Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mMfE_y83MXU6mFUZHjZS6S2N53Y.roa
File: mMfE_y83MXU6mFUZHjZS6S2N53Y.roa (raw, json)
Hash identifier: gOQd99PTaxzPTfLpJz2xu28/p9h32JxNFZKLTpTye4c=
Subject key identifier: 98:C7:C4:FF:2F:37:31:75:3A:98:55:19:1E:36:52:E9:2D:8D:E7:76
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0DD6BF9A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mMfE_y83MXU6mFUZHjZS6S2N53Y.roa
Signing time: Sun 10 Apr 2022 10:59:10 +0000
ROA not before: Sun 10 Apr 2022 10:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206092
IP address blocks: 45.130.83.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232177562 (0xdd6bf9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 10 10:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98c7c4ff2f3731753a9855191e3652e92d8de776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1d:59:34:22:82:2d:80:9d:0e:34:a8:3a:e4:
2e:3e:5a:15:ae:48:27:52:2a:8c:c6:b1:6b:e5:57:
86:0a:28:e4:a9:e5:11:44:71:38:e4:5e:ba:61:03:
90:d0:69:74:14:01:31:83:e8:b9:c5:b6:a5:ae:65:
de:bf:79:57:43:cd:3c:9b:b3:32:d9:fb:49:8b:e5:
06:a9:1d:26:eb:66:27:59:ee:83:04:d7:da:31:5f:
94:c5:6b:15:be:f5:97:f8:e8:c1:59:1d:77:99:6a:
ed:c5:86:7f:68:9c:62:2d:83:65:26:c3:95:61:d6:
1f:5e:73:05:1f:d4:50:42:36:2f:ea:d3:0e:17:ac:
6c:ac:17:c0:c1:43:6a:43:c5:f6:1b:c1:20:62:3b:
e1:b0:78:64:ec:61:55:68:f7:7f:f8:52:58:b5:8f:
a3:40:5e:33:84:15:8f:7c:07:82:2f:5f:4b:d4:95:
01:44:b9:bb:74:fd:5f:65:0d:49:b9:b4:b8:13:c5:
fe:b6:da:fe:9c:6a:6e:17:24:9a:1d:4f:bc:3f:fc:
20:e5:ce:af:5d:cc:04:0d:2f:da:b3:dc:7c:f3:2b:
e5:46:5f:15:b0:e7:c5:3a:8e:ee:90:2d:8f:8f:90:
5e:d5:2b:e0:3d:bc:5d:05:dd:33:9b:06:b6:64:5b:
23:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C7:C4:FF:2F:37:31:75:3A:98:55:19:1E:36:52:E9:2D:8D:E7:76
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mMfE_y83MXU6mFUZHjZS6S2N53Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.81.0/24
45.130.83.0/24
45.135.186.0/23
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
03:6e:21:97:2c:c9:7d:e4:d7:c4:18:5d:01:76:0d:00:cb:d8:
53:37:2b:30:f1:cd:92:d1:25:24:f2:66:3b:a2:61:a1:20:14:
de:50:74:42:3f:ca:98:97:06:3f:bd:8a:cf:ae:dd:0f:c3:11:
bf:f3:91:bc:a5:46:ff:a8:12:fb:c8:df:c9:b3:87:43:cc:1e:
07:1b:45:aa:69:a7:e2:d2:f9:30:cd:58:94:84:f3:e8:d5:a7:
f9:91:d1:96:5a:46:7a:dd:4a:dc:f9:47:59:45:94:49:13:a4:
29:be:94:f6:c3:2d:b0:d3:e6:34:61:49:4d:45:e5:76:d7:e2:
0f:3f:41:6a:87:0a:c7:76:81:0d:7b:f5:3d:24:fe:01:8c:fc:
87:e0:3c:5b:dc:23:41:bf:e9:68:63:db:e0:f2:a3:4b:38:25:
d5:01:c1:58:85:92:0c:cc:a2:22:70:02:ec:42:d3:16:69:c5:
f5:7e:c3:41:e3:2d:f8:2e:1c:b6:89:23:4c:12:45:e7:70:8d:
b1:ba:00:93:13:7f:e6:34:29:3e:6f:f5:0d:77:fa:83:84:1d:
5f:3c:41:2c:b1:32:6c:9b:28:a7:12:35:fb:c2:96:b7:80:14:
de:d5:0b:81:f1:03:20:10:b4:8a:ed:8b:24:4f:a2:97:b8:03:
e0:b7:36:c3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEDda/mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDQx
MDEwNTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThjN2M0ZmYyZjM3
MzE3NTNhOTg1NTE5MWUzNjUyZTkyZDhkZTc3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgdWTQigi2AnQ40qDrkLj5aFa5IJ1IqjMaxa+VXhgoo5Knl
EURxOOReumEDkNBpdBQBMYPoucW2pa5l3r95V0PNPJuzMtn7SYvlBqkdJutmJ1nu
gwTX2jFflMVrFb71l/jowVkdd5lq7cWGf2icYi2DZSbDlWHWH15zBR/UUEI2L+rT
DhesbKwXwMFDakPF9hvBIGI74bB4ZOxhVWj3f/hSWLWPo0BeM4QVj3wHgi9fS9SV
AUS5u3T9X2UNSbm0uBPF/rba/pxqbhckmh1PvD/8IOXOr13MBA0v2rPcfPMr5UZf
FbDnxTqO7pAtj4+QXtUr4D28XQXdM5sGtmRbI7kCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSYx8T/LzcxdTqYVRkeNlLpLY3ndjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L21NZkVfeTgzTVhVNm1GVVpIalpTNlMyTjUzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAC2CUQMEAC2CUwMEAS2HugMEAFkv
DwMEALnARwMEALzUhwMEAMETbQMEAMsaUQMEAMufUTANBgkqhkiG9w0BAQsFAAOC
AQEAA24hlyzJfeTXxBhdAXYNAMvYUzcrMPHNktElJPJmO6JhoSAU3lB0Qj/KmJcG
P72Kz67dD8MRv/ORvKVG/6gS+8jfybOHQ8weBxtFqmmn4tL5MM1YlITz6NWn+ZHR
llpGet1K3PlHWUWUSROkKb6U9sMtsNPmNGFJTUXldtfiDz9BaocKx3aBDXv1PST+
AYz8h+A8W9wjQb/paGPb4PKjSzgl1QHBWIWSDMyiInAC7ELTFmnF9X7DQeMt+C4c
tokjTBJF53CNsboAkxN/5jQpPm/1DXf6g4QdXzxBLLEybJsopxI1+8KWt4AU3tUL
gfEDIBC0iu2LJE+il7gD4Lc2ww==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org