Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MSzka8e55npf4WzPYKnPw0Kq1rA.roa
File: MSzka8e55npf4WzPYKnPw0Kq1rA.roa (raw, json)
Hash identifier: g/AQCFhCV3O2/HywILV8gd/JfjRynybuXujzJLedVkg=
Subject key identifier: 31:2C:E4:6B:C7:B9:E6:7A:5F:E1:6C:CF:60:A9:CF:C3:42:AA:D6:B0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824A1457E04A6044150AF651FB3470AA08
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MSzka8e55npf4WzPYKnPw0Kq1rA.roa
Signing time: Fri 29 Jul 2022 13:10:23 +0000
ROA not before: Fri 29 Jul 2022 13:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.229.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:14:57:e0:4a:60:44:15:0a:f6:51:fb:34:70:aa:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 29 13:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=312ce46bc7b9e67a5fe16ccf60a9cfc342aad6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:03:d5:48:87:94:e5:0c:d5:e0:c4:73:80:
46:c6:40:45:02:e7:f2:a5:1e:af:fe:2a:0c:9c:99:
39:7d:05:5b:03:d7:23:36:b0:89:12:79:db:79:96:
d3:38:95:20:2f:2e:dd:52:a1:81:47:08:6b:c6:c7:
75:b5:a8:a1:d8:6f:3d:36:91:02:b6:0a:18:31:ae:
b9:d7:37:a5:3b:41:0b:63:be:a7:49:22:f2:5c:bd:
06:2e:f4:9c:7d:84:8e:e5:69:4f:3d:eb:91:69:8f:
e4:68:1f:3a:83:65:4e:e0:cd:23:e9:44:3a:d6:4f:
88:89:06:f6:87:c7:13:a4:c6:2e:ca:59:bb:ae:55:
f2:38:bb:68:de:58:a5:a3:7f:f2:a5:16:91:06:be:
b4:1b:10:4a:26:53:28:11:57:70:f4:33:4e:ea:39:
3a:e2:8e:fa:6c:6c:89:63:33:ba:08:cb:b5:9a:57:
00:f2:d1:e0:1a:28:06:a4:33:8a:61:a3:26:2a:d1:
82:43:cb:63:f7:40:6d:f2:c8:19:35:85:13:4d:4a:
62:56:96:f4:ce:4b:25:2c:cb:4b:a9:6f:6e:21:dc:
8e:0a:ee:6c:de:d7:4b:b2:cb:d2:27:b6:4e:83:28:
e8:fd:0b:5c:45:98:a3:6c:3d:1b:12:b7:83:ae:f8:
66:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2C:E4:6B:C7:B9:E6:7A:5F:E1:6C:CF:60:A9:CF:C3:42:AA:D6:B0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MSzka8e55npf4WzPYKnPw0Kq1rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
88.151.62.0/24
88.209.228.0/23
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.217.0-92.52.218.255
Signature Algorithm: sha256WithRSAEncryption
5f:32:90:a9:d1:59:98:d3:3e:50:f9:5d:e7:95:05:4e:d9:e4:
f0:1b:16:65:79:ca:a9:ea:f6:1f:7b:5c:aa:dd:88:08:12:ef:
ed:3e:96:84:43:ae:15:16:04:a9:72:42:b5:cb:aa:5b:b6:2c:
e2:50:66:1f:41:87:11:f3:ea:ab:03:b7:8c:79:f7:e8:17:ed:
30:8c:d8:5d:9f:78:55:45:46:58:71:08:07:20:49:b8:da:5a:
26:71:d3:d4:f2:4d:47:51:8a:07:40:3f:e2:73:7e:3d:c7:10:
f8:c3:1d:84:94:68:dd:02:9b:79:42:c1:6d:94:13:57:39:2f:
41:4c:73:cd:bf:0b:21:9f:3b:85:d0:e7:06:55:7c:fe:dc:22:
bf:e9:87:8c:c3:4d:3f:f0:54:7b:b9:d5:de:ca:2f:be:20:77:
49:93:9a:1b:15:8e:be:2c:3b:a9:32:be:af:91:7c:03:c2:ca:
f3:8c:33:9b:87:af:03:3a:d7:58:d3:5a:86:d7:0b:a2:85:d9:
ae:d0:c7:cd:7b:03:75:7d:3a:01:b5:d2:84:20:36:2c:e2:ce:
24:6c:87:45:e3:78:7f:9e:ba:2a:5c:da:75:07:ad:94:f7:5b:
65:4f:12:d9:ce:61:52:8b:53:ae:a6:84:13:a1:22:d1:98:86:
1e:29:61:62
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYJKFFfgSmBEFQr2Ufs0cKoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI5MTMxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJjZTQ2YmM3YjllNjdhNWZlMTZjY2Y2MGE5Y2ZjMzQyYWFkNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUkD1UiHlOUM1eDEc4BGxkBFAufy
pR6v/ioMnJk5fQVbA9cjNrCJEnnbeZbTOJUgLy7dUqGBRwhrxsd1taih2G89NpEC
tgoYMa651zelO0ELY76nSSLyXL0GLvScfYSO5WlPPeuRaY/kaB86g2VO4M0j6UQ6
1k+IiQb2h8cTpMYuylm7rlXyOLto3lilo3/ypRaRBr60GxBKJlMoEVdw9DNO6jk6
4o76bGyJYzO6CMu1mlcA8tHgGigGpDOKYaMmKtGCQ8tj90Bt8sgZNYUTTUpiVpb0
zkslLMtLqW9uIdyOCu5s3tdLssvSJ7ZOgyjo/QtcRZijbD0bEreDrvhmfwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDEs5GvHueZ6X+Fsz2Cpz8NCqtawMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTVN6a2E4ZTU1bnBmNFd6UFlLblB3MEtxMXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQABbZwAwQA
BbZzAwQALQmoAwQCTfKYAwQAU4mZAwQBU4mcAwQAWJc+AwQBWNHkAwQCWNHsAwQB
WNH2MAwDBABY0f0DBABY0f4wDAMEAFw02QMEAFw02jANBgkqhkiG9w0BAQsFAAOC
AQEAXzKQqdFZmNM+UPld55UFTtnk8BsWZXnKqer2H3tcqt2ICBLv7T6WhEOuFRYE
qXJCtcuqW7Ys4lBmH0GHEfPqqwO3jHn36BftMIzYXZ94VUVGWHEIByBJuNpaJnHT
1PJNR1GKB0A/4nN+PccQ+MMdhJRo3QKbeULBbZQTVzkvQUxzzb8LIZ87hdDnBlV8
/twiv+mHjMNNP/BUe7nV3sovviB3SZOaGxWOviw7qTK+r5F8A8LK84wzm4evAzrX
WNNahtcLooXZrtDHzXsDdX06AbXShCA2LOLOJGyHReN4f566KlzadQetlPdbZU8S
2c5hUotTrqaEE6Ei0ZiGHilhYg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:00 2023 by rpki-client on console-fra.rpki-client.org