Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa
File: MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa (raw, json)
Hash identifier: atejQjD4MZHpGvUy1ODLETxYGFdwzxpC36lcHF5cOhk=
Subject key identifier: 32:76:97:20:A7:55:C4:69:BE:70:6A:F6:A0:F4:0D:7F:47:E6:3C:12
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19F094A5
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa
Signing time: Sat 30 Apr 2022 22:04:31 +0000
ROA not before: Sat 30 Apr 2022 22:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212582
IP address blocks: 185.208.168.0/24 maxlen: 32
185.188.7.0/24 maxlen: 32
213.232.106.0/24 maxlen: 32
185.177.82.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435197093 (0x19f094a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 30 22:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32769720a755c469be706af6a0f40d7f47e63c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f3:87:de:f2:ee:7d:75:9c:d3:ba:e1:6f:c2:
ef:1d:f1:0f:97:5d:03:85:14:90:e9:e8:97:b0:96:
a6:ae:92:f7:84:1f:48:9a:34:7f:2e:61:f3:30:0e:
8d:58:81:a2:d3:21:5d:19:03:e0:0c:87:55:6c:7b:
c6:d5:c8:4e:7d:02:65:f7:35:a4:3f:26:2b:19:01:
67:74:9f:79:00:c2:53:9b:b2:21:4f:d4:0e:fa:f9:
e7:7c:68:09:7f:5a:70:06:bc:d4:50:c5:7b:f2:6c:
d5:ae:00:66:37:df:ae:23:5f:f7:dc:b7:98:83:f0:
68:0f:94:37:2c:3f:cf:ef:68:af:9f:f9:17:36:f9:
9a:f0:19:28:56:10:13:8c:7a:a0:19:a6:39:a4:5f:
f5:5e:5f:aa:a2:c5:ec:ef:8e:3b:98:a0:42:fb:2d:
18:55:30:92:79:47:bb:e8:7e:a9:10:19:46:5e:c0:
a8:8c:63:cf:31:0e:51:4a:fa:db:bf:4f:cb:a5:f5:
1b:7b:73:a5:5d:1d:e7:94:42:47:42:85:2e:4e:70:
15:9f:9f:d9:ed:1f:56:92:43:ac:db:2b:a7:1a:55:
d6:9c:1f:cf:34:15:2f:08:16:dd:c8:40:1d:1f:08:
82:51:44:fe:8d:45:ea:61:dc:4f:82:ad:ee:98:fa:
f5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:76:97:20:A7:55:C4:69:BE:70:6A:F6:A0:F4:0D:7F:47:E6:3C:12
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.82.0/24
185.188.7.0/24
185.208.168.0/24
213.232.106.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f7:0f:f5:dd:ce:7c:3f:ef:6c:a8:e3:28:7f:ab:48:6b:75:
6d:3f:2d:33:c1:2e:3e:0c:34:07:6c:1a:af:f3:11:d8:51:01:
8e:2d:ef:ee:84:bb:a0:f5:87:ea:b5:db:14:8f:02:38:08:00:
79:0e:98:28:46:d5:fd:89:2e:43:6d:74:f8:5d:94:6a:a5:29:
bf:d1:9d:b0:79:d8:fc:09:60:6e:96:07:54:5d:f9:31:f5:28:
e9:73:64:4d:6b:b3:49:50:de:44:ad:04:8e:11:96:de:c3:15:
69:ff:8c:8d:ea:29:12:e7:30:0a:eb:41:89:c1:3e:14:66:ff:
ee:df:db:de:63:07:35:53:23:0e:3f:a1:11:e8:45:0b:b4:b7:
cc:f3:7a:52:3b:0e:89:89:f6:3f:46:31:89:f6:c6:d0:54:9a:
c0:4c:5c:f7:9d:75:12:99:3e:81:38:b5:21:a2:64:83:f0:da:
11:05:c2:d6:d2:cd:8e:0b:d5:22:c1:ff:b2:70:f1:b9:dd:96:
ff:ac:90:65:28:34:66:41:c0:f8:e5:19:bb:d1:7d:66:e1:26:
23:bd:44:71:f4:64:0f:e5:93:4a:a4:11:5f:bd:cc:57:90:cb:
97:4a:dc:66:9c:bd:46:88:aa:65:df:3c:28:2a:5d:03:00:98:
18:f5:e8:2d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGfCUpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQz
MDIyMDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI3Njk3MjBhNzU1
YzQ2OWJlNzA2YWY2YTBmNDBkN2Y0N2U2M2MxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvzh97y7n11nNO64W/C7x3xD5ddA4UUkOnol7CWpq6S94Qf
SJo0fy5h8zAOjViBotMhXRkD4AyHVWx7xtXITn0CZfc1pD8mKxkBZ3SfeQDCU5uy
IU/UDvr553xoCX9acAa81FDFe/Js1a4AZjffriNf99y3mIPwaA+UNyw/z+9or5/5
Fzb5mvAZKFYQE4x6oBmmOaRf9V5fqqLF7O+OO5igQvstGFUwknlHu+h+qRAZRl7A
qIxjzzEOUUr6279Py6X1G3tzpV0d55RCR0KFLk5wFZ+f2e0fVpJDrNsrpxpV1pwf
zzQVLwgW3chAHR8IglFE/o1F6mHcT4Kt7pj69RcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQydpcgp1XEab5wavag9A1/R+Y8EjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L01uYVhJS2RWeEdtLWNHcjJvUFFOZjBmbVBCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEALmxUgMEALm8BwMEALnQqAMEANXo
ajANBgkqhkiG9w0BAQsFAAOCAQEAH/cP9d3OfD/vbKjjKH+rSGt1bT8tM8EuPgw0
B2war/MR2FEBji3v7oS7oPWH6rXbFI8COAgAeQ6YKEbV/YkuQ210+F2UaqUpv9Gd
sHnY/AlgbpYHVF35MfUo6XNkTWuzSVDeRK0EjhGW3sMVaf+MjeopEucwCutBicE+
FGb/7t/b3mMHNVMjDj+hEehFC7S3zPN6UjsOiYn2P0YxifbG0FSawExc9511Epk+
gTi1IaJkg/DaEQXC1tLNjgvVIsH/snDxud2W/6yQZSg0ZkHA+OUZu9F9ZuEmI71E
cfRkD+WTSqQRX73MV5DLl0rcZpy9RoiqZd88KCpdAwCYGPXoLQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org