Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/mzfLHi7IepUKQC9sAouMB_0m7hI.roa
File: mzfLHi7IepUKQC9sAouMB_0m7hI.roa (raw, json)
Hash identifier: oMh4295ekYFIoAGKKos5TfYBQ8aoyiK9Z3mN6XWR/ek=
Subject key identifier: 9B:37:CB:1E:2E:C8:7A:95:0A:40:2F:6C:02:8B:8C:07:FD:26:EE:12
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01853466CF89B4F8EB728E51B5FC1780B957
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/mzfLHi7IepUKQC9sAouMB_0m7hI.roa
Signing time: Wed 21 Dec 2022 11:17:11 +0000
ROA not before: Wed 21 Dec 2022 11:17:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203534
IP address blocks: 185.131.184.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:66:cf:89:b4:f8:eb:72:8e:51:b5:fc:17:80:b9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 21 11:17:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b37cb1e2ec87a950a402f6c028b8c07fd26ee12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:22:15:72:68:f8:ba:97:3a:ba:3f:52:f3:69:
ea:df:4d:8d:1b:19:4a:60:31:9b:33:7d:50:a3:a7:
aa:07:b1:3d:bb:64:cf:4e:05:50:0a:51:d4:3c:4a:
b9:e7:8b:87:e4:93:9a:af:77:7e:c7:7b:96:b5:7b:
ec:4e:6d:3b:46:ed:06:26:a5:5a:de:b8:25:18:b1:
e6:ac:02:69:7a:c9:b2:53:c4:ae:f1:00:eb:aa:c1:
8d:17:dd:e6:8b:fc:7c:b7:e6:20:56:6d:2a:1c:9e:
02:db:88:ec:eb:c6:1d:aa:d9:29:9a:0f:37:15:22:
e4:50:0c:a0:b5:2b:d9:cc:8d:1d:82:fc:63:03:91:
b1:7a:f1:2e:b0:1d:36:f4:45:ea:d5:ef:f3:9b:b6:
73:46:60:c7:4c:74:4f:61:f8:57:14:2b:09:cc:71:
5e:02:06:b9:bf:8c:76:b6:86:9b:00:90:5e:3f:47:
5c:d8:9b:c0:38:d7:40:52:e5:d1:0a:8e:e5:9e:d2:
5d:db:7c:08:f6:99:20:b3:ca:44:b8:cc:33:58:16:
90:14:d9:6f:dd:86:79:fb:43:c6:26:2a:b1:f2:5f:
b5:5e:bc:9c:07:a1:ab:a1:0b:fe:33:95:f2:3d:1c:
a9:8d:70:17:bb:66:21:fe:59:f3:3d:37:f0:4f:c3:
19:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:37:CB:1E:2E:C8:7A:95:0A:40:2F:6C:02:8B:8C:07:FD:26:EE:12
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/mzfLHi7IepUKQC9sAouMB_0m7hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:b5:a6:9b:92:55:76:fa:8b:02:bb:28:57:16:85:04:58:16:
47:51:a1:44:61:14:01:11:2a:87:15:9b:cd:15:56:20:31:96:
6c:3b:ef:8d:ec:34:ba:3e:0a:72:b5:90:93:f2:40:40:a9:ea:
00:f1:5d:bf:38:3d:74:f7:de:bc:d1:84:18:7c:2f:55:0e:4c:
8c:25:63:f2:13:ab:16:41:22:30:10:d3:71:be:12:6d:78:b6:
18:51:6c:6e:32:04:1b:d1:17:ff:e3:4d:ab:b0:09:4d:de:e9:
53:f9:8c:5f:f0:b5:40:5f:e6:02:e7:0d:db:e8:c8:19:cd:d1:
c1:7c:15:a9:11:0e:6c:17:86:3b:a4:94:2a:62:13:ef:03:80:
d7:03:09:53:20:7e:aa:0c:6f:39:b7:75:10:da:60:b3:75:3b:
8e:40:1d:3b:35:f3:dc:0a:e7:58:6b:13:1a:74:f9:dc:a2:39:
42:90:92:95:82:b1:20:d9:1d:59:f3:9e:90:a8:2d:c0:4b:6e:
1e:58:bc:18:8b:c2:58:c0:db:86:72:c4:9c:83:ca:85:61:84:
cd:25:5f:b8:a7:ef:35:84:22:46:2b:f2:eb:05:8f:6d:5e:6f:
d4:69:33:38:00:af:72:b9:9a:d3:59:3c:fe:1c:f3:2f:7d:4e:
bb:28:44:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU0Zs+JtPjrco5RtfwXgLlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIxMTExNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM3Y2IxZTJlYzg3YTk1MGE0MDJmNmMwMjhiOGMwN2ZkMjZlZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCIVcmj4upc6uj9S82nq302NGxlK
YDGbM31Qo6eqB7E9u2TPTgVQClHUPEq554uH5JOar3d+x3uWtXvsTm07Ru0GJqVa
3rglGLHmrAJpesmyU8Su8QDrqsGNF93mi/x8t+YgVm0qHJ4C24js68Ydqtkpmg83
FSLkUAygtSvZzI0dgvxjA5GxevEusB029EXq1e/zm7ZzRmDHTHRPYfhXFCsJzHFe
Aga5v4x2toabAJBeP0dc2JvAONdAUuXRCo7lntJd23wI9pkgs8pEuMwzWBaQFNlv
3YZ5+0PGJiqx8l+1XrycB6GroQv+M5XyPRypjXAXu2Yh/lnzPTfwT8MZjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJs3yx4uyHqVCkAvbAKLjAf9Ju4SMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbXpmTEhpN0llcFVLUUM5c0FvdU1CXzBtN2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYO4MA0G
CSqGSIb3DQEBCwUAA4IBAQAqtaabklV2+osCuyhXFoUEWBZHUaFEYRQBESqHFZvN
FVYgMZZsO++N7DS6PgpytZCT8kBAqeoA8V2/OD1099680YQYfC9VDkyMJWPyE6sW
QSIwENNxvhJteLYYUWxuMgQb0Rf/402rsAlN3ulT+Yxf8LVAX+YC5w3b6MgZzdHB
fBWpEQ5sF4Y7pJQqYhPvA4DXAwlTIH6qDG85t3UQ2mCzdTuOQB07NfPcCudYaxMa
dPncojlCkJKVgrEg2R1Z856QqC3AS24eWLwYi8JYwNuGcsScg8qFYYTNJV+4p+81
hCJGK/LrBY9tXm/UaTM4AK9yuZrTWTz+HPMvfU67KETz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org