Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/MbS822pZsqb5snavdnp5GCvI1K0.roa
File: MbS822pZsqb5snavdnp5GCvI1K0.roa (raw, json)
Hash identifier: /AnZ4Cuvv4XD4u0RZVaV9iiU3sWXu9saHomql0Va3MA=
Subject key identifier: 31:B4:BC:DB:6A:59:B2:A6:F9:B2:76:AF:76:7A:79:18:2B:C8:D4:AD
Certificate issuer: /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial: 34D6A5D3
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/MbS822pZsqb5snavdnp5GCvI1K0.roa
Signing time: Sat 01 Jan 2022 13:55:39 +0000
ROA not before: Sat 01 Jan 2022 13:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2486
IP address blocks: 194.0.9.0/24 maxlen: 24
2001:67c:217c::/48 maxlen: 48
2001:678:c::/48 maxlen: 48
2001:67c:2160::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 886482387 (0x34d6a5d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Validity
Not Before: Jan 1 13:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31b4bcdb6a59b2a6f9b276af767a79182bc8d4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:39:ac:4b:0e:29:0d:13:c2:cc:3c:47:51:aa:
48:3f:c7:9a:15:7e:68:e3:06:2c:06:57:c3:10:2f:
63:18:d7:9d:67:8d:97:d2:36:83:51:8f:6d:03:5e:
da:10:78:42:6d:0f:84:e0:a2:96:26:ee:7f:ec:4c:
e6:6a:c9:97:09:93:73:60:9c:1f:a1:67:5a:3f:13:
a1:8e:b6:55:d3:8e:c9:99:94:b5:46:8e:6c:47:1d:
c0:e8:ab:7a:d5:7a:55:49:14:2f:e1:1b:93:54:be:
a3:d0:99:b6:7e:18:23:82:40:61:64:78:c8:e4:8c:
34:cc:a7:d5:18:31:80:75:29:04:0a:f1:5f:71:d3:
a5:8a:1b:2b:57:3a:1d:19:f0:f4:b9:ad:3e:c0:0e:
5b:01:0c:c3:dd:ec:36:51:f4:9e:c8:ef:25:a7:82:
5f:c1:b3:7f:20:8d:79:b3:37:01:c1:2e:03:79:52:
aa:c4:b7:f7:69:5c:a9:45:e8:54:9f:94:98:7a:d2:
c0:cc:10:60:54:86:d3:e3:16:2e:db:12:75:48:64:
3b:fb:00:61:0d:f5:53:74:1c:48:20:87:e2:1e:7c:
d8:f4:29:11:4a:8e:18:9d:92:9b:15:e9:00:7a:87:
ed:80:a9:33:30:c1:78:b2:be:27:e1:fd:a4:07:3c:
75:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B4:BC:DB:6A:59:B2:A6:F9:B2:76:AF:76:7A:79:18:2B:C8:D4:AD
X509v3 Authority Key Identifier:
keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/MbS822pZsqb5snavdnp5GCvI1K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.9.0/24
IPv6:
2001:678:c::/48
2001:67c:2160::/48
2001:67c:217c::/48
Signature Algorithm: sha256WithRSAEncryption
3e:c7:21:1f:7d:26:bc:8b:30:0a:cb:61:a9:f8:c2:7f:28:4b:
e3:bc:af:50:f0:6c:64:0a:f3:99:45:21:40:6e:92:1c:86:1f:
be:d2:eb:94:31:36:c4:c3:1b:94:c3:0b:d2:42:27:2c:96:e8:
b7:b7:f4:a8:13:f7:fd:4e:01:8d:50:bd:0b:68:c8:fc:e2:c4:
5d:8a:26:7f:6e:b5:c2:56:e8:71:76:2f:79:97:2d:4a:57:b9:
0e:28:c1:d0:fc:f0:7f:03:b0:de:ad:e3:19:b4:0c:40:d4:47:
63:05:d5:e7:64:1f:e7:c9:90:8f:3c:15:85:e2:87:81:58:37:
f9:0f:09:27:ea:ef:93:a1:a6:c0:9c:c1:20:df:c3:04:e8:74:
b0:b5:b7:b8:82:33:96:5b:93:dc:4e:dc:e2:d5:e3:12:28:42:
b2:8c:e9:79:68:4d:1f:ad:be:52:ee:53:53:d8:0c:c0:2f:1a:
62:0a:d0:eb:15:c2:79:fe:ad:68:e8:b4:c4:15:ee:42:7d:14:
b1:12:47:d6:54:6b:5d:42:e2:74:0e:44:8f:40:68:03:d0:9e:
9f:16:05:db:a3:c4:fb:4f:97:4e:42:41:5b:80:79:87:c2:40:
29:37:b9:a6:4c:3c:94:11:e6:61:5e:e7:d6:14:cf:42:a5:69:
64:da:12:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIENNal0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkM2MwYjY0MTRjOWM4NmUzYzk0YTcxNGRmYjI2OWNiNWU5MTY5MB4XDTIyMDEw
MTEzNTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFiNGJjZGI2YTU5
YjJhNmY5YjI3NmFmNzY3YTc5MTgyYmM4ZDRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMM5rEsOKQ0Twsw8R1GqSD/HmhV+aOMGLAZXwxAvYxjXnWeN
l9I2g1GPbQNe2hB4Qm0PhOCilibuf+xM5mrJlwmTc2CcH6FnWj8ToY62VdOOyZmU
tUaObEcdwOiretV6VUkUL+Ebk1S+o9CZtn4YI4JAYWR4yOSMNMyn1RgxgHUpBArx
X3HTpYobK1c6HRnw9LmtPsAOWwEMw93sNlH0nsjvJaeCX8GzfyCNebM3AcEuA3lS
qsS392lcqUXoVJ+UmHrSwMwQYFSG0+MWLtsSdUhkO/sAYQ31U3QcSCCH4h582PQp
EUqOGJ2SmxXpAHqH7YCpMzDBeLK+J+H9pAc8dRECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQxtLzbalmypvmydq92enkYK8jUrTAfBgNVHSMEGDAWgBRejTwLZBTJyG48
lKcU37Jpy16RaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMDhDMlFVeWNodVBKU25GTi15YWN0ZWtXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZWMzNTMxLTgyZjgtNGI0ZC1iNTkwLTIzNDMwOTUwNjA5Yy8x
L01iUzgyMnBac3FiNXNuYXZkbnA1R0N2STFLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZWMzNTMxLTgyZjgtNGI0ZC1iNTkwLTIzNDMwOTUwNjA5Yy8xL1hvMDhDMlFVeWNo
dVBKU25GTi15YWN0ZWtXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEAMIACTAhBAIAAjAbAwcAIAEGeAAM
AwcAIAEGfCFgAwcAIAEGfCF8MA0GCSqGSIb3DQEBCwUAA4IBAQA+xyEffSa8izAK
y2Gp+MJ/KEvjvK9Q8GxkCvOZRSFAbpIchh++0uuUMTbEwxuUwwvSQicslui3t/So
E/f9TgGNUL0LaMj84sRdiiZ/brXCVuhxdi95ly1KV7kOKMHQ/PB/A7DereMZtAxA
1EdjBdXnZB/nyZCPPBWF4oeBWDf5Dwkn6u+ToabAnMEg38ME6HSwtbe4gjOWW5Pc
Ttzi1eMSKEKyjOl5aE0frb5S7lNT2AzALxpiCtDrFcJ5/q1o6LTEFe5CfRSxEkfW
VGtdQuJ0DkSPQGgD0J6fFgXbo8T7T5dOQkFbgHmHwkApN7mmTDyUEeZhXufWFM9C
pWlk2hIU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org