Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/mgaYXpFmoLBToHZurz8PoUrGGiQ.roa
File: mgaYXpFmoLBToHZurz8PoUrGGiQ.roa (raw, json)
Hash identifier: XbsJiUm38cnjMhxYmZe5HF1vv1Br7ucTpcOX29AUx6Q=
Subject key identifier: 9A:06:98:5E:91:66:A0:B0:53:A0:76:6E:AF:3F:0F:A1:4A:C6:1A:24
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 03F4406A
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/mgaYXpFmoLBToHZurz8PoUrGGiQ.roa
Signing time: Wed 12 Jan 2022 11:48:16 +0000
ROA not before: Wed 12 Jan 2022 11:48:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43180
IP address blocks: 45.12.0.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66338922 (0x3f4406a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 12 11:48:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a06985e9166a0b053a0766eaf3f0fa14ac61a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d4:12:40:84:fb:ad:dd:10:81:3f:d1:45:1c:
77:39:34:f2:14:ab:e2:03:4f:14:82:10:eb:dc:9e:
c5:3b:59:0d:71:ee:2d:f7:61:92:63:e9:03:8b:48:
fd:2f:ef:51:16:38:5e:4a:10:a9:66:38:4e:16:7a:
cd:74:4a:37:ce:09:69:ce:c8:21:f3:65:f5:e7:95:
bd:aa:2a:7f:1d:0e:77:f4:af:33:fa:67:17:2b:00:
b9:08:4a:bf:34:5e:71:06:b6:3e:b8:84:13:d0:30:
8d:f2:0f:ed:8d:12:ea:98:2e:6a:6d:b2:6e:ea:58:
71:b7:52:03:30:14:a4:84:07:ff:e0:5d:53:11:46:
fe:9a:f9:9e:c6:3c:46:88:56:e0:3d:ee:5d:48:e6:
e5:e6:e8:d8:c4:2e:01:5e:a1:e4:39:de:ee:bd:bb:
bf:6b:85:55:6b:e1:a2:33:ff:23:8d:c8:47:5a:b4:
4d:73:2f:60:17:fe:db:2a:27:df:99:63:e0:e9:a3:
b6:39:9c:39:bb:80:6f:86:85:13:c7:9f:83:0b:42:
81:ab:d9:a7:80:10:18:f3:44:16:eb:12:65:bb:23:
77:7f:71:1d:ad:98:fb:22:17:04:23:3f:ba:9c:26:
3e:58:8e:58:13:43:06:fe:e4:e5:49:02:da:e3:d9:
84:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:06:98:5E:91:66:A0:B0:53:A0:76:6E:AF:3F:0F:A1:4A:C6:1A:24
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/mgaYXpFmoLBToHZurz8PoUrGGiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
176.119.31.0/24
185.254.199.0/24
195.66.210.0/24
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
76:f4:76:c5:c7:32:22:6a:3a:01:14:89:e5:f1:0e:17:71:eb:
e2:4d:1e:92:df:2f:af:64:6a:e7:14:09:90:8a:f8:00:30:41:
2a:77:b6:11:4e:24:85:db:6e:3a:00:04:db:de:2f:ac:68:02:
8c:7a:58:9f:94:69:40:37:a5:33:3e:db:08:cd:26:10:09:17:
c8:f3:0c:b0:42:ac:ef:aa:7e:b3:62:00:77:f0:6b:60:71:34:
46:84:a6:9f:69:24:fd:41:42:3c:ba:21:77:85:3b:d0:72:84:
53:5f:e6:63:45:ef:37:58:0a:b6:4f:9c:4a:bb:a8:71:df:fa:
3a:f1:f1:72:13:f5:61:e7:bc:f3:02:f9:f4:ba:49:02:6f:97:
68:f2:21:db:01:31:bc:0d:b3:85:2b:7d:f8:c4:3d:c2:2a:10:
df:3f:d7:78:55:af:db:6b:17:d3:61:8a:6e:a5:7a:0b:98:1c:
f7:be:56:e7:59:e2:9c:8d:b9:86:94:cd:6b:bf:50:e2:5c:1e:
1c:34:77:70:c4:e3:e7:0b:b1:9f:93:4c:9d:c4:27:e7:30:93:
04:0d:e4:ae:46:94:db:bb:74:19:6d:42:00:3e:4a:5a:3f:ff:
e2:43:e9:82:e8:6f:94:37:1b:e9:58:95:41:37:9d:c2:07:10:
30:9b:ef:74
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEA/RAajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzJjOWMyNmRmN2NjZDhhZDM4ZDg5YmQ1ZDQ5MzgwYjkzYjFlMDA5MB4XDTIyMDEx
MjExNDgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWEwNjk4NWU5MTY2
YTBiMDUzYTA3NjZlYWYzZjBmYTE0YWM2MWEyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrUEkCE+63dEIE/0UUcdzk08hSr4gNPFIIQ69yexTtZDXHu
LfdhkmPpA4tI/S/vURY4XkoQqWY4ThZ6zXRKN84Jac7IIfNl9eeVvaoqfx0Od/Sv
M/pnFysAuQhKvzRecQa2PriEE9AwjfIP7Y0S6pguam2ybupYcbdSAzAUpIQH/+Bd
UxFG/pr5nsY8RohW4D3uXUjm5ebo2MQuAV6h5Dne7r27v2uFVWvhojP/I43IR1q0
TXMvYBf+2yon35lj4OmjtjmcObuAb4aFE8efgwtCgavZp4AQGPNEFusSZbsjd39x
Ha2Y+yIXBCM/upwmPliOWBNDBv7k5UkC2uPZhCECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSaBphekWagsFOgdm6vPw+hSsYaJDAfBgNVHSMEGDAWgBSzLJwm33zNitON
ib1dSTgLk7HgCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N5eWNKdDk4ellyVGpZbTlYVWs0QzVPeDRBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZDVkYTBjLTljZjMtNGY4Yi1hNTYyLWNiMTFiYzViMmYxYi8x
L21nYVlYcEZtb0xCVG9IWnVyejhQb1VyR0dpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZDVkYTBjLTljZjMtNGY4Yi1hNTYyLWNiMTFiYzViMmYxYi8xL3N5eWNKdDk4elly
VGpZbTlYVWs0QzVPeDRBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAC0LOQMEAS0MAAMEAC0MAwMEAFvQ
cwMEALB3HwMEALn+xwMEAMNC0jANBAIAAjAHAwUAKgktwjANBgkqhkiG9w0BAQsF
AAOCAQEAdvR2xccyImo6ARSJ5fEOF3Hr4k0ekt8vr2Rq5xQJkIr4ADBBKne2EU4k
hdtuOgAE294vrGgCjHpYn5RpQDelMz7bCM0mEAkXyPMMsEKs76p+s2IAd/BrYHE0
RoSmn2kk/UFCPLohd4U70HKEU1/mY0XvN1gKtk+cSruocd/6OvHxchP1Yee88wL5
9LpJAm+XaPIh2wExvA2zhSt9+MQ9wioQ3z/XeFWv22sX02GKbqV6C5gc975W51ni
nI25hpTNa79Q4lweHDR3cMTj5wuxn5NMncQn5zCTBA3krkaU27t0GW1CAD5KWj//
4kPpguhvlDcb6ViVQTedwgcQMJvvdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org