Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/mocB68Vn8qoL8WinT__-thaatxQ.roa
File: mocB68Vn8qoL8WinT__-thaatxQ.roa (raw, json)
Hash identifier: 3o2yYsKVgcsaMuVKjtVyycQvOp3QkQTruuECLKrp7Fs=
Subject key identifier: 9A:87:01:EB:C5:67:F2:AA:0B:F1:68:A7:4F:FF:FE:B6:16:9A:B7:14
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 35189BCD
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/mocB68Vn8qoL8WinT__-thaatxQ.roa
Signing time: Tue 19 Apr 2022 07:00:17 +0000
ROA not before: Tue 19 Apr 2022 07:00:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4755
IP address blocks: 89.108.129.0/24 maxlen: 24
89.108.128.0/24 maxlen: 24
89.108.154.0/24 maxlen: 24
89.108.176.0/24 maxlen: 24
89.108.176.0/22 maxlen: 22
212.101.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 890805197 (0x35189bcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Apr 19 07:00:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a8701ebc567f2aa0bf168a74ffffeb6169ab714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e4:4c:ea:fb:3d:09:e2:b5:c2:1b:84:c4:89:
fc:b3:f8:b0:15:71:28:87:db:45:3a:1d:35:95:57:
67:3c:f6:78:cf:59:73:5b:51:99:a9:7d:0c:32:9b:
40:40:aa:67:68:cb:4c:c6:fb:a4:a4:cb:63:31:c3:
53:77:ec:ae:1f:15:5a:8a:38:bb:9a:72:ad:ec:cc:
a1:bb:d7:52:79:a0:a6:14:96:d6:63:9c:62:fe:96:
de:f6:94:02:bf:97:07:a7:56:c5:4d:8b:e3:ef:a1:
a0:9b:5e:2e:37:8c:e0:57:ed:e4:a0:cf:75:4f:b3:
62:55:b2:46:7b:c9:74:fd:35:df:51:66:0b:92:5e:
a2:5f:9c:7d:43:73:b0:32:26:8a:54:68:e2:8a:b2:
c9:d8:d6:43:5e:13:c5:0c:c2:e7:c0:15:0a:9e:60:
c7:d8:6f:2b:79:97:54:dd:b4:93:0b:52:97:6c:c1:
3d:9b:89:d5:6a:32:86:97:8f:2f:7b:da:2d:c1:f8:
f0:10:60:68:c1:ed:a2:58:05:ca:2d:43:ba:6c:57:
d4:cc:87:c1:9a:c1:b5:ad:73:5e:71:da:f6:31:41:
18:11:4c:8a:22:5f:14:b7:c2:a0:b9:e0:79:bd:19:
a5:e2:b0:b1:bd:c2:75:c8:9d:65:90:99:0e:96:d6:
e7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:87:01:EB:C5:67:F2:AA:0B:F1:68:A7:4F:FF:FE:B6:16:9A:B7:14
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/mocB68Vn8qoL8WinT__-thaatxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.128.0/23
89.108.154.0/24
89.108.176.0/22
212.101.249.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:29:96:1d:de:0d:ef:63:aa:e2:64:0b:d3:2c:be:cb:25:8f:
88:6b:1a:10:6e:e9:05:11:2b:fc:63:8f:e8:43:dc:60:ab:64:
1a:ea:18:2a:76:43:09:e9:48:a3:91:d2:10:8f:e9:23:0f:d5:
f4:0a:33:3e:89:cc:a1:e0:30:00:f7:20:7d:ab:8a:dc:4e:f8:
ae:5e:b6:7f:5e:81:2a:68:a3:a2:3f:42:5f:55:91:1a:a0:2f:
94:1d:2d:ec:13:9c:3e:51:8b:d2:9e:c9:23:07:14:67:d4:04:
5b:b5:e6:40:df:4d:df:00:f3:d7:a3:7d:36:e1:bf:5a:f2:fd:
75:ad:02:ae:f3:83:25:63:d5:e7:41:42:83:be:2a:d0:81:5a:
02:a3:67:cb:38:09:ec:30:a3:ff:45:1a:ed:fb:05:ce:ec:9a:
f1:b5:d1:d1:a6:a2:2a:51:57:1d:87:78:60:5b:8e:d4:c7:f6:
e7:19:af:b5:5e:17:b4:61:f9:0a:9e:2c:ea:4f:76:7e:be:a6:
22:bd:59:23:16:56:b5:62:d1:11:dc:a1:01:83:00:74:e9:23:
c0:b6:1b:b6:cf:ed:17:38:cf:26:7c:01:73:22:23:d8:d9:4e:
ec:83:51:1b:4c:b5:6b:09:95:70:97:a5:dd:15:8a:f8:d4:9e:
ad:91:1e:05
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIENRibzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWIwNTAyMTEyMTlkMThlOTk2ZTA4NmNiN2Y2MzA5MTc4ODA0ODYwMB4XDTIyMDQx
OTA3MDAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE4NzAxZWJjNTY3
ZjJhYTBiZjE2OGE3NGZmZmZlYjYxNjlhYjcxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHkTOr7PQnitcIbhMSJ/LP4sBVxKIfbRTodNZVXZzz2eM9Z
c1tRmal9DDKbQECqZ2jLTMb7pKTLYzHDU3fsrh8VWoo4u5pyrezMobvXUnmgphSW
1mOcYv6W3vaUAr+XB6dWxU2L4++hoJteLjeM4Fft5KDPdU+zYlWyRnvJdP0131Fm
C5Jeol+cfUNzsDImilRo4oqyydjWQ14TxQzC58AVCp5gx9hvK3mXVN20kwtSl2zB
PZuJ1WoyhpePL3vaLcH48BBgaMHtolgFyi1DumxX1MyHwZrBta1zXnHa9jFBGBFM
iiJfFLfCoLngeb0ZpeKwsb3CdcidZZCZDpbW59sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSahwHrxWfyqgvxaKdP//62Fpq3FDAfBgNVHSMEGDAWgBTBsFAhEhnRjplu
CGy39jCReIBIYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3diQlFJUklaMFk2WmJnaHN0X1l3a1hpQVNHQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMjhhOGYzLTg4OWUtNDU0OS1hNDRlLWNlMjI1MTg3ZmMzOC8x
L21vY0I2OFZuOHFvTDhXaW5UX18tdGhhYXR4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MjhhOGYzLTg4OWUtNDU0OS1hNDRlLWNlMjI1MTg3ZmMzOC8xL3diQlFJUklaMFk2
WmJnaHN0X1l3a1hpQVNHQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVlsgAMEAFlsmgMEAllssAMEANRl
+TANBgkqhkiG9w0BAQsFAAOCAQEAaymWHd4N72Oq4mQL0yy+yyWPiGsaEG7pBREr
/GOP6EPcYKtkGuoYKnZDCelIo5HSEI/pIw/V9AozPonMoeAwAPcgfauK3E74rl62
f16BKmijoj9CX1WRGqAvlB0t7BOcPlGL0p7JIwcUZ9QEW7XmQN9N3wDz16N9NuG/
WvL9da0CrvODJWPV50FCg74q0IFaAqNnyzgJ7DCj/0Ua7fsFzuya8bXR0aaiKlFX
HYd4YFuO1Mf25xmvtV4XtGH5Cp4s6k92fr6mIr1ZIxZWtWLREdyhAYMAdOkjwLYb
ts/tFzjPJnwBcyIj2NlO7INRG0y1awmVcJel3RWK+NSerZEeBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:13 2024 by rpki-client on console-fra.rpki-client.org