Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/Mu61HMW6XxN5Z7WEbdGg5UsDfaA.roa
File: Mu61HMW6XxN5Z7WEbdGg5UsDfaA.roa (raw, json)
Hash identifier: foAxf95MbDSiG+wETrul16byA8tY1kdwI/mvjqULwcg=
Subject key identifier: 32:EE:B5:1C:C5:BA:5F:13:79:67:B5:84:6D:D1:A0:E5:4B:03:7D:A0
Certificate issuer: /CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Certificate serial: 0EB78649
Authority key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/Mu61HMW6XxN5Z7WEbdGg5UsDfaA.roa
Signing time: Sat 01 Jan 2022 06:54:52 +0000
ROA not before: Sat 01 Jan 2022 06:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25227
IP address blocks: 85.236.0.0/19 maxlen: 24
81.95.137.0/24 maxlen: 24
81.95.134.0/24 maxlen: 24
81.95.140.0/24 maxlen: 24
213.134.192.0/19 maxlen: 24
141.136.112.0/21 maxlen: 24
94.230.0.0/20 maxlen: 24
92.60.80.0/20 maxlen: 24
92.60.80.0/24 maxlen: 24
46.28.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246908489 (0xeb78649)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Validity
Not Before: Jan 1 06:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32eeb51cc5ba5f137967b5846dd1a0e54b037da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bb:ba:1c:7e:53:41:0c:e7:aa:28:07:73:9b:
c3:12:84:96:55:ac:99:d7:73:7c:7c:11:8c:e9:00:
a9:f3:77:48:cf:97:5c:a1:9e:89:fb:1e:f1:a3:12:
69:70:be:52:d3:9d:a9:ff:80:b8:54:1a:b4:68:82:
80:c8:e3:f0:96:24:dd:dd:87:cf:5d:6c:68:b9:cd:
e9:df:c3:65:43:c9:d1:b1:e0:8a:87:ce:ad:29:36:
82:2e:9c:fb:b8:9b:9f:fc:9f:7f:6f:a6:6e:a5:6c:
ad:e5:5f:9b:96:28:40:49:61:6e:99:72:69:99:f9:
9e:31:3a:11:7a:8f:dc:13:78:7a:ac:9f:0b:fd:65:
5c:e5:da:10:47:43:dc:64:d6:1b:72:65:44:1a:e6:
4d:4f:56:22:25:47:d8:b7:09:3e:72:93:be:31:51:
95:d7:82:ed:0a:48:c3:3e:ed:62:38:92:6b:5b:fb:
a5:62:d2:ed:ae:d4:de:88:ab:75:ad:99:3d:15:b8:
fd:0a:48:6e:f0:ef:ff:74:c7:9e:f3:d2:05:be:5f:
2e:0b:8d:1a:d0:b7:2b:29:99:45:fa:c5:40:69:c2:
57:36:9f:16:1c:d3:ca:01:7f:f5:4a:99:35:cb:e7:
3c:42:32:5d:c7:24:9d:0f:aa:12:1d:c3:1e:43:9f:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EE:B5:1C:C5:BA:5F:13:79:67:B5:84:6D:D1:A0:E5:4B:03:7D:A0
X509v3 Authority Key Identifier:
keyid:99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/Mu61HMW6XxN5Z7WEbdGg5UsDfaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.94.0/24
81.95.134.0/24
81.95.137.0/24
81.95.140.0/24
85.236.0.0/19
92.60.80.0/20
94.230.0.0/20
141.136.112.0/21
213.134.192.0/19
Signature Algorithm: sha256WithRSAEncryption
37:e5:7d:6a:85:2b:c6:0e:7b:97:60:88:4a:9f:9d:fa:fd:5e:
c7:37:e8:3d:e9:c7:f6:7c:11:e1:b0:5f:fd:29:0b:7e:1c:86:
87:bf:37:e4:db:05:24:57:e9:4c:18:24:cd:fc:5a:82:59:71:
72:1a:ff:36:95:19:a5:02:b4:76:de:ad:4c:87:9c:b3:ca:36:
54:d9:65:0c:51:56:4e:48:d9:52:96:97:07:29:6b:ca:57:db:
92:9d:6b:02:6c:db:f1:6e:c8:a5:a0:9d:ad:3e:46:be:d1:13:
7e:0f:36:28:95:ff:f0:5d:91:2e:e7:65:7d:b2:00:ca:78:96:
05:8b:2a:18:1a:9e:12:f5:db:f6:8e:84:c1:83:2d:e8:46:75:
0d:ca:8e:09:a9:44:35:0a:93:5f:ac:fa:8d:0f:e8:91:a2:6b:
8a:0e:da:90:ed:8e:42:a3:7e:2a:0c:3a:ea:aa:13:8e:9a:76:
a0:b5:1e:36:de:5c:a9:72:9d:6e:b9:03:95:7a:06:42:04:1c:
53:50:4b:6f:8b:c6:0a:c0:24:00:fd:72:27:c4:ad:12:45:69:
84:ef:82:ca:26:d5:f7:c8:19:9e:a1:3e:09:ab:25:c4:b7:2e:
49:48:3e:1b:e2:ba:7f:a5:c4:1b:a9:b3:73:d7:63:dd:31:50:
cd:2d:ce:20
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEDreGSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTRiN2QzMGMxYzRmNjI0MzE4MmQzZWNkM2QwNTM5ZjQyZmFhY2ZkMB4XDTIyMDEw
MTA2NTQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJlZWI1MWNjNWJh
NWYxMzc5NjdiNTg0NmRkMWEwZTU0YjAzN2RhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOO7uhx+U0EM56ooB3ObwxKEllWsmddzfHwRjOkAqfN3SM+X
XKGeifse8aMSaXC+UtOdqf+AuFQatGiCgMjj8JYk3d2Hz11saLnN6d/DZUPJ0bHg
iofOrSk2gi6c+7ibn/yff2+mbqVsreVfm5YoQElhbplyaZn5njE6EXqP3BN4eqyf
C/1lXOXaEEdD3GTWG3JlRBrmTU9WIiVH2LcJPnKTvjFRldeC7QpIwz7tYjiSa1v7
pWLS7a7U3oirda2ZPRW4/QpIbvDv/3THnvPSBb5fLguNGtC3KymZRfrFQGnCVzaf
FhzTygF/9UqZNcvnPEIyXccknQ+qEh3DHkOfcvUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQy7rUcxbpfE3lntYRt0aDlSwN9oDAfBgNVHSMEGDAWgBSZS30wwcT2JDGC
0+zT0FOfQvqs/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21VdDlNTUhFOWlReGd0UHMwOUJUbjBMNnJQMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNGFiODFlLTQ1YjgtNDFhNS1hYTVlLTU2NDZlZWRkOTliZi8x
L011NjFITVc2WHhONVo3V0ViZEdnNVVzRGZhQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NGFiODFlLTQ1YjgtNDFhNS1hYTVlLTU2NDZlZWRkOTliZi8xL21VdDlNTUhFOWlR
eGd0UHMwOUJUbjBMNnJQMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAC4cXgMEAFFfhgMEAFFfiQMEAFFf
jAMEBVXsAAMEBFw8UAMEBF7mAAMEA42IcAMEBdWGwDANBgkqhkiG9w0BAQsFAAOC
AQEAN+V9aoUrxg57l2CISp+d+v1exzfoPenH9nwR4bBf/SkLfhyGh7835NsFJFfp
TBgkzfxagllxchr/NpUZpQK0dt6tTIecs8o2VNllDFFWTkjZUpaXBylrylfbkp1r
Amzb8W7IpaCdrT5GvtETfg82KJX/8F2RLudlfbIAyniWBYsqGBqeEvXb9o6EwYMt
6EZ1DcqOCalENQqTX6z6jQ/okaJrig7akO2OQqN+Kgw66qoTjpp2oLUeNt5cqXKd
brkDlXoGQgQcU1BLb4vGCsAkAP1yJ8StEkVphO+CyibV98gZnqE+CaslxLcuSUg+
G+K6f6XEG6mzc9dj3TFQzS3OIA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:56 2023 by rpki-client on console-fra.rpki-client.org