Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/mPhrh8_fLNgnOfVLlhHrikrwO54.roa
File: mPhrh8_fLNgnOfVLlhHrikrwO54.roa (raw, json)
Hash identifier: SXfaIWhnla3lJZMoOTNyYkzwbkLyvMRzFypPb4nPUgQ=
Subject key identifier: 98:F8:6B:87:CF:DF:2C:D8:27:39:F5:4B:96:11:EB:8A:4A:F0:3B:9E
Certificate issuer: /CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Certificate serial: 1BABFA39
Authority key identifier: 2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/mPhrh8_fLNgnOfVLlhHrikrwO54.roa
Signing time: Sat 01 Jan 2022 03:52:49 +0000
ROA not before: Sat 01 Jan 2022 03:52:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29425
IP address blocks: 195.149.105.0/24 maxlen: 24
46.255.136.0/21 maxlen: 21
46.255.142.0/24 maxlen: 24
2a00:95a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464255545 (0x1babfa39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Validity
Not Before: Jan 1 03:52:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98f86b87cfdf2cd82739f54b9611eb8a4af03b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:de:dd:3e:ee:0d:9b:44:ee:d3:86:63:5d:
74:e3:19:00:47:fa:87:01:40:5f:20:f0:f6:37:da:
48:39:2e:43:35:4c:62:b0:0e:ed:bc:93:9e:b2:c0:
b6:fd:f6:60:1a:c8:c3:15:00:11:bb:1c:a4:7e:48:
c5:42:50:41:2f:4b:f0:94:23:72:22:7a:58:9f:cc:
6b:62:a0:6b:e8:bf:7a:97:e3:d5:07:6e:99:f5:be:
0e:15:ee:66:d6:e0:a8:64:ca:10:db:76:38:b7:07:
80:a3:88:0a:22:40:ab:6a:3f:81:31:5a:c4:55:e8:
82:8b:5b:7c:d7:97:cc:05:7e:4b:88:f3:b7:0d:55:
92:40:8c:c3:a8:38:17:54:3e:c6:80:61:d0:a9:70:
fc:fe:6f:88:9a:98:64:cf:dc:1a:b7:90:f3:ff:c2:
fe:ac:1e:1e:a5:3d:2f:20:22:fa:f3:e1:7b:92:25:
11:a1:92:51:be:a7:cf:40:a8:99:d6:d3:6a:be:a9:
12:08:e4:77:99:01:81:09:56:7b:7b:66:15:67:1d:
68:f3:1b:0b:10:ed:98:31:86:fb:69:4d:61:8f:7a:
43:df:1d:e6:b0:4b:db:45:a8:c6:22:e2:53:53:93:
86:52:49:ee:2b:51:95:fe:2c:ee:80:2e:a8:a0:ea:
c0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F8:6B:87:CF:DF:2C:D8:27:39:F5:4B:96:11:EB:8A:4A:F0:3B:9E
X509v3 Authority Key Identifier:
keyid:2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/mPhrh8_fLNgnOfVLlhHrikrwO54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/Lo7asSIV4pvTjB2pteOWvQyWvgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.136.0/21
195.149.105.0/24
IPv6:
2a00:95a0::/32
Signature Algorithm: sha256WithRSAEncryption
67:f3:24:14:e1:5a:54:e6:ed:11:a9:f5:26:30:7e:56:98:2c:
d7:bb:33:ff:67:c1:4f:f7:4b:a5:5e:68:ac:86:1e:5b:85:a0:
cc:e5:f9:7e:a2:bf:0a:f5:df:bf:bc:8e:fd:ca:a1:be:de:b9:
34:94:29:d9:91:2e:0b:26:69:4a:f5:cf:83:c7:e3:3d:8e:0d:
f9:4c:14:f6:99:8d:e4:5a:e7:7a:52:c2:6f:b4:9e:f0:ea:53:
2e:a0:36:4f:e7:09:8f:0f:d4:dc:02:ee:70:36:ad:75:ce:a3:
dd:9b:d1:39:14:79:a1:cd:23:18:39:df:9b:21:bd:e2:cb:c8:
46:b9:f9:65:ce:f4:c5:16:c3:25:b8:f5:4a:62:67:08:8b:3a:
1b:6d:47:87:74:8a:42:69:35:d2:57:62:ba:e1:79:18:82:0f:
78:a5:4c:54:d2:9c:7c:cb:95:8e:73:ca:5a:41:61:b8:fc:c5:
e0:ea:7e:e6:a5:ab:c5:88:41:17:73:21:c1:61:e4:fa:65:2d:
78:66:35:5a:3d:64:27:62:21:12:88:5d:0a:e9:a7:e3:10:3c:
88:f7:ec:34:5f:58:22:ed:57:25:16:70:d6:19:dc:35:22:2b:
ee:e3:b8:cd:76:6e:e1:64:0d:ba:d1:ab:2c:05:07:19:93:1e:
5b:d2:23:0b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEG6v6OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZThlZGFiMTIyMTVlMjliZDM4YzFkYTliNWUzOTZiZDBjOTZiZTA5MB4XDTIyMDEw
MTAzNTI0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThmODZiODdjZmRm
MmNkODI3MzlmNTRiOTYxMWViOGE0YWYwM2I5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0H3t0+7g2bRO7ThmNddOMZAEf6hwFAXyDw9jfaSDkuQzVM
YrAO7byTnrLAtv32YBrIwxUAEbscpH5IxUJQQS9L8JQjciJ6WJ/Ma2Kga+i/epfj
1QdumfW+DhXuZtbgqGTKENt2OLcHgKOICiJAq2o/gTFaxFXogotbfNeXzAV+S4jz
tw1VkkCMw6g4F1Q+xoBh0Klw/P5viJqYZM/cGreQ8//C/qweHqU9LyAi+vPhe5Il
EaGSUb6nz0ComdbTar6pEgjkd5kBgQlWe3tmFWcdaPMbCxDtmDGG+2lNYY96Q98d
5rBL20WoxiLiU1OThlJJ7itRlf4s7oAuqKDqwCUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSY+GuHz98s2Cc59UuWEeuKSvA7njAfBgNVHSMEGDAWgBQujtqxIhXim9OM
Ham145a9DJa+CTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvN2FzU0lWNHB2VGpCMnB0ZU9XdlF5V3Znay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvYWY3NmUwLTZiN2QtNDBhYy05NjIxLTY0M2EyZmM0NDczZS8x
L21QaHJoOF9mTE5nbk9mVkxsaEhyaWtyd081NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
YWY3NmUwLTZiN2QtNDBhYy05NjIxLTY0M2EyZmM0NDczZS8xL0xvN2FzU0lWNHB2
VGpCMnB0ZU9XdlF5V3Znay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy7/iAMEAMOVaTANBAIAAjAHAwUA
KgCVoDANBgkqhkiG9w0BAQsFAAOCAQEAZ/MkFOFaVObtEan1JjB+Vpgs17sz/2fB
T/dLpV5orIYeW4WgzOX5fqK/CvXfv7yO/cqhvt65NJQp2ZEuCyZpSvXPg8fjPY4N
+UwU9pmN5FrnelLCb7Se8OpTLqA2T+cJjw/U3ALucDatdc6j3ZvRORR5oc0jGDnf
myG94svIRrn5Zc70xRbDJbj1SmJnCIs6G21Hh3SKQmk10ldiuuF5GIIPeKVMVNKc
fMuVjnPKWkFhuPzF4Op+5qWrxYhBF3MhwWHk+mUteGY1Wj1kJ2IhEohdCumn4xA8
iPfsNF9YIu1XJRZw1hncNSIr7uO4zXZu4WQNutGrLAUHGZMeW9IjCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:14 2024 by rpki-client on console-fra.rpki-client.org