaFltYUhqUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAx8LMDAMAwQAUEylAwQBUEyoAwQC
1EZkAwQA1EZ5MA0GCSqGSIb3DQEBCwUAA4IBAQBEY3pU51+5jooBk9443npAYvj9
6fZe8yLtIYBqHfARsMw3pJzeTXij0S+H/DpZq2d4vEzZA0oBBCh5MNaLV2jk524I
npkPm6sZhULh4Sps3nDvBg/LZtc9K+BGBl8m1iPhBd10h/I9uv+v94/Vs/zGbAwy
oqJiB3UiX3q+eDwjFC+qZIJqqWfhLS+KHojSWxitPEblY4W6cKHv9FnYOUEqM5gj
f1ohNvUJ9B4xxMWyOS7Lf6MGzVyFp/VYIbL7Onf/pxEgV6CstJb1cvmTIohMDtGD
KD/gdO65O4czC71yt1UKWcF1bTNo970dotNJ7XAQgo3upDogLQyAaRkvzlzl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:35 2023 by rpki-client on console-ams.rpki-client.org