Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mf6vGpLx65DOluNRiiys2Kkv6kI.roa
File: mf6vGpLx65DOluNRiiys2Kkv6kI.roa (raw, json)
Hash identifier: GDpEQ9HYJqGvrXqZa4BrNHI3oegb4P8ebpKKRtNUink=
Subject key identifier: 99:FE:AF:1A:92:F1:EB:90:CE:96:E3:51:8A:2C:AC:D8:A9:2F:EA:42
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 438948B2
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mf6vGpLx65DOluNRiiys2Kkv6kI.roa
Signing time: Tue 05 Apr 2022 13:02:36 +0000
ROA not before: Tue 05 Apr 2022 13:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42649
IP address blocks: 194.14.135.0/24 maxlen: 24
193.235.51.0/24 maxlen: 24
193.235.73.0/24 maxlen: 24
194.71.245.0/24 maxlen: 24
194.68.159.0/24 maxlen: 24
193.234.255.0/24 maxlen: 24
192.71.184.0/24 maxlen: 24
193.180.20.0/24 maxlen: 24
193.235.193.0/24 maxlen: 24
194.68.160.0/24 maxlen: 24
193.235.130.0/24 maxlen: 24
193.234.83.0/24 maxlen: 24
193.234.86.0/24 maxlen: 24
193.180.121.0/24 maxlen: 24
194.103.4.0/24 maxlen: 24
193.183.239.0/24 maxlen: 24
193.234.77.0/24 maxlen: 24
193.234.76.0/24 maxlen: 24
192.165.198.0/24 maxlen: 24
192.36.31.0/24 maxlen: 24
194.68.43.0/24 maxlen: 24
194.103.43.0/24 maxlen: 24
192.165.127.0/24 maxlen: 24
192.165.131.0/24 maxlen: 24
192.165.138.0/23 maxlen: 24
193.182.110.0/24 maxlen: 24
192.121.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1133070514 (0x438948b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 5 13:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99feaf1a92f1eb90ce96e3518a2cacd8a92fea42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a1:86:ef:25:38:73:49:a9:29:3c:32:23:25:
2a:8d:75:34:ef:47:c6:d1:51:d1:2c:6f:33:54:db:
6d:6c:73:de:55:ef:c8:a2:26:8c:98:c6:b9:51:30:
22:0e:84:6e:f5:8c:3d:03:e5:2f:46:aa:00:c7:ff:
46:b9:76:12:ea:f9:1f:d9:2b:08:3c:9e:c5:47:a3:
56:3c:5b:96:42:68:c1:85:ac:64:0c:f9:44:8e:ab:
e1:04:41:13:f9:64:b7:68:5d:4f:b6:06:b1:ad:28:
5a:03:12:a7:ae:e6:cd:06:76:4d:63:00:ee:0a:2e:
a7:54:98:bb:39:0e:b8:a8:0c:fe:0c:4c:06:cd:d0:
56:cd:fe:f1:b2:eb:25:d4:7e:3e:c6:aa:ae:8b:37:
16:07:e6:3a:68:9d:26:db:19:64:59:ff:85:3e:84:
87:79:81:87:25:65:ff:ff:59:be:f6:80:46:0f:93:
0a:c8:27:79:62:7b:28:0d:d4:2e:45:7e:4c:67:e4:
24:c6:f2:ba:9b:0d:26:d3:17:83:8c:a7:b0:4e:97:
ae:fc:6f:13:f8:57:e1:61:e7:d4:c6:3c:ad:38:8c:
b6:48:80:47:9d:2f:8a:94:49:cc:f4:9c:63:51:49:
a6:5f:30:c5:85:c2:94:a2:b0:f2:0b:f7:4e:1d:21:
f6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FE:AF:1A:92:F1:EB:90:CE:96:E3:51:8A:2C:AC:D8:A9:2F:EA:42
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mf6vGpLx65DOluNRiiys2Kkv6kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.31.0/24
192.71.184.0/24
192.121.226.0/24
192.165.127.0/24
192.165.131.0/24
192.165.138.0/23
192.165.198.0/24
193.180.20.0/24
193.180.121.0/24
193.182.110.0/24
193.183.239.0/24
193.234.76.0/23
193.234.83.0/24
193.234.86.0/24
193.234.255.0/24
193.235.51.0/24
193.235.73.0/24
193.235.130.0/24
193.235.193.0/24
194.14.135.0/24
194.68.43.0/24
194.68.159.0-194.68.160.255
194.71.245.0/24
194.103.4.0/24
194.103.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:2e:aa:9b:b7:ce:2a:f6:96:4d:66:4e:ac:af:2d:82:02:80:
71:8a:b3:99:e3:bb:3e:57:a6:98:0b:7e:0c:99:ab:42:d7:f8:
06:53:ba:03:b0:e8:4a:9b:61:47:f8:51:a0:eb:cf:1b:48:74:
ff:62:be:68:8e:f7:ed:78:02:be:d7:1e:84:54:99:b1:f5:e5:
07:88:eb:ed:0b:af:13:d7:bf:85:2c:40:4e:93:f6:a0:9e:17:
ec:be:dd:b9:1e:38:58:5d:ce:89:ce:72:f7:47:3e:da:c4:03:
ee:4e:ce:9c:e1:42:81:92:1b:c1:7f:9e:b7:c3:12:1f:63:3b:
ef:40:f3:28:76:e4:fe:3e:2d:cc:d3:a4:0d:f6:3a:d0:a8:ae:
d9:20:0a:40:6c:a1:1c:10:d2:95:78:54:05:9a:45:4b:89:e0:
48:3c:85:db:3e:11:ce:2a:ff:a6:a8:fe:0e:9b:e7:be:e0:cc:
60:0a:28:7a:c8:82:07:a6:c0:ac:b8:2f:24:48:8e:79:13:0a:
67:28:f6:0a:0a:96:76:49:af:b8:a5:2f:8f:c2:2d:37:16:c4:
ae:fa:28:0d:ea:f7:2d:18:e4:a4:64:63:ca:b6:4c:e6:59:9c:
ce:4d:0f:8f:26:84:9d:9c:8c:60:58:1d:1a:53:45:64:a4:91:
e8:b7:83:02
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIEQ4lIsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDQw
NTEzMDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlmZWFmMWE5MmYx
ZWI5MGNlOTZlMzUxOGEyY2FjZDhhOTJmZWE0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6hhu8lOHNJqSk8MiMlKo11NO9HxtFR0SxvM1TbbWxz3lXv
yKImjJjGuVEwIg6EbvWMPQPlL0aqAMf/Rrl2Eur5H9krCDyexUejVjxblkJowYWs
ZAz5RI6r4QRBE/lkt2hdT7YGsa0oWgMSp67mzQZ2TWMA7goup1SYuzkOuKgM/gxM
Bs3QVs3+8bLrJdR+Psaqros3FgfmOmidJtsZZFn/hT6Eh3mBhyVl//9ZvvaARg+T
CsgneWJ7KA3ULkV+TGfkJMbyupsNJtMXg4ynsE6XrvxvE/hX4WHn1MY8rTiMtkiA
R50vipRJzPScY1FJpl8wxYXClKKw8gv3Th0h9q0CAwEAAaOCAqYwggKiMB0GA1Ud
DgQWBBSZ/q8akvHrkM6W41GKLKzYqS/qQjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L21mNnZHcEx4NjVET2x1TlJpaXlzMktrdjZrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uwYIKwYBBQUHAQcBAf8EgaswgagwgaUEAgABMIGeAwQAwCQfAwQAwEe4AwQAwHni
AwQAwKV/AwQAwKWDAwQBwKWKAwQAwKXGAwQAwbQUAwQAwbR5AwQAwbZuAwQAwbfv
AwQBwepMAwQAwepTAwQAwepWAwQAwer/AwQAweszAwQAwetJAwQAweuCAwQAwevB
AwQAwg6HAwQAwkQrMAwDBADCRJ8DBADCRKADBADCR/UDBADCZwQDBADCZyswDQYJ
KoZIhvcNAQELBQADggEBAF4uqpu3zir2lk1mTqyvLYICgHGKs5njuz5XppgLfgyZ
q0LX+AZTugOw6EqbYUf4UaDrzxtIdP9ivmiO9+14Ar7XHoRUmbH15QeI6+0LrxPX
v4UsQE6T9qCeF+y+3bkeOFhdzonOcvdHPtrEA+5OzpzhQoGSG8F/nrfDEh9jO+9A
8yh25P4+LczTpA32OtCortkgCkBsoRwQ0pV4VAWaRUuJ4Eg8hds+Ec4q/6ao/g6b
577gzGAKKHrIggemwKy4LyRIjnkTCmco9goKlnZJr7ilL4/CLTcWxK76KA3q9y0Y
5KRkY8q2TOZZnM5ND48mhJ2cjGBYHRpTRWSkkei3gwI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org