Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/m2pmlmIwBCpT1vBz-p8MHYdfoJA.roa
File: m2pmlmIwBCpT1vBz-p8MHYdfoJA.roa (raw, json)
Hash identifier: npfeHof2FA6JR/8ejZXK0tuwxshwBJEEtQTZ9G0IXRc=
Subject key identifier: 9B:6A:66:96:62:30:04:2A:53:D6:F0:73:FA:9F:0C:1D:87:5F:A0:90
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 07ED1CB9
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/m2pmlmIwBCpT1vBz-p8MHYdfoJA.roa
Signing time: Sat 01 Jan 2022 03:02:01 +0000
ROA not before: Sat 01 Jan 2022 03:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
91.186.220.0/22 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.212.0/22 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132979897 (0x7ed1cb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 1 03:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b6a66966230042a53d6f073fa9f0c1d875fa090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ff:f6:26:62:34:fe:86:5a:a5:ed:13:cc:ff:
82:2b:32:d2:1d:c1:eb:81:af:2f:dd:bc:15:d3:09:
b7:88:21:dd:03:43:32:c5:e5:2e:f3:c5:0a:c9:29:
0c:bb:e9:7f:2a:20:3e:cf:b5:da:db:07:d3:30:10:
e0:aa:15:f1:7d:c3:54:ee:57:4d:5f:45:f4:c5:29:
8e:89:41:24:88:d0:09:73:b5:55:ee:7d:5a:9e:98:
ae:df:dd:10:04:56:dd:8a:4e:62:6b:3d:5c:ba:e1:
de:6e:70:e5:83:59:b1:d9:65:30:84:29:11:5b:21:
c3:bb:06:cb:5e:ac:b5:00:4b:dd:57:12:b1:73:7e:
c9:93:11:55:0e:d4:d1:bf:4e:1c:de:41:d5:29:7a:
64:e1:c4:18:92:19:e8:c8:db:fa:91:0b:39:e0:1f:
cf:82:33:50:4e:aa:2f:61:05:dc:91:78:54:95:4e:
b5:00:f2:09:08:7f:bb:24:49:f7:8d:ba:9a:91:34:
d9:c8:2d:41:9a:b3:cd:33:07:39:af:00:6a:6c:3a:
c6:ee:8b:5c:2a:ca:70:16:7c:f4:7d:5b:ed:a0:ce:
86:00:5d:c2:e1:5a:0f:a7:59:51:42:41:0a:1f:dd:
01:c8:0a:5a:02:3c:ba:6d:1c:4d:2b:e2:ed:e2:3f:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6A:66:96:62:30:04:2A:53:D6:F0:73:FA:9F:0C:1D:87:5F:A0:90
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/m2pmlmIwBCpT1vBz-p8MHYdfoJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.212.0/22
83.147.232.0/22
83.147.244.0/22
91.186.204.0/22
91.186.216.0/21
94.241.176.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:d6:07:62:99:04:08:2c:69:43:47:0e:a9:33:b8:d9:f2:87:
4c:64:89:f3:78:1b:63:05:1a:49:10:91:19:a2:ca:d3:ac:5d:
88:b7:ce:56:ea:a7:c0:ac:a8:6c:82:72:00:9e:76:b3:01:fa:
91:bf:ea:65:c2:ce:d8:03:8e:27:bc:c2:9c:26:a5:91:43:90:
22:f9:05:ce:49:7c:1b:ca:b7:e1:ff:d1:7e:f9:7e:5e:76:17:
f4:f7:79:5a:3f:49:9c:fd:02:ed:70:6e:59:8c:e9:05:c7:04:
96:d3:29:dd:9f:cd:09:c2:34:4c:93:ef:6b:11:c2:7f:97:57:
86:2b:ae:53:01:c4:97:4d:08:6f:c6:eb:4c:ea:62:a9:9c:13:
a6:03:5f:2a:22:7d:f8:f0:38:f0:60:6c:a2:db:6f:b9:94:0f:
90:26:21:de:e9:f4:c8:34:7e:00:e1:61:9e:13:f2:cc:ff:25:
90:83:73:29:40:2b:54:43:5f:8d:bf:67:16:95:9b:c7:82:a0:
aa:fc:ed:b3:1f:dc:b1:37:f2:ca:b2:78:c1:d1:1d:48:3e:e2:
85:f0:c8:94:52:16:3e:c9:4f:24:e6:89:89:ec:49:e9:c2:1c:
a5:10:0b:56:58:6b:0f:30:6b:f1:0e:d1:a6:43:c6:e7:28:92:
c8:c2:e6:80
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEB+0cuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDEw
MTAzMDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI2YTY2OTY2MjMw
MDQyYTUzZDZmMDczZmE5ZjBjMWQ4NzVmYTA5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALP/9iZiNP6GWqXtE8z/gisy0h3B64GvL928FdMJt4gh3QND
MsXlLvPFCskpDLvpfyogPs+12tsH0zAQ4KoV8X3DVO5XTV9F9MUpjolBJIjQCXO1
Ve59Wp6Yrt/dEARW3YpOYms9XLrh3m5w5YNZsdllMIQpEVshw7sGy16stQBL3VcS
sXN+yZMRVQ7U0b9OHN5B1Sl6ZOHEGJIZ6Mjb+pELOeAfz4IzUE6qL2EF3JF4VJVO
tQDyCQh/uyRJ9426mpE02cgtQZqzzTMHOa8Aamw6xu6LXCrKcBZ89H1b7aDOhgBd
wuFaD6dZUUJBCh/dAcgKWgI8um0cTSvi7eI/lWsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSbamaWYjAEKlPW8HP6nwwdh1+gkDAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L20ycG1sbUl3QkNwVDF2QnotcDhNSFlkZm9KQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAlOT1AMEAlOT6AMEAlOT9AMEAlu6
zAMEA1u62AMEA17xsDANBgkqhkiG9w0BAQsFAAOCAQEADNYHYpkECCxpQ0cOqTO4
2fKHTGSJ83gbYwUaSRCRGaLK06xdiLfOVuqnwKyobIJyAJ52swH6kb/qZcLO2AOO
J7zCnCalkUOQIvkFzkl8G8q34f/Rfvl+XnYX9Pd5Wj9JnP0C7XBuWYzpBccEltMp
3Z/NCcI0TJPvaxHCf5dXhiuuUwHEl00Ib8brTOpiqZwTpgNfKiJ9+PA48GBsottv
uZQPkCYh3un0yDR+AOFhnhPyzP8lkINzKUArVENfjb9nFpWbx4Kgqvztsx/csTfy
yrJ4wdEdSD7ihfDIlFIWPslPJOaJiexJ6cIcpRALVlhrDzBr8Q7RpkPG5yiSyMLm
gA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org