Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/M5jwMaNlonDPS0Blj02E9nGjWMQ.roa
File: M5jwMaNlonDPS0Blj02E9nGjWMQ.roa (raw, json)
Hash identifier: rv7aUqKuWxd4yaxcHv20nZwTpiBHIMGHtZlFtvZZd5o=
Subject key identifier: 33:98:F0:31:A3:65:A2:70:CF:4B:40:65:8F:4D:84:F6:71:A3:58:C4
Certificate issuer: /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial: 1571EEBF
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/M5jwMaNlonDPS0Blj02E9nGjWMQ.roa
Signing time: Sat 07 May 2022 03:15:26 +0000
ROA not before: Sat 07 May 2022 03:15:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 89.35.57.0/24 maxlen: 24
185.122.223.0/24 maxlen: 24
89.42.31.0/24 maxlen: 24
93.119.178.0/24 maxlen: 24
93.119.179.0/24 maxlen: 24
93.119.180.0/24 maxlen: 24
93.119.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359788223 (0x1571eebf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Validity
Not Before: May 7 03:15:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3398f031a365a270cf4b40658f4d84f671a358c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:50:7c:6a:8e:ab:a6:5f:33:ac:21:c1:28:
4c:fa:9c:00:d6:80:e5:0a:e7:86:3b:d7:4a:7b:e9:
89:8c:1f:77:a7:c4:6f:24:f6:fe:8c:12:0d:e3:6b:
db:3a:c7:aa:e5:22:d6:c8:1b:3b:7a:a2:5b:65:63:
71:75:25:65:83:51:ef:42:fb:f5:30:37:8b:9c:f5:
be:32:b3:41:18:33:48:80:2e:8c:f1:ba:7a:19:67:
65:d4:bd:81:3d:f1:9c:23:18:36:6b:fd:ea:3d:1c:
2c:3f:0f:b4:83:52:59:d9:bb:0c:c9:f1:d4:2b:6c:
f4:aa:21:86:28:fc:6c:49:54:21:97:a0:16:a6:d0:
07:55:2f:55:46:5e:99:15:37:07:49:09:08:34:05:
ae:39:66:d2:4f:a6:87:a8:3c:26:c1:a9:b3:54:ba:
3f:6a:70:cb:47:9a:b7:3e:b3:b8:fe:9b:23:ae:e2:
bd:2c:94:5c:15:1a:5b:c8:5e:09:bd:3b:77:ef:fe:
f5:fb:95:73:ef:ad:7c:ec:86:24:ce:c7:38:ca:66:
cd:27:c2:b9:0c:22:13:b8:7f:c9:5b:15:e3:e9:65:
bd:7a:19:af:a7:28:04:d9:ef:3e:3f:65:0b:02:b0:
46:f0:41:a3:a2:b9:03:3a:c3:12:71:c2:53:1e:84:
dd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:98:F0:31:A3:65:A2:70:CF:4B:40:65:8F:4D:84:F6:71:A3:58:C4
X509v3 Authority Key Identifier:
keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/M5jwMaNlonDPS0Blj02E9nGjWMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.57.0/24
89.42.31.0/24
93.119.178.0-93.119.181.255
185.122.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:44:bf:5b:eb:bd:c8:d4:ff:71:6c:b0:9d:52:e6:bd:d9:42:
06:87:fd:4d:de:99:c9:82:8f:cb:e1:69:ae:8b:d0:84:8b:6e:
cd:f9:06:dd:16:bb:52:54:50:27:5b:b5:07:cd:24:80:ca:2f:
33:2e:9d:1f:df:f8:26:0a:66:e5:ac:fd:a9:df:5b:d4:62:d1:
a5:e3:ef:50:8d:12:b4:1f:60:ab:f2:2c:84:5a:b8:d3:34:5f:
0a:79:32:7c:5c:cf:1c:1c:3b:d6:c8:e6:f1:80:17:86:84:34:
c6:d0:30:81:18:f0:fb:e1:8f:45:d4:db:95:49:46:e9:89:db:
67:66:dc:9c:69:6d:22:03:b8:e5:d6:d7:26:3d:ca:74:21:ce:
94:be:7d:cd:fb:21:8d:6c:fe:8c:22:49:d7:34:d9:b7:b2:fe:
2c:00:de:b5:2b:82:fe:63:13:6f:dd:5c:b7:93:86:34:84:f4:
4c:d7:f3:4a:a0:93:05:db:52:0a:28:b0:5c:f5:65:50:f4:2a:
db:75:9a:57:da:15:77:82:2f:32:72:72:be:c9:0c:bc:39:7f:
4a:6f:f5:24:88:4c:3f:74:1a:0d:3a:bd:ff:12:e9:6e:84:ea:
89:e6:97:7f:4d:04:54:fb:eb:22:13:a2:2b:9b:41:ae:57:dc:
5e:99:88:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEFXHuvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2MwNTkxZTJlYjQ5ZDA1NTllNmZjZTdlZTJhYTgxZjBmNTliYTZmMB4XDTIyMDUw
NzAzMTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM5OGYwMzFhMzY1
YTI3MGNmNGI0MDY1OGY0ZDg0ZjY3MWEzNThjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKheUHxqjqumXzOsIcEoTPqcANaA5QrnhjvXSnvpiYwfd6fE
byT2/owSDeNr2zrHquUi1sgbO3qiW2VjcXUlZYNR70L79TA3i5z1vjKzQRgzSIAu
jPG6ehlnZdS9gT3xnCMYNmv96j0cLD8PtINSWdm7DMnx1Cts9Kohhij8bElUIZeg
FqbQB1UvVUZemRU3B0kJCDQFrjlm0k+mh6g8JsGps1S6P2pwy0eatz6zuP6bI67i
vSyUXBUaW8heCb07d+/+9fuVc++tfOyGJM7HOMpmzSfCuQwiE7h/yVsV4+llvXoZ
r6coBNnvPj9lCwKwRvBBo6K5AzrDEnHCUx6E3QkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQzmPAxo2WicM9LQGWPTYT2caNYxDAfBgNVHSMEGDAWgBTDwFkeLrSdBVnm
/OfuKqgfD1m6bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c4QlpIaTYwblFWWjV2em43aXFvSHc5WnVtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNGI4YWFiLTIwOTktNDNhZi1iNDFkLWUzNDA3MTc0NjYzYi8x
L001andNYU5sb25EUFMwQmxqMDJFOW5HaldNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NGI4YWFiLTIwOTktNDNhZi1iNDFkLWUzNDA3MTc0NjYzYi8xL3c4QlpIaTYwblFW
WjV2em43aXFvSHc5WnVtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFkjOQMEAFkqHzAMAwQBXXeyAwQB
XXe0AwQAuXrfMA0GCSqGSIb3DQEBCwUAA4IBAQCgRL9b673I1P9xbLCdUua92UIG
h/1N3pnJgo/L4Wmui9CEi27N+QbdFrtSVFAnW7UHzSSAyi8zLp0f3/gmCmblrP2p
31vUYtGl4+9QjRK0H2Cr8iyEWrjTNF8KeTJ8XM8cHDvWyObxgBeGhDTG0DCBGPD7
4Y9F1NuVSUbpidtnZtycaW0iA7jl1tcmPcp0Ic6Uvn3N+yGNbP6MIknXNNm3sv4s
AN61K4L+YxNv3Vy3k4Y0hPRM1/NKoJMF21IKKLBc9WVQ9CrbdZpX2hV3gi8ycnK+
yQy8OX9Kb/UkiEw/dBoNOr3/EuluhOqJ5pd/TQRU++siE6Irm0GuV9xemYjj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:32 2023 by rpki-client on console-ams.rpki-client.org