Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/mKpxrtBztmNDP2ECfVx02U42B_E.roa
File: mKpxrtBztmNDP2ECfVx02U42B_E.roa (raw, json)
Hash identifier: oqyS0Pr1oqKpX5dw3QUe48loqEtDwXK+vB2yDWJ2FWY=
Subject key identifier: 98:AA:71:AE:D0:73:B6:63:43:3F:61:02:7D:5C:74:D9:4E:36:07:F1
Certificate issuer: /CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Certificate serial: 0BC9F27B
Authority key identifier: EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/mKpxrtBztmNDP2ECfVx02U42B_E.roa
Signing time: Sat 01 Jan 2022 13:55:10 +0000
ROA not before: Sat 01 Jan 2022 13:55:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204189
IP address blocks: 185.111.148.0/22 maxlen: 24
157.97.184.0/21 maxlen: 24
2a0d:ce80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197784187 (0xbc9f27b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Validity
Not Before: Jan 1 13:55:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98aa71aed073b663433f61027d5c74d94e3607f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a3:a7:38:f9:65:8e:a4:ec:6c:02:ec:b7:ed:
45:a9:7f:47:81:b5:3a:d4:4a:f4:9b:5e:27:e0:82:
f8:b1:c1:c1:a3:8e:c5:64:11:3b:2d:4d:e4:25:31:
8c:1f:53:91:f5:f8:e5:37:88:04:4d:76:9a:ae:28:
c5:f3:30:ea:67:77:f5:3c:03:8b:99:1a:45:86:bd:
a3:eb:42:f3:de:b3:a6:ec:09:ea:14:ac:55:d3:d5:
c5:3e:69:a6:53:f2:ee:07:df:e2:c4:a9:e8:13:7a:
ac:11:72:16:f0:5a:a6:65:a5:03:bf:a2:a0:d8:22:
7e:c7:f3:76:c3:21:c4:27:9c:47:9e:2a:de:c4:bd:
75:17:b0:e6:b8:62:ef:38:0e:b9:be:49:18:f7:ef:
a5:d9:3c:ec:5d:96:68:1d:cc:c6:b2:dd:5d:9a:8f:
dd:8c:fb:a1:f2:d7:0a:14:55:52:83:73:e1:ce:4f:
05:4b:24:18:71:f8:0e:81:de:ad:c8:39:38:88:5e:
3b:93:4a:46:f6:1d:6e:34:85:8a:9f:ec:e6:10:17:
e1:f6:8b:6b:bc:63:be:b3:fb:5a:f7:e6:14:8c:83:
22:c1:c5:de:c0:d3:e4:8a:30:c9:a0:92:a0:2b:1f:
c3:17:3f:eb:a4:6c:78:51:25:1c:de:ba:fe:d8:2c:
1d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AA:71:AE:D0:73:B6:63:43:3F:61:02:7D:5C:74:D9:4E:36:07:F1
X509v3 Authority Key Identifier:
keyid:EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/mKpxrtBztmNDP2ECfVx02U42B_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/7FExTgTslnbytgJI4bm9Au8A4Wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.184.0/21
185.111.148.0/22
IPv6:
2a0d:ce80::/29
Signature Algorithm: sha256WithRSAEncryption
9d:aa:39:74:93:20:85:d6:c2:bf:f4:78:e6:4c:a5:57:12:0d:
19:34:56:c7:a9:dc:b5:9d:21:1e:15:e4:0c:dd:4d:54:43:26:
9c:9a:02:be:ce:71:22:5c:93:01:44:bf:af:59:f9:e2:75:cf:
79:5e:b1:4e:53:ac:09:ca:fe:1a:e2:55:27:35:a0:95:63:59:
ec:74:f7:a5:55:9a:c7:ce:8d:75:ab:8e:08:8f:57:50:e6:5a:
10:b0:26:c3:9b:19:4c:da:19:54:e1:73:e0:65:a7:9f:9e:bd:
1b:ed:1a:15:2c:46:ab:c6:05:97:8a:bb:9c:6b:33:b5:b9:39:
d9:79:b3:31:9f:b1:92:1f:af:94:11:25:99:7b:61:89:df:df:
78:05:ac:03:18:08:94:37:f2:60:29:ef:c0:d5:c3:7c:5f:28:
86:04:cf:07:12:e5:0e:1f:d7:14:fe:e2:37:58:e2:51:83:03:
1e:ab:a8:98:f1:f4:de:51:15:9d:7a:4c:64:e2:03:12:15:93:
bb:35:5a:96:59:18:e9:88:b0:b7:33:cc:cf:2f:9c:87:02:39:
e7:be:94:e8:d5:bc:ff:ea:81:e9:da:63:9d:cc:34:15:dc:0a:
83:e5:71:56:54:b6:90:cf:dc:2f:88:af:7a:9b:ac:a5:0f:ca:
84:b2:0a:df
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEC8nyezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzUxMzE0ZTA0ZWM5Njc2ZjJiNjAyNDhlMWI5YmQwMmVmMDBlMTY4MB4XDTIyMDEw
MTEzNTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThhYTcxYWVkMDcz
YjY2MzQzM2Y2MTAyN2Q1Yzc0ZDk0ZTM2MDdmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJejpzj5ZY6k7GwC7LftRal/R4G1OtRK9JteJ+CC+LHBwaOO
xWQROy1N5CUxjB9TkfX45TeIBE12mq4oxfMw6md39TwDi5kaRYa9o+tC896zpuwJ
6hSsVdPVxT5pplPy7gff4sSp6BN6rBFyFvBapmWlA7+ioNgifsfzdsMhxCecR54q
3sS9dRew5rhi7zgOub5JGPfvpdk87F2WaB3MxrLdXZqP3Yz7ofLXChRVUoNz4c5P
BUskGHH4DoHercg5OIheO5NKRvYdbjSFip/s5hAX4faLa7xjvrP7WvfmFIyDIsHF
3sDT5IowyaCSoCsfwxc/66RseFElHN66/tgsHRMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSYqnGu0HO2Y0M/YQJ9XHTZTjYH8TAfBgNVHSMEGDAWgBTsUTFOBOyWdvK2
Akjhub0C7wDhaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdGRXhUZ1RzbG5ieXRnSkk0Ym05QXU4QTRXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZGI1Mzk5LTZmYmItNGNlMi04OTdiLTNiYmJjYTMxMGQ3MS8x
L21LcHhydEJ6dG1ORFAyRUNmVngwMlU0MkJfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZGI1Mzk5LTZmYmItNGNlMi04OTdiLTNiYmJjYTMxMGQ3MS8xLzdGRXhUZ1RzbG5i
eXRnSkk0Ym05QXU4QTRXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA51huAMEArlvlDANBAIAAjAHAwUD
Kg3OgDANBgkqhkiG9w0BAQsFAAOCAQEAnao5dJMghdbCv/R45kylVxINGTRWx6nc
tZ0hHhXkDN1NVEMmnJoCvs5xIlyTAUS/r1n54nXPeV6xTlOsCcr+GuJVJzWglWNZ
7HT3pVWax86NdauOCI9XUOZaELAmw5sZTNoZVOFz4GWnn569G+0aFSxGq8YFl4q7
nGsztbk52XmzMZ+xkh+vlBElmXthid/feAWsAxgIlDfyYCnvwNXDfF8ohgTPBxLl
Dh/XFP7iN1jiUYMDHquomPH03lEVnXpMZOIDEhWTuzVallkY6YiwtzPMzy+chwI5
576U6NW8/+qB6dpjncw0FdwKg+VxVlS2kM/cL4ivepuspQ/KhLIK3w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:09 2023 by rpki-client on console-fra.rpki-client.org