Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/MQbDF-yHzmWfEb5F3z37-4dNZQk.roa
File: MQbDF-yHzmWfEb5F3z37-4dNZQk.roa (raw, json)
Hash identifier: 127qqUTwztqTYv9tOVfMphsmDm9ExD6pHEun2Sb4RWk=
Subject key identifier: 31:06:C3:17:EC:87:CE:65:9F:11:BE:45:DF:3D:FB:FB:87:4D:65:09
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 018282CCE4B27522E911A2BD6D322864BA29
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/MQbDF-yHzmWfEb5F3z37-4dNZQk.roa
Signing time: Tue 09 Aug 2022 13:30:41 +0000
ROA not before: Tue 09 Aug 2022 13:30:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207990
IP address blocks: 185.4.226.0/24 maxlen: 32
31.40.228.0/22 maxlen: 32
194.31.176.0/22 maxlen: 32
195.3.136.0/22 maxlen: 32
194.187.36.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:cc:e4:b2:75:22:e9:11:a2:bd:6d:32:28:64:ba:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Aug 9 13:30:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3106c317ec87ce659f11be45df3dfbfb874d6509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:72:3a:f2:c7:e8:9c:69:0d:75:af:23:e2:95:
f3:7b:c2:73:11:aa:9e:35:15:7e:d1:c3:f5:f7:51:
38:cd:f3:17:a9:9f:02:c4:d1:d4:ff:74:8b:5f:e5:
18:3d:16:2c:d4:03:37:0d:5a:c3:6c:bf:37:5e:18:
a2:7c:65:eb:c7:7b:1f:24:05:dd:b0:55:22:c7:97:
aa:4b:5c:59:99:b5:24:23:47:f3:c4:ab:05:c8:ef:
1a:9f:af:d1:6f:3d:e3:cb:d5:92:c8:66:d7:bf:32:
f2:78:11:41:de:70:e8:58:2c:f5:49:ff:a0:67:02:
c2:9e:71:ab:94:cb:6d:16:60:ce:18:21:e0:70:dd:
73:11:73:f3:3c:e4:48:96:1e:c4:82:7e:dc:dc:86:
0a:8f:44:85:39:d5:58:73:c7:e7:53:17:fe:12:57:
c3:8f:4d:cb:9e:98:16:4b:a0:3a:09:58:d7:2c:ac:
76:d5:a7:c1:f6:1a:67:3b:02:e4:50:e3:51:44:87:
ee:c4:62:8a:03:72:72:2c:af:bd:ee:ca:f0:35:db:
4c:2c:ee:28:14:47:f8:c6:4c:9d:af:86:ec:60:cf:
0f:77:07:e1:6c:df:43:f5:9c:8b:5f:ee:ea:0e:98:
7f:2a:7e:3b:20:d0:2c:1a:c8:28:27:5b:a8:0e:f9:
56:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:06:C3:17:EC:87:CE:65:9F:11:BE:45:DF:3D:FB:FB:87:4D:65:09
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/MQbDF-yHzmWfEb5F3z37-4dNZQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.228.0/22
185.4.226.0/24
194.31.176.0/22
194.187.36.0/22
195.3.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:0e:9f:47:c9:24:e1:bf:6f:bd:da:a6:15:23:20:59:df:4b:
81:bc:a2:97:cb:e7:29:90:87:55:14:fd:b6:58:71:0e:11:3b:
9b:e5:ee:b8:fe:e2:54:db:2c:dd:ff:a6:2e:5f:d9:b6:60:a4:
d2:ef:ba:ca:d0:e2:d9:99:f3:58:08:8d:05:f9:ff:d4:26:a6:
fb:77:e8:73:da:ca:f5:af:77:73:88:1c:76:4b:be:d2:71:7c:
25:da:4b:b0:6a:16:e6:c5:d7:92:b2:89:04:1e:19:19:3d:f8:
82:e6:d0:8b:5a:a9:f0:5a:8b:76:0c:74:6a:86:0a:58:3c:6f:
6a:5c:63:dc:f1:05:c2:1c:4e:c4:8f:11:70:13:08:ad:93:d4:
e1:48:d0:69:81:5c:c8:9b:8a:29:0f:24:02:bd:f0:c2:4b:13:
4b:69:21:04:17:29:14:81:00:b7:b8:da:11:29:32:33:76:b1:
81:cc:72:29:9a:b9:db:d4:62:4e:f9:2d:5c:64:ca:47:6b:76:
f2:55:e2:b6:42:bc:55:e3:27:d9:1c:69:f0:ec:d6:ee:34:cc:
66:80:f9:cd:44:5b:9f:73:55:f8:f6:6d:55:ef:b6:fd:48:11:
08:38:9b:8f:8a:f5:ec:9a:d6:df:64:42:de:a4:49:39:cc:00:
eb:c8:46:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYKCzOSydSLpEaK9bTIoZLopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjIwODA5MTMzMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA2YzMxN2VjODdjZTY1OWYxMWJlNDVkZjNkZmJmYjg3NGQ2NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXI68sfonGkNda8j4pXze8JzEaqe
NRV+0cP191E4zfMXqZ8CxNHU/3SLX+UYPRYs1AM3DVrDbL83XhiifGXrx3sfJAXd
sFUix5eqS1xZmbUkI0fzxKsFyO8an6/Rbz3jy9WSyGbXvzLyeBFB3nDoWCz1Sf+g
ZwLCnnGrlMttFmDOGCHgcN1zEXPzPORIlh7Egn7c3IYKj0SFOdVYc8fnUxf+ElfD
j03LnpgWS6A6CVjXLKx21afB9hpnOwLkUONRRIfuxGKKA3JyLK+97srwNdtMLO4o
FEf4xkydr4bsYM8PdwfhbN9D9ZyLX+7qDph/Kn47INAsGsgoJ1uoDvlW5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDEGwxfsh85lnxG+Rd89+/uHTWUJMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvTVFiREYteUh6bVdmRWI1RjN6MzctNGROWlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHyjkAwQA
uQTiAwQCwh+wAwQCwrskAwQCwwOIMA0GCSqGSIb3DQEBCwUAA4IBAQB8Dp9HySTh
v2+92qYVIyBZ30uBvKKXy+cpkIdVFP22WHEOETub5e64/uJU2yzd/6YuX9m2YKTS
77rK0OLZmfNYCI0F+f/UJqb7d+hz2sr1r3dziBx2S77ScXwl2kuwahbmxdeSsokE
HhkZPfiC5tCLWqnwWot2DHRqhgpYPG9qXGPc8QXCHE7EjxFwEwitk9ThSNBpgVzI
m4opDyQCvfDCSxNLaSEEFykUgQC3uNoRKTIzdrGBzHIpmrnb1GJO+S1cZMpHa3by
VeK2QrxV4yfZHGnw7NbuNMxmgPnNRFufc1X49m1V77b9SBEIOJuPivXsmtbfZELe
pEk5zADryEav
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org