Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/RMMRPKeWPqXWmlLRFDSED3GyC80.roa
File: RMMRPKeWPqXWmlLRFDSED3GyC80.roa (raw, json)
Hash identifier: LqFRNUew6Bcax+QpNqm1txNEv8lIlElG2bts/O8npQQ=
Subject key identifier: 44:C3:11:3C:A7:96:3E:A5:D6:9A:52:D1:14:34:84:0F:71:B2:0B:CD
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 03749DD6
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/RMMRPKeWPqXWmlLRFDSED3GyC80.roa
Signing time: Mon 23 May 2022 16:37:30 +0000
ROA not before: Mon 23 May 2022 16:37:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60609
IP address blocks: 185.37.212.0/24 maxlen: 24
185.37.213.0/24 maxlen: 24
185.158.170.0/23 maxlen: 23
185.158.171.0/24 maxlen: 24
185.158.168.0/23 maxlen: 23
185.37.215.0/24 maxlen: 24
185.77.159.0/24 maxlen: 24
185.86.11.0/24 maxlen: 24
185.77.156.0/24 maxlen: 24
185.77.157.0/24 maxlen: 24
185.77.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57974230 (0x3749dd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: May 23 16:37:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44c3113ca7963ea5d69a52d11434840f71b20bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:57:7c:7f:bf:f2:8b:a9:7d:cb:c8:4b:1d:c1:
07:a9:8d:46:5f:fe:f6:2a:81:57:f0:e0:d0:bb:22:
f8:ae:76:ec:22:af:34:90:79:3d:f6:85:0e:27:50:
4d:81:17:60:52:bc:41:40:08:1c:61:0d:ed:c1:b5:
5e:e1:20:69:db:d8:c3:55:02:79:25:d8:60:4a:16:
42:1d:9d:cb:38:63:54:73:38:2d:74:09:76:d4:8e:
20:b8:4c:91:88:f1:f0:c3:e8:60:b4:0b:b4:47:c8:
6e:a0:d1:53:c2:0a:86:f9:1b:ef:d0:cf:38:11:e1:
c8:64:8d:65:36:10:b9:51:09:c8:e5:bb:c0:5d:c1:
f2:e8:8b:80:53:d9:8d:df:eb:72:16:77:3a:6a:9e:
d0:ff:78:a3:26:ef:9c:7a:1c:15:07:12:2b:ee:dd:
65:04:f3:87:e9:b9:98:09:64:76:f0:52:f2:32:37:
7f:e9:ee:51:6c:39:52:a3:01:b1:6a:eb:0b:e3:3f:
e5:84:ab:57:5d:6b:e5:aa:5c:7f:4d:87:31:83:92:
35:90:fb:76:11:21:71:79:f1:5c:ce:f5:81:92:54:
7b:ce:a7:05:8e:53:1d:c5:d1:7b:20:5c:41:d1:e0:
b7:0f:e4:cb:f7:8b:cd:16:6a:9a:0c:75:b0:56:08:
7c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C3:11:3C:A7:96:3E:A5:D6:9A:52:D1:14:34:84:0F:71:B2:0B:CD
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/RMMRPKeWPqXWmlLRFDSED3GyC80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.212.0/23
185.37.215.0/24
185.77.156.0/22
185.86.11.0/24
185.158.168.0/22
Signature Algorithm: sha256WithRSAEncryption
82:d3:3f:0e:86:1f:8e:62:62:ad:a1:97:fe:59:1e:48:f8:aa:
18:29:a0:cd:02:17:55:b4:7d:4a:b0:eb:02:67:54:3c:60:9a:
b8:cb:7d:e7:2d:3b:fd:c9:28:13:79:b2:9a:5f:dd:dd:e4:ed:
2a:d1:97:c5:79:d8:34:e8:65:72:7f:d5:e6:e1:cf:fb:7a:c6:
55:50:e7:e7:4a:a5:b0:09:f3:e6:bf:3c:26:b2:c1:39:06:39:
60:9a:eb:f5:86:52:76:1d:42:e2:9e:d4:18:d5:2d:20:5c:5f:
bd:66:9a:1e:a1:cd:67:a7:77:31:5f:32:d3:79:14:74:8a:ef:
92:f9:55:c4:90:ed:c8:77:c2:29:2a:d5:df:e5:bb:04:f0:31:
91:b2:4c:5a:9a:d9:98:66:60:05:48:0f:7b:3b:cb:32:a3:df:
bc:50:84:3e:2d:da:f8:84:2f:d7:21:82:22:28:dc:f4:f3:11:
c0:7e:58:bc:f0:ff:39:86:98:63:aa:a6:a6:b9:8f:73:88:f2:
db:89:a4:5c:c8:b7:6d:f7:71:02:db:d0:9c:df:41:8d:a8:62:
b5:66:f8:c9:58:0f:2c:71:c1:0d:7b:fb:85:ce:a2:2f:24:e7:
a2:b1:18:6c:38:f8:f2:d7:75:b2:ae:25:d2:c2:11:d0:5b:99:
3a:4a:72:de
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA3Sd1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Mzc4NjJiNDYwOGM3OWY0NTAyOTVlYzVjODBjN2M3YWQ2ZGZlMmEyMB4XDTIyMDUy
MzE2MzczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRjMzExM2NhNzk2
M2VhNWQ2OWE1MmQxMTQzNDg0MGY3MWIyMGJjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNXfH+/8oupfcvISx3BB6mNRl/+9iqBV/Dg0Lsi+K527CKv
NJB5PfaFDidQTYEXYFK8QUAIHGEN7cG1XuEgadvYw1UCeSXYYEoWQh2dyzhjVHM4
LXQJdtSOILhMkYjx8MPoYLQLtEfIbqDRU8IKhvkb79DPOBHhyGSNZTYQuVEJyOW7
wF3B8uiLgFPZjd/rchZ3Omqe0P94oybvnHocFQcSK+7dZQTzh+m5mAlkdvBS8jI3
f+nuUWw5UqMBsWrrC+M/5YSrV11r5apcf02HMYOSNZD7dhEhcXnxXM71gZJUe86n
BY5THcXReyBcQdHgtw/ky/eLzRZqmgx1sFYIfF8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBREwxE8p5Y+pdaaUtEUNIQPcbILzTAfBgNVHSMEGDAWgBQDeGK0YIx59FAp
XsXIDHx61t/iojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0EzaGl0R0NNZWZSUUtWN0Z5QXg4ZXRiZjRxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvMWFmZTUzLWYxYjgtNDMxNS1hYjFjLWY0NzRmN2JkMzUzMS8x
L1JNTVJQS2VXUHFYV21sTFJGRFNFRDNHeUM4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
MWFmZTUzLWYxYjgtNDMxNS1hYjFjLWY0NzRmN2JkMzUzMS8xL0EzaGl0R0NNZWZS
UUtWN0Z5QXg4ZXRiZjRxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAbkl1AMEALkl1wMEArlNnAMEALlW
CwMEArmeqDANBgkqhkiG9w0BAQsFAAOCAQEAgtM/DoYfjmJiraGX/lkeSPiqGCmg
zQIXVbR9SrDrAmdUPGCauMt95y07/ckoE3myml/d3eTtKtGXxXnYNOhlcn/V5uHP
+3rGVVDn50qlsAnz5r88JrLBOQY5YJrr9YZSdh1C4p7UGNUtIFxfvWaaHqHNZ6d3
MV8y03kUdIrvkvlVxJDtyHfCKSrV3+W7BPAxkbJMWprZmGZgBUgPezvLMqPfvFCE
Pi3a+IQv1yGCIijc9PMRwH5YvPD/OYaYY6qmprmPc4jy24mkXMi3bfdxAtvQnN9B
jahitWb4yVgPLHHBDXv7hc6iLyTnorEYbDj48td1sq4l0sIR0FuZOkpy3g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:47 2023 by rpki-client on console-fra.rpki-client.org