Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/MLDWpsFn_kjb-OL5X0UZoZnhITo.roa
File: MLDWpsFn_kjb-OL5X0UZoZnhITo.roa (raw, json)
Hash identifier: B/9sIPJJIoFqWcNLJSd4LqNNLGxRW/MG3dCGfvIYLcQ=
Subject key identifier: 30:B0:D6:A6:C1:67:FE:48:DB:F8:E2:F9:5F:45:19:A1:99:E1:21:3A
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 0184CDC3A2BA6D68A59A5A4A16D410BC4FD0
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/MLDWpsFn_kjb-OL5X0UZoZnhITo.roa
Signing time: Thu 01 Dec 2022 12:57:41 +0000
ROA not before: Thu 01 Dec 2022 12:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 109.196.160.0/22 maxlen: 32
45.157.124.0/22 maxlen: 32
80.65.216.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:c3:a2:ba:6d:68:a5:9a:5a:4a:16:d4:10:bc:4f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Dec 1 12:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30b0d6a6c167fe48dbf8e2f95f4519a199e1213a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b8:17:55:fd:3c:e9:e7:f8:75:01:04:ec:cb:
cf:5a:70:a6:cd:3d:0b:36:b9:86:27:51:53:ab:25:
ef:d0:da:5f:de:4e:99:75:14:70:37:8e:9c:4c:fd:
05:b1:37:f2:d7:a6:fb:df:a0:68:da:f4:0f:87:8e:
1d:6b:e1:de:75:e1:be:e6:63:d4:be:c3:a9:80:40:
bc:ec:90:26:1f:78:53:2e:13:ac:48:e9:ee:80:52:
e3:0a:81:58:ca:a9:45:82:99:6b:f3:ae:a1:02:60:
61:b5:b1:0e:72:61:34:7f:2b:b8:1f:26:a1:59:97:
0d:9e:70:b8:49:18:3a:d8:82:50:b9:51:e6:4a:a9:
6a:8d:6d:df:3b:18:ae:ba:2c:92:85:71:c5:b6:62:
62:59:d1:76:a0:e3:0a:ab:65:56:0e:0d:d2:26:48:
eb:e8:f8:49:de:50:ce:c3:58:ec:2f:59:0a:8c:21:
db:18:b6:85:ae:e2:fe:2b:55:d0:99:57:d6:51:93:
45:6a:57:13:3a:01:56:0f:22:b6:f1:45:47:29:25:
c1:3f:4b:c4:03:41:51:88:9a:08:16:23:cd:2a:de:
45:a8:53:1a:bf:39:99:91:56:d9:c2:f3:45:90:b1:
f3:43:6c:15:4d:7f:f9:37:f1:0d:3a:90:55:ef:e9:
82:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B0:D6:A6:C1:67:FE:48:DB:F8:E2:F9:5F:45:19:A1:99:E1:21:3A
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/MLDWpsFn_kjb-OL5X0UZoZnhITo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.124.0/22
80.65.216.0/22
109.196.160.0/22
Signature Algorithm: sha256WithRSAEncryption
00:a5:dc:c3:54:4f:f5:49:85:b9:c7:9c:8e:99:9f:c6:f4:cd:
a6:d3:31:ba:aa:b0:d0:22:68:cb:f2:c3:2c:a7:ab:51:d4:f1:
91:dd:17:ae:62:b2:27:aa:25:af:b7:8b:82:7a:93:f6:07:5d:
50:ae:5b:40:35:09:62:fc:41:1b:4b:07:e8:67:f7:35:73:1f:
94:44:86:00:8e:14:75:28:1b:43:50:81:8d:ae:4e:33:2d:f2:
d3:60:9c:61:04:72:95:e0:e0:75:5d:8c:eb:ac:8c:31:23:e4:
05:44:28:90:9c:b7:80:f8:07:ee:62:9d:70:82:20:b0:e7:e2:
f6:d2:2d:57:8f:fd:a7:7b:5e:fe:ef:c3:a3:a0:73:b3:eb:f9:
f7:54:fe:76:d0:94:b3:4f:b1:fc:7c:68:d3:92:ff:73:95:47:
22:e4:d7:e5:8b:ec:12:54:cd:90:bd:5c:76:2c:d6:78:8d:36:
3c:86:6e:13:80:90:18:5e:2a:fc:bb:5b:a0:3a:3b:64:74:63:
1d:cb:ed:7e:eb:9b:55:5d:1b:65:a1:a8:83:61:ae:e6:79:3b:
e1:b5:1b:17:b7:85:54:b4:2a:83:87:76:95:82:4b:79:e2:93:
4b:c4:29:5c:ae:8c:15:3d:3e:16:92:37:b5:bf:bb:de:d8:00:
5c:45:c3:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTNw6K6bWilmlpKFtQQvE/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjIxMjAxMTI1NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGIwZDZhNmMxNjdmZTQ4ZGJmOGUyZjk1ZjQ1MTlhMTk5ZTEyMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7gXVf086ef4dQEE7MvPWnCmzT0L
NrmGJ1FTqyXv0Npf3k6ZdRRwN46cTP0FsTfy16b736Bo2vQPh44da+HedeG+5mPU
vsOpgEC87JAmH3hTLhOsSOnugFLjCoFYyqlFgplr866hAmBhtbEOcmE0fyu4Hyah
WZcNnnC4SRg62IJQuVHmSqlqjW3fOxiuuiyShXHFtmJiWdF2oOMKq2VWDg3SJkjr
6PhJ3lDOw1jsL1kKjCHbGLaFruL+K1XQmVfWUZNFalcTOgFWDyK28UVHKSXBP0vE
A0FRiJoIFiPNKt5FqFMavzmZkVbZwvNFkLHzQ2wVTX/5N/ENOpBV7+mCZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDCw1qbBZ/5I2/ji+V9FGaGZ4SE6MB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvTUxEV3BzRm5fa2piLU9MNVgwVVpvWm5oSVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZ18AwQC
UEHYAwQCbcSgMA0GCSqGSIb3DQEBCwUAA4IBAQAApdzDVE/1SYW5x5yOmZ/G9M2m
0zG6qrDQImjL8sMsp6tR1PGR3ReuYrInqiWvt4uCepP2B11QrltANQli/EEbSwfo
Z/c1cx+URIYAjhR1KBtDUIGNrk4zLfLTYJxhBHKV4OB1XYzrrIwxI+QFRCiQnLeA
+AfuYp1wgiCw5+L20i1Xj/2ne17+78OjoHOz6/n3VP520JSzT7H8fGjTkv9zlUci
5Nfli+wSVM2QvVx2LNZ4jTY8hm4TgJAYXir8u1ugOjtkdGMdy+1+65tVXRtloaiD
Ya7meTvhtRsXt4VUtCqDh3aVgkt54pNLxClcrowVPT4Wkje1v7ve2ABcRcMO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:23 2023 by rpki-client on console-ams.rpki-client.org