Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mVIIOdL7ChJA2LF9X3kfuZPONb8.roa
File: mVIIOdL7ChJA2LF9X3kfuZPONb8.roa (raw, json)
Hash identifier: 9ewHD09mlNM/kQuK9TctKrteGJhwiYQ7oe2zPYuKpq4=
Subject key identifier: 99:52:08:39:D2:FB:0A:12:40:D8:B1:7D:5F:79:1F:B9:93:CE:35:BF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CB4359F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mVIIOdL7ChJA2LF9X3kfuZPONb8.roa
Signing time: Sat 01 Jan 2022 05:04:57 +0000
ROA not before: Sat 01 Jan 2022 05:04:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 185.192.70.0/24 maxlen: 24
89.40.92.0/24 maxlen: 24
194.32.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213136799 (0xcb4359f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99520839d2fb0a1240d8b17d5f791fb993ce35bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dc:df:a4:4e:0b:1b:a0:98:c9:ab:63:8a:27:
89:f3:83:5f:e0:78:c5:8a:49:69:34:00:38:09:02:
4d:79:e7:ea:bf:d9:5c:f0:4e:1c:8e:b7:39:d4:ba:
05:b3:a2:7c:56:a7:d0:b8:d8:9d:c5:1b:52:aa:8b:
2c:32:fa:b8:d3:25:cf:33:58:45:ba:06:7a:07:66:
38:88:91:33:65:93:c8:71:6d:20:6e:89:75:9a:2c:
26:ef:26:e7:70:70:4a:1e:b6:32:54:ab:e6:bd:0f:
d1:8d:c8:4e:a7:3e:1d:20:21:7a:4d:50:fb:7d:01:
90:74:ad:53:56:25:10:89:61:1b:82:b0:aa:e7:65:
b2:0e:53:62:ea:0f:0d:83:56:1c:b5:8e:d9:5b:ce:
17:1d:f3:10:52:7c:45:cf:a8:38:3e:16:a2:7a:95:
19:28:cf:7a:b0:1a:92:ec:1a:87:d2:2b:91:56:8f:
70:1e:f0:02:cc:73:9a:58:93:43:b5:bd:10:fc:c5:
94:16:b9:28:2a:f5:66:3e:e9:2f:42:c3:6d:49:06:
6e:af:d2:a5:e1:bc:73:f1:0a:c5:a4:5b:1d:9c:e7:
ae:48:1a:d4:87:52:71:9c:b2:46:53:92:3e:b3:d6:
78:0b:8e:28:94:aa:f0:40:c4:b9:ac:74:5f:e5:d4:
1a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:52:08:39:D2:FB:0A:12:40:D8:B1:7D:5F:79:1F:B9:93:CE:35:BF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mVIIOdL7ChJA2LF9X3kfuZPONb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.92.0/24
185.192.70.0/24
194.32.120.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b3:5e:ab:b5:6f:63:c8:6e:67:db:a2:30:2d:0f:3e:98:09:
69:a1:15:f7:9f:bf:eb:8c:53:db:e4:ed:ca:67:ad:ec:84:fc:
b1:4a:28:59:3f:32:bd:0a:96:35:31:47:ea:41:6d:4c:7d:dc:
97:65:3c:6c:44:98:da:9e:07:23:1a:b4:5e:43:c2:f5:6b:e2:
01:8e:8e:3d:fa:e5:b4:2f:b2:87:2a:1d:16:bb:02:e2:ce:77:
31:72:f8:41:51:c3:90:25:e9:17:20:c0:9a:fa:bf:38:29:b8:
f8:0f:6f:54:bd:d8:a2:2c:ef:bd:45:14:d8:75:2f:df:d2:34:
11:71:67:6a:d4:53:c3:e0:aa:97:f1:71:d9:95:fb:c8:00:0e:
61:30:e3:25:ab:1d:69:e2:61:1f:9c:38:21:c3:6a:7d:70:76:
0a:04:11:66:cb:21:c8:1c:d7:a4:7b:63:70:f4:00:4b:50:a4:
77:15:00:0c:41:f9:47:f7:07:73:00:4b:f4:4a:8f:71:5e:9f:
fe:96:0b:2a:f3:0d:42:c6:f0:e3:20:1e:09:e6:8e:bd:6f:ec:
e9:e6:05:b8:a4:8f:9b:c1:a7:ca:fc:1e:6c:b7:83:3f:8a:9b:
a2:7c:51:3c:50:f0:d9:f4:8a:7f:78:95:bb:7a:35:b3:7c:f6:
49:fa:d5:45
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDLQ1nzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk1MjA4MzlkMmZi
MGExMjQwZDhiMTdkNWY3OTFmYjk5M2NlMzViZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLc36ROCxugmMmrY4onifODX+B4xYpJaTQAOAkCTXnn6r/Z
XPBOHI63OdS6BbOifFan0LjYncUbUqqLLDL6uNMlzzNYRboGegdmOIiRM2WTyHFt
IG6JdZosJu8m53BwSh62MlSr5r0P0Y3ITqc+HSAhek1Q+30BkHStU1YlEIlhG4Kw
qudlsg5TYuoPDYNWHLWO2VvOFx3zEFJ8Rc+oOD4WonqVGSjPerAakuwah9IrkVaP
cB7wAsxzmliTQ7W9EPzFlBa5KCr1Zj7pL0LDbUkGbq/SpeG8c/EKxaRbHZznrkga
1IdScZyyRlOSPrPWeAuOKJSq8EDEuax0X+XUGjcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSZUgg50vsKEkDYsX1feR+5k841vzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L21WSUlPZEw3Q2hKQTJMRjlYM2tmdVpQT05iOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFkoXAMEALnARgMEAMIgeDANBgkq
hkiG9w0BAQsFAAOCAQEAVLNeq7VvY8huZ9uiMC0PPpgJaaEV95+/64xT2+Ttymet
7IT8sUooWT8yvQqWNTFH6kFtTH3cl2U8bESY2p4HIxq0XkPC9WviAY6OPfrltC+y
hyodFrsC4s53MXL4QVHDkCXpFyDAmvq/OCm4+A9vVL3YoizvvUUU2HUv39I0EXFn
atRTw+Cql/Fx2ZX7yAAOYTDjJasdaeJhH5w4IcNqfXB2CgQRZsshyBzXpHtjcPQA
S1CkdxUADEH5R/cHcwBL9EqPcV6f/pYLKvMNQsbw4yAeCeaOvW/s6eYFuKSPm8Gn
yvwebLeDP4qbonxRPFDw2fSKf3iVu3o1s3z2SfrVRQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org