Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/MHq8ybIyPDRi0-ImzRn-Rm1x-TQ.roa
File: MHq8ybIyPDRi0-ImzRn-Rm1x-TQ.roa (raw, json)
Hash identifier: XbAwBy5R4IM1h+5uaWWuXnc5Ab3IGuuPTmf7g1Rq3fY=
Subject key identifier: 30:7A:BC:C9:B2:32:3C:34:62:D3:E2:26:CD:19:FE:46:6D:71:F9:34
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 1C8D53B5
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/MHq8ybIyPDRi0-ImzRn-Rm1x-TQ.roa
Signing time: Sat 01 Jan 2022 14:55:25 +0000
ROA not before: Sat 01 Jan 2022 14:55:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61272
IP address blocks: 91.216.163.0/24 maxlen: 32
85.206.160.0/20 maxlen: 32
185.64.104.0/22 maxlen: 32
88.119.160.0/21 maxlen: 32
88.119.168.0/22 maxlen: 32
88.119.175.0/24 maxlen: 32
88.119.174.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
2a04:2180::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 479024053 (0x1c8d53b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jan 1 14:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=307abcc9b2323c3462d3e226cd19fe466d71f934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3f:44:19:f3:62:04:ac:a2:b6:28:ea:74:27:
e3:35:1f:e7:3c:cf:60:56:34:9e:56:bb:06:25:c4:
2f:d4:89:dc:00:d9:aa:be:04:24:67:7e:15:c7:da:
2b:68:18:b3:f7:07:df:e6:12:98:6f:ac:57:23:b3:
b6:80:92:ec:49:a1:35:8f:d5:e5:3c:55:1b:aa:54:
74:4f:0b:7c:df:ed:e1:10:89:58:7e:80:ba:f7:a4:
23:c3:f9:6f:04:be:e1:7a:33:8c:30:48:93:12:f0:
9b:1c:e3:c5:51:0f:a9:e9:40:ce:d1:e8:01:91:ed:
74:d0:37:26:e9:0d:25:48:a4:b1:a2:cd:6b:29:49:
d1:d8:90:f3:80:79:cf:ee:c2:f1:a1:56:d6:80:83:
86:8d:c8:3d:86:02:6d:82:8a:a7:80:38:da:0b:34:
e3:d8:97:ab:e8:2c:22:11:d5:fb:16:df:bb:d3:9f:
be:0a:a8:9a:90:88:00:21:4c:9a:2a:f9:13:30:e6:
28:6a:67:51:fa:21:4b:4a:9c:61:15:f1:3a:d3:02:
41:8c:18:12:35:5f:8e:4e:2e:87:15:8d:55:b2:f6:
b3:fe:03:39:dc:d4:f5:e9:2b:07:27:e0:b7:f8:e9:
ba:20:ff:0a:c7:b4:3e:15:32:75:4d:e1:36:2a:90:
54:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7A:BC:C9:B2:32:3C:34:62:D3:E2:26:CD:19:FE:46:6D:71:F9:34
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/MHq8ybIyPDRi0-ImzRn-Rm1x-TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0-88.119.171.255
88.119.174.0/23
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6e:25:e2:63:ea:c5:b4:3a:e1:50:e8:d9:21:91:a3:83:ff:82:
a8:a0:60:a8:9d:18:d0:45:d3:88:5a:71:f2:c0:01:a4:c4:42:
1e:38:7e:3a:55:5c:4f:e2:58:fb:58:65:f5:90:3b:b4:f8:c4:
a3:f2:e1:ff:08:82:22:20:b9:47:7f:85:ed:cd:13:49:8c:26:
69:f9:f7:e6:a3:0d:e0:a5:27:8f:70:57:4c:53:c9:cf:fa:1f:
a3:a8:cd:09:1f:27:29:05:2f:0c:1e:e2:a2:be:e3:39:f9:87:
4f:8d:18:5b:32:c5:bc:b1:f5:1f:1e:83:3d:37:80:09:8b:66:
bb:ec:1b:58:a9:fc:43:92:e5:24:a9:60:0c:ac:0f:2e:97:97:
57:38:73:c9:f8:ca:09:1a:9a:6d:82:bf:44:9e:49:25:33:1b:
c9:86:c5:70:05:68:d0:fd:bf:f3:b7:e6:56:3f:d5:b9:4b:cc:
7c:21:dd:1b:2a:79:75:3d:c9:4d:c5:47:4d:ad:a2:56:bd:a5:
91:93:4b:d9:e1:78:b8:0b:67:56:46:9f:fe:02:15:ae:44:2a:
ec:de:71:4f:08:09:74:d2:0a:a0:39:81:fc:d1:de:c1:4f:08:
e2:2b:13:91:0e:a0:8d:cf:d5:b9:61:42:ca:8b:82:e2:37:d7:
03:00:65:e5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIEHI1TtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjZlYTczNTkyMjFjMWI3N2Q2Y2MwMDZmN2I2NzA2YTlhOTA4Mjk5MB4XDTIyMDEw
MTE0NTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA3YWJjYzliMjMy
M2MzNDYyZDNlMjI2Y2QxOWZlNDY2ZDcxZjkzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8/RBnzYgSsorYo6nQn4zUf5zzPYFY0nla7BiXEL9SJ3ADZ
qr4EJGd+FcfaK2gYs/cH3+YSmG+sVyOztoCS7EmhNY/V5TxVG6pUdE8LfN/t4RCJ
WH6AuvekI8P5bwS+4XozjDBIkxLwmxzjxVEPqelAztHoAZHtdNA3JukNJUiksaLN
aylJ0diQ84B5z+7C8aFW1oCDho3IPYYCbYKKp4A42gs049iXq+gsIhHV+xbfu9Of
vgqompCIACFMmir5EzDmKGpnUfohS0qcYRXxOtMCQYwYEjVfjk4uhxWNVbL2s/4D
OdzU9ekrByfgt/jpuiD/Cse0PhUydU3hNiqQVH8CAwEAAaOCAlgwggJUMB0GA1Ud
DgQWBBQwerzJsjI8NGLT4ibNGf5GbXH5NDAfBgNVHSMEGDAWgBS2bqc1kiHBt31s
wAb3tnBqmpCCmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RtNm5OWklod2JkOWJNQUc5N1p3YXBxUWdway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvZjg3YTJlLTQ2YjEtNGE2Ni1hOTBjLTY5OTgzNWM5MmJmZS8x
L01IcTh5Ykl5UERSaTAtSW16Um4tUm0xeC1UUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
Zjg3YTJlLTQ2YjEtNGE2Ni1hOTBjLTY5OTgzNWM5MmJmZS8xL3RtNm5OWklod2Jk
OWJNQUc5N1p3YXBxUWdway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBu
BggrBgEFBQcBBwEB/wRfMF0wOAQCAAEwMgMEBFXOoAMEAlXO8DAMAwQFWHegAwQC
WHeoAwQBWHeuAwQAW9ijAwQCuRkwAwQCuUBoMCEEAgACMBsDBQAqBCGAMBIDBwQq
BCGBwBADBwAqBCGBwBIwDQYJKoZIhvcNAQELBQADggEBAG4l4mPqxbQ64VDo2SGR
o4P/gqigYKidGNBF04hacfLAAaTEQh44fjpVXE/iWPtYZfWQO7T4xKPy4f8IgiIg
uUd/he3NE0mMJmn59+ajDeClJ49wV0xTyc/6H6OozQkfJykFLwwe4qK+4zn5h0+N
GFsyxbyx9R8egz03gAmLZrvsG1ip/EOS5SSpYAysDy6Xl1c4c8n4ygkamm2Cv0Se
SSUzG8mGxXAFaND9v/O35lY/1blLzHwh3RsqeXU9yU3FR02tola9pZGTS9nheLgL
Z1ZGn/4CFa5EKuzecU8ICXTSCqA5gfzR3sFPCOIrE5EOoI3P1blhQsqLguI31wMA
ZeU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:32 2023 by rpki-client on console-fra.rpki-client.org