Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/mRIDrLqQvyHxbwgUCbe1oybovQ0.roa
File: mRIDrLqQvyHxbwgUCbe1oybovQ0.roa (raw, json)
Hash identifier: GgSoE7Divd/ij8MnOxYNfvNJU7wkp6rLoBmxRhJrp60=
Subject key identifier: 99:12:03:AC:BA:90:BF:21:F1:6F:08:14:09:B7:B5:A3:26:E8:BD:0D
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 0183E6002109ACE3FDE3495238576A519B86
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/mRIDrLqQvyHxbwgUCbe1oybovQ0.roa
Signing time: Mon 17 Oct 2022 12:51:51 +0000
ROA not before: Mon 17 Oct 2022 12:51:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12693
IP address blocks: 156.67.152.0/21 maxlen: 21
82.193.255.0/24 maxlen: 24
212.204.32.0/19 maxlen: 24
156.67.144.0/21 maxlen: 21
82.193.224.0/19 maxlen: 24
85.199.96.0/20 maxlen: 24
149.249.48.0/21 maxlen: 21
92.42.224.0/21 maxlen: 21
153.92.72.0/21 maxlen: 24
185.90.156.0/22 maxlen: 24
156.67.224.0/21 maxlen: 21
85.199.64.0/18 maxlen: 24
85.199.74.0/24 maxlen: 24
2a01:a380::/48 maxlen: 48
2a01:a380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:00:21:09:ac:e3:fd:e3:49:52:38:57:6a:51:9b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Oct 17 12:51:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=991203acba90bf21f16f081409b7b5a326e8bd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:34:94:8b:54:a0:bf:2d:36:bb:f2:08:b4:
02:89:69:85:7b:0c:7b:60:00:2b:ff:02:4e:54:8b:
cf:39:ac:cf:7f:db:f1:96:03:c4:84:d7:20:75:d0:
52:66:dd:07:e6:54:ff:e3:66:f7:95:9f:34:4b:09:
82:bf:0f:b4:64:95:f2:b7:a7:1e:2f:15:cf:d9:c5:
38:f6:b7:f3:bf:f2:72:ba:02:ae:79:91:1d:c6:b5:
b7:0b:65:82:90:d6:d1:44:58:82:e3:a3:ad:63:da:
1d:00:99:e8:39:00:ef:a5:60:ce:1e:88:7c:b8:dc:
4e:8e:c9:a4:86:8f:63:07:52:96:39:3e:30:68:ec:
a3:3d:94:4c:d0:b4:12:ce:ca:d5:e0:85:72:90:7a:
62:5a:50:53:aa:6f:1a:54:ac:62:9f:47:ad:f8:e0:
07:50:12:e2:ea:b5:ae:1a:96:7d:c0:d1:7e:e4:79:
5b:74:51:62:02:9a:2f:42:21:fd:95:15:81:64:46:
0f:7b:d7:2f:d6:c6:b1:a1:34:05:d4:d1:31:51:74:
ab:64:d6:57:a5:64:98:81:ae:5e:c6:21:10:29:14:
33:e4:90:71:b4:7e:ed:f7:53:5e:0a:41:59:f6:77:
9a:42:71:8f:b6:c0:1b:92:ab:67:50:ee:36:14:d3:
71:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:12:03:AC:BA:90:BF:21:F1:6F:08:14:09:B7:B5:A3:26:E8:BD:0D
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/mRIDrLqQvyHxbwgUCbe1oybovQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.224.0/19
85.199.64.0/18
92.42.224.0/21
149.249.48.0/21
153.92.72.0/21
156.67.144.0/20
156.67.224.0/21
185.90.156.0/22
212.204.32.0/19
IPv6:
2a01:a380::/32
Signature Algorithm: sha256WithRSAEncryption
37:3a:2d:dc:29:d0:ec:45:b8:81:3f:6c:17:6f:78:4c:a3:ad:
b7:dd:e9:1f:46:21:b5:a8:92:5e:2d:b8:78:d8:98:d2:77:7e:
3d:82:a5:12:45:31:29:8f:35:ed:0d:f3:ef:6c:21:d4:8e:ec:
48:8e:82:5d:6a:e2:2e:32:01:69:ff:3e:b0:12:5a:2d:6b:bf:
48:18:33:9a:bf:6e:9e:a5:3f:0b:3c:af:0b:11:28:ec:ef:32:
c8:61:a8:80:e1:fa:6c:f5:9b:81:69:6e:b8:1b:71:f9:d9:3f:
4b:85:c8:c0:5e:36:85:58:60:0d:cb:15:c9:83:44:e2:8c:b4:
59:d3:dc:05:91:9a:2b:3a:fc:6e:cd:06:db:f0:34:99:c6:c9:
66:4b:38:1c:d0:32:e2:05:65:c1:1e:9e:e6:31:4d:f8:23:e2:
a0:43:54:e7:2d:88:d4:fb:4f:04:03:5c:ae:a7:1e:31:8e:27:
94:3e:75:48:1a:e1:d7:69:89:d5:1c:01:cd:40:5c:08:40:c8:
0d:22:37:a1:42:a7:95:29:ec:d4:2e:f9:cc:9b:a6:31:68:f7:
7c:45:20:f2:08:c5:3c:03:3e:85:5e:30:00:1d:07:cb:63:6d:
46:be:7d:f0:90:95:9e:18:c0:34:c8:3a:5d:e9:0c:1b:6b:28:
0a:f1:a8:20
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYPmACEJrOP940lSOFdqUZuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjMzY5Yzk0NTY5MTRhMTJlMDJkZmZjOGRkNzk5NzRl
YjFlZjgwHhcNMjIxMDE3MTI1MTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTEyMDNhY2JhOTBiZjIxZjE2ZjA4MTQwOWI3YjVhMzI2ZThiZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6I0lItUoL8tNrvyCLQCiWmFewx7
YAAr/wJOVIvPOazPf9vxlgPEhNcgddBSZt0H5lT/42b3lZ80SwmCvw+0ZJXyt6ce
LxXP2cU49rfzv/JyugKueZEdxrW3C2WCkNbRRFiC46OtY9odAJnoOQDvpWDOHoh8
uNxOjsmkho9jB1KWOT4waOyjPZRM0LQSzsrV4IVykHpiWlBTqm8aVKxin0et+OAH
UBLi6rWuGpZ9wNF+5HlbdFFiApovQiH9lRWBZEYPe9cv1saxoTQF1NExUXSrZNZX
pWSYga5exiEQKRQz5JBxtH7t91NeCkFZ9neaQnGPtsAbkqtnUO42FNNxyQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJkSA6y6kL8h8W8IFAm3taMm6L0NMB8GA1UdIwQY
MBaAFJ4aw2nJRWkUoS4C3/yN15l06x74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTct
ZDY4YzU3ZGI0Y2FlLzEvbVJJRHJMcVF2eUh4YndnVUNiZTFveWJvdlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTctZDY4YzU3ZGI0Y2Fl
LzEvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFUsHgAwQG
VcdAAwQDXCrgAwQDlfkwAwQDmVxIAwQEnEOQAwQDnEPgAwQCuVqcAwQF1MwgMA0E
AgACMAcDBQAqAaOAMA0GCSqGSIb3DQEBCwUAA4IBAQA3Oi3cKdDsRbiBP2wXb3hM
o6233ekfRiG1qJJeLbh42JjSd349gqUSRTEpjzXtDfPvbCHUjuxIjoJdauIuMgFp
/z6wElota79IGDOav26epT8LPK8LESjs7zLIYaiA4fps9ZuBaW64G3H52T9LhcjA
XjaFWGANyxXJg0TijLRZ09wFkZorOvxuzQbb8DSZxslmSzgc0DLiBWXBHp7mMU34
I+KgQ1TnLYjU+08EA1yupx4xjieUPnVIGuHXaYnVHAHNQFwIQMgNIjehQqeVKezU
LvnMm6YxaPd8RSDyCMU8Az6FXjAAHQfLY21Gvn3wkJWeGMA0yDpd6QwbaygK8agg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:51 2023 by rpki-client on console-fra.rpki-client.org