Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/MbNWJwXHMsSY66ZtqECiyDMahRg.roa
File: MbNWJwXHMsSY66ZtqECiyDMahRg.roa (raw, json)
Hash identifier: 3zhjPoXhmk33um1x9zf4L0vnF+dXarpWv6fJsONKluk=
Subject key identifier: 31:B3:56:27:05:C7:32:C4:98:EB:A6:6D:A8:40:A2:C8:33:1A:85:18
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 0D4733E7
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/MbNWJwXHMsSY66ZtqECiyDMahRg.roa
Signing time: Sat 01 Jan 2022 12:03:14 +0000
ROA not before: Sat 01 Jan 2022 12:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59494
IP address blocks: 5.59.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222770151 (0xd4733e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 1 12:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31b3562705c732c498eba66da840a2c8331a8518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:83:7f:e1:0d:ae:d8:0f:02:ff:06:61:a3:64:
0b:1e:60:73:ed:da:b8:e6:12:af:e2:20:d2:6f:32:
41:c2:7c:48:a1:1c:77:76:d8:9c:79:f6:14:5e:bc:
63:32:b9:75:30:b4:86:c8:f1:b7:bf:a8:f1:02:71:
43:33:d8:f8:84:69:76:23:b8:d5:16:cf:72:0a:03:
bd:3d:a3:8c:d7:23:21:7c:ba:b2:39:d6:4e:e7:7a:
bd:3d:a5:a3:51:d9:d8:42:32:46:33:86:6b:a8:ba:
d1:b5:c3:71:2a:b0:14:e4:d2:52:8a:5f:d7:7c:d0:
6b:f6:1d:cd:4c:53:0e:33:78:80:c9:da:09:97:89:
7c:14:95:7e:ab:c3:df:4e:37:45:d6:67:5b:f0:a9:
3b:45:98:bc:b5:06:96:c3:75:76:f1:7f:58:0b:02:
6b:29:a6:be:88:26:95:e0:0a:36:08:95:9d:c5:16:
c2:8a:ba:21:42:74:49:80:1a:09:69:c2:8a:08:fe:
10:c1:c4:5f:1e:2e:28:dd:f5:9a:6b:3f:ad:7a:e9:
52:c6:ed:87:c5:aa:75:f1:51:6a:03:62:ea:4d:86:
e3:9c:9d:42:74:e8:96:ca:3f:a7:43:5f:d8:b7:97:
a0:72:9f:3a:9f:e3:96:4b:e8:a1:d1:a1:3b:61:38:
e0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B3:56:27:05:C7:32:C4:98:EB:A6:6D:A8:40:A2:C8:33:1A:85:18
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/MbNWJwXHMsSY66ZtqECiyDMahRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.44.0/22
Signature Algorithm: sha256WithRSAEncryption
74:51:df:a4:00:40:01:94:a5:28:bf:dc:c1:20:e0:76:fa:2f:
05:a0:02:8e:4b:be:45:e5:b1:7d:65:c8:65:81:7d:78:73:07:
49:ea:e2:c3:75:3e:93:14:72:2f:5d:9c:74:18:09:ab:e6:7e:
24:e3:da:3f:e5:90:60:b8:ed:7a:cd:ba:26:df:e2:0b:59:80:
0e:d0:69:ad:27:56:d0:0c:43:0d:9b:4f:5b:5e:94:2d:ba:75:
1b:a8:fd:6a:e1:59:86:d3:26:fa:7f:87:a5:2a:7c:33:de:1e:
b9:61:61:f4:2a:f2:93:b6:a7:dd:46:df:b6:5f:3e:ef:da:4d:
c8:a8:30:27:f0:1c:99:a8:37:7e:0e:a0:34:26:16:5b:ce:2a:
a7:94:65:e0:07:36:7a:e2:83:e5:5d:b9:cc:56:2b:20:06:61:
fc:8d:fc:fa:2f:32:bb:7b:e3:cf:46:27:a4:16:43:2a:83:e5:
53:c6:ab:83:ae:51:7b:aa:e9:d8:3f:49:52:0c:53:14:b5:56:
95:88:49:b4:93:1e:b5:9f:29:74:47:02:9b:3e:b0:aa:6a:dd:
16:95:0b:39:4a:45:f5:6f:a4:ee:7d:41:09:0a:78:2e:1d:b2:
8d:2c:f0:19:6e:57:f8:1f:ac:d2:4d:55:c0:dd:3b:93:0f:fc:
25:85:96:9b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDUcz5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTQ4MTExOWFmZTFiZmYyMjlmYWNkNGVmOWM4YzYxYjBmYWJlYWYyMB4XDTIyMDEw
MTEyMDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFiMzU2MjcwNWM3
MzJjNDk4ZWJhNjZkYTg0MGEyYzgzMzFhODUxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmDf+ENrtgPAv8GYaNkCx5gc+3auOYSr+Ig0m8yQcJ8SKEc
d3bYnHn2FF68YzK5dTC0hsjxt7+o8QJxQzPY+IRpdiO41RbPcgoDvT2jjNcjIXy6
sjnWTud6vT2lo1HZ2EIyRjOGa6i60bXDcSqwFOTSUopf13zQa/YdzUxTDjN4gMna
CZeJfBSVfqvD3043RdZnW/CpO0WYvLUGlsN1dvF/WAsCaymmvogmleAKNgiVncUW
woq6IUJ0SYAaCWnCigj+EMHEXx4uKN31mms/rXrpUsbth8WqdfFRagNi6k2G45yd
QnTolso/p0Nf2LeXoHKfOp/jlkvoodGhO2E44K8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxs1YnBccyxJjrpm2oQKLIMxqFGDAfBgNVHSMEGDAWgBS5SBEZr+G/8in6
zU75yMYbD6vq8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VVZ1JHYV9odl9JcC1zMU8tY2pHR3ctcjZ2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvY2IwMDA3LTNlYTktNDc1OS04ZDcwLTliOWJjZTE1ZTBjNi8x
L01iTldKd1hITXNTWTY2WnRxRUNpeURNYWhSZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
Y2IwMDA3LTNlYTktNDc1OS04ZDcwLTliOWJjZTE1ZTBjNi8xL3VVZ1JHYV9odl9J
cC1zMU8tY2pHR3ctcjZ2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgU7LDANBgkqhkiG9w0BAQsFAAOC
AQEAdFHfpABAAZSlKL/cwSDgdvovBaACjku+ReWxfWXIZYF9eHMHSeriw3U+kxRy
L12cdBgJq+Z+JOPaP+WQYLjtes26Jt/iC1mADtBprSdW0AxDDZtPW16ULbp1G6j9
auFZhtMm+n+HpSp8M94euWFh9Cryk7an3Ubftl8+79pNyKgwJ/Acmag3fg6gNCYW
W84qp5Rl4Ac2euKD5V25zFYrIAZh/I38+i8yu3vjz0YnpBZDKoPlU8arg65Re6rp
2D9JUgxTFLVWlYhJtJMetZ8pdEcCmz6wqmrdFpULOUpF9W+k7n1BCQp4Lh2yjSzw
GW5X+B+s0k1VwN07kw/8JYWWmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org