Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MHksXe7LSIBOmhxoDnV7k9WZdQ4.roa
File: MHksXe7LSIBOmhxoDnV7k9WZdQ4.roa (raw, json)
Hash identifier: xHkiunjWXcQuL0utabJ7pH04WgvPn7n3nm4Bxrcu9AM=
Subject key identifier: 30:79:2C:5D:EE:CB:48:80:4E:9A:1C:68:0E:75:7B:93:D5:99:75:0E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19949620
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MHksXe7LSIBOmhxoDnV7k9WZdQ4.roa
Signing time: Sat 09 Apr 2022 22:23:36 +0000
ROA not before: Sat 09 Apr 2022 22:23:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429168160 (0x19949620)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 9 22:23:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30792c5deecb48804e9a1c680e757b93d599750e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:3c:92:e7:d3:53:b2:fa:74:7b:d8:c6:70:
d7:2b:0d:a7:b8:05:35:a9:67:dd:75:4d:3b:2a:9e:
26:b5:6d:b5:ca:c0:63:5a:72:d0:91:19:39:97:17:
d5:a8:03:fd:ba:0f:3e:19:9b:4c:62:22:2d:a9:b8:
31:0f:bb:fe:20:e7:20:e1:93:7c:2f:19:ed:8f:ef:
eb:ec:ae:4f:fe:23:eb:7a:41:fa:fb:25:ef:a5:ae:
71:6a:e4:9a:4f:b0:ac:bb:bd:f2:df:30:03:7e:7f:
7b:d6:28:23:73:60:9c:86:d7:2b:ca:9a:a1:0c:00:
92:58:93:b5:a1:94:6c:56:1d:9c:22:e3:ae:de:66:
90:b9:a0:af:9b:7b:f5:77:0c:5b:72:c1:3e:ba:eb:
96:19:ad:02:3c:cc:26:96:39:bc:4d:f9:21:c4:b6:
50:cf:bf:87:c5:47:9c:e7:24:59:c9:08:23:1d:48:
1f:f7:63:44:c8:20:aa:05:a8:0b:88:59:6b:e6:fa:
b7:a0:18:b8:24:a9:32:07:a1:18:f5:13:ed:6a:26:
9e:fa:d8:a0:c0:4d:ba:81:ee:ae:7b:d3:b0:79:da:
50:fa:28:33:f3:6f:f4:70:a9:d3:0d:6f:0d:ea:51:
8b:07:83:48:ff:ef:66:c5:1b:1f:57:f0:dd:bb:b6:
62:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:79:2C:5D:EE:CB:48:80:4E:9A:1C:68:0E:75:7B:93:D5:99:75:0E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MHksXe7LSIBOmhxoDnV7k9WZdQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.58.0/24
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
2b:be:b1:39:ba:36:88:4f:21:83:83:19:59:21:1f:1a:88:13:
ff:c9:02:5a:25:61:d1:20:5d:72:ea:3d:48:79:a0:35:44:02:
8e:7a:80:e2:29:dc:89:18:3d:16:16:a7:e4:10:df:32:2b:61:
ef:fe:9e:78:51:75:2a:3b:f1:a5:cc:45:30:2e:de:dc:1d:01:
8f:00:fc:0f:fc:90:84:4f:b1:b3:76:cb:24:8e:3a:b3:67:ce:
c4:0d:3e:b0:bf:6d:42:51:3d:24:67:dc:7a:b6:62:69:f2:ad:
04:bf:b5:7b:6f:8d:a7:4e:d9:99:75:c8:fd:f7:ce:15:6f:c5:
b2:94:2f:fa:ff:3b:b7:5a:e9:b5:c0:63:2a:70:05:8e:c2:40:
73:ef:d2:54:0c:e5:58:5f:8d:47:25:bb:de:34:d6:fa:e8:ce:
5a:34:a1:0b:f7:39:73:c8:fd:af:1a:74:a2:f9:ed:63:e4:d0:
1e:8e:3e:79:37:02:94:f5:35:c1:11:d1:f4:06:3c:72:c6:ed:
e5:04:32:76:ed:b2:fd:a7:29:32:4c:5b:32:f3:c6:81:7a:4e:
1c:61:e9:6f:a9:72:82:18:e6:e2:b2:32:d9:07:a8:f6:6e:11:
11:51:f0:9e:04:00:2f:dc:c0:d9:b1:ee:85:5f:a8:f0:4b:53:
32:c8:45:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGZSWIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
OTIyMjMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA3OTJjNWRlZWNi
NDg4MDRlOWExYzY4MGU3NTdiOTNkNTk5NzUwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd2PJLn01Oy+nR72MZw1ysNp7gFNaln3XVNOyqeJrVttcrA
Y1py0JEZOZcX1agD/boPPhmbTGIiLam4MQ+7/iDnIOGTfC8Z7Y/v6+yuT/4j63pB
+vsl76WucWrkmk+wrLu98t8wA35/e9YoI3NgnIbXK8qaoQwAkliTtaGUbFYdnCLj
rt5mkLmgr5t79XcMW3LBPrrrlhmtAjzMJpY5vE35IcS2UM+/h8VHnOckWckIIx1I
H/djRMggqgWoC4hZa+b6t6AYuCSpMgehGPUT7WomnvrYoMBNuoHurnvTsHnaUPoo
M/Nv9HCp0w1vDepRiweDSP/vZsUbH1fw3bu2YoMCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQweSxd7stIgE6aHGgOdXuT1Zl1DjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L01Ia3NYZTdMU0lCT21oeG9EblY3azlXWmRRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEALl6OgMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQArvrE5ujaI
TyGDgxlZIR8aiBP/yQJaJWHRIF1y6j1IeaA1RAKOeoDiKdyJGD0WFqfkEN8yK2Hv
/p54UXUqO/GlzEUwLt7cHQGPAPwP/JCET7GzdsskjjqzZ87EDT6wv21CUT0kZ9x6
tmJp8q0Ev7V7b42nTtmZdcj9984Vb8WylC/6/zu3Wum1wGMqcAWOwkBz79JUDOVY
X41HJbveNNb66M5aNKEL9zlzyP2vGnSi+e1j5NAejj55NwKU9TXBEdH0Bjxyxu3l
BDJ27bL9pykyTFsy88aBek4cYelvqXKCGObisjLZB6j2bhERUfCeBAAv3MDZse6F
X6jwS1MyyEW8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org