Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mzDifBVR-JuB2aVNpMwgZI7hCH8.roa
File: mzDifBVR-JuB2aVNpMwgZI7hCH8.roa (raw, json)
Hash identifier: lg6PWMJ79uKyitbz6x3FdLWrfTBMuQq6i5tAsUxj2Z4=
Subject key identifier: 9B:30:E2:7C:15:51:F8:9B:81:D9:A5:4D:A4:CC:20:64:8E:E1:08:7F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 085FCC8C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mzDifBVR-JuB2aVNpMwgZI7hCH8.roa
Signing time: Wed 22 Jun 2022 09:45:44 +0000
ROA not before: Wed 22 Jun 2022 09:45:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.194.29.0/24 maxlen: 24
185.223.153.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140496012 (0x85fcc8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 22 09:45:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b30e27c1551f89b81d9a54da4cc20648ee1087f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:51:94:b0:6f:7f:32:4d:b5:c7:11:bf:b1:ea:
3f:2f:bd:59:a0:53:70:db:90:33:10:f3:e5:f2:ba:
64:39:2a:64:37:f9:b2:67:d1:42:0f:87:48:e7:cc:
d3:02:a5:5e:d7:4e:49:65:3d:6a:48:f8:e4:45:2b:
1e:59:e1:fc:97:30:89:29:d5:13:21:a4:4c:5d:b2:
64:f9:02:e8:31:fc:4e:1c:bf:aa:5c:b3:77:fb:b1:
50:59:c8:f8:90:d8:09:4e:5c:59:03:b1:24:3c:34:
2d:b3:08:cf:da:f4:a2:a6:c8:61:9f:a3:e9:8b:2d:
3f:c4:cf:3a:ec:bc:90:5c:09:ff:9d:bd:b0:cd:05:
b2:3a:6b:7d:08:75:be:f0:3a:7e:00:4e:0b:df:cc:
67:90:37:c0:ce:97:4d:91:d3:7a:c6:80:42:bb:fe:
25:72:60:62:8a:2e:35:35:a8:59:3a:4b:52:c4:a3:
da:c9:00:e4:26:fd:bd:7c:78:62:5c:2a:be:0a:6f:
46:72:56:73:3a:24:ba:78:3f:d1:cf:0b:b3:7e:78:
06:44:3e:f5:77:cc:3e:5a:1b:30:f6:25:ac:dd:ff:
6b:c8:ca:09:3e:e4:58:81:da:e3:46:1c:de:e5:d6:
bc:10:d4:6d:fb:c7:19:2f:a8:cc:1e:0e:a5:69:c5:
17:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:30:E2:7C:15:51:F8:9B:81:D9:A5:4D:A4:CC:20:64:8E:E1:08:7F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mzDifBVR-JuB2aVNpMwgZI7hCH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.29.0/24
185.206.248.0/24
185.206.251.0/24
185.223.153.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
70:22:6b:46:4e:c9:08:6b:39:95:9b:0e:4d:94:c1:c9:67:3d:
77:08:fb:fb:7d:72:43:33:2a:58:68:f8:18:48:17:60:d8:02:
32:15:cc:49:eb:0e:b0:9a:2d:62:c3:1a:2e:33:6b:d3:27:48:
1e:4c:65:b0:22:be:13:59:d7:db:0f:65:61:00:9c:81:24:45:
a4:0e:ed:eb:66:43:bb:52:7a:5c:e8:80:25:9f:0c:7e:78:99:
59:ae:1b:54:e9:ea:23:a8:c1:d5:b5:87:5f:e1:66:45:5f:2d:
df:76:f0:65:6a:79:c0:0b:d5:ec:6e:16:cd:26:ad:f8:d9:19:
48:66:84:85:ee:e4:b5:b9:52:b6:5d:6c:4b:3d:2e:ae:b9:80:
3f:52:00:43:f1:be:35:1e:9d:13:b3:3b:3b:cd:22:c3:9d:8e:
e5:37:6d:25:2d:f5:82:a8:73:65:da:27:9e:72:b0:04:72:eb:
d7:9e:30:71:5f:c5:a7:be:74:dc:51:54:e8:df:ac:53:02:44:
3a:2c:fc:37:28:0f:c8:a0:e3:f0:81:85:b3:2d:58:8f:e7:64:
2d:90:51:4f:5f:7f:43:83:8a:86:e6:48:76:81:e0:ff:60:12:
ac:63:5a:f9:63:44:89:b9:57:16:58:b6:6f:11:86:91:e3:e4:
fb:c3:35:2b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIECF/MjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDYy
MjA5NDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIzMGUyN2MxNTUx
Zjg5YjgxZDlhNTRkYTRjYzIwNjQ4ZWUxMDg3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlRlLBvfzJNtccRv7HqPy+9WaBTcNuQMxDz5fK6ZDkqZDf5
smfRQg+HSOfM0wKlXtdOSWU9akj45EUrHlnh/JcwiSnVEyGkTF2yZPkC6DH8Thy/
qlyzd/uxUFnI+JDYCU5cWQOxJDw0LbMIz9r0oqbIYZ+j6YstP8TPOuy8kFwJ/529
sM0FsjprfQh1vvA6fgBOC9/MZ5A3wM6XTZHTesaAQrv+JXJgYoouNTWoWTpLUsSj
2skA5Cb9vXx4YlwqvgpvRnJWczokung/0c8Ls354BkQ+9XfMPlobMPYlrN3/a8jK
CT7kWIHa40Yc3uXWvBDUbfvHGS+ozB4OpWnFF/ECAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBSbMOJ8FVH4m4HZpU2kzCBkjuEIfzAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L216RGlmQlZSLUp1QjJhVk5wTXdnWkk3aENIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAi0IFAMEArl5DAMEALnCHQMEALnO
+AMEALnO+wMEALnfmQMEAbnmNAMEArnqFAMEArnu5AMEAbnweAMEArn2cAMEALn/
fDANBgkqhkiG9w0BAQsFAAOCAQEAcCJrRk7JCGs5lZsOTZTByWc9dwj7+31yQzMq
WGj4GEgXYNgCMhXMSesOsJotYsMaLjNr0ydIHkxlsCK+E1nX2w9lYQCcgSRFpA7t
62ZDu1J6XOiAJZ8MfniZWa4bVOnqI6jB1bWHX+FmRV8t33bwZWp5wAvV7G4WzSat
+NkZSGaEhe7ktblStl1sSz0urrmAP1IAQ/G+NR6dE7M7O80iw52O5TdtJS31gqhz
ZdonnnKwBHLr154wcV/Fp7503FFU6N+sUwJEOiz8NygPyKDj8IGFsy1Yj+dkLZBR
T19/Q4OKhuZIdoHg/2ASrGNa+WNEiblXFli2bxGGkePk+8M1Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org