Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/moyjS2S_dw7MrxIL-sJAkQzCbt4.roa
File: moyjS2S_dw7MrxIL-sJAkQzCbt4.roa (raw, json)
Hash identifier: Qn1xQwzRjGm8U8k+OM1FqTPkznvNRa3XH68PoXYrQ6c=
Subject key identifier: 9A:8C:A3:4B:64:BF:77:0E:CC:AF:12:0B:FA:C2:40:91:0C:C2:6E:DE
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184410C88E7D7FD89C4FCCED222A3275798
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/moyjS2S_dw7MrxIL-sJAkQzCbt4.roa
Signing time: Fri 04 Nov 2022 05:10:51 +0000
ROA not before: Fri 04 Nov 2022 05:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 85.158.150.0/24 maxlen: 24
85.158.151.0/24 maxlen: 24
85.158.149.0/24 maxlen: 24
85.158.148.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.10.240.0/20 maxlen: 20
164.215.98.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:0c:88:e7:d7:fd:89:c4:fc:ce:d2:22:a3:27:57:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 4 05:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a8ca34b64bf770eccaf120bfac240910cc26ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:d1:26:20:9f:aa:b6:b9:70:0b:0b:71:27:
a3:e0:4f:b3:3c:7a:f5:23:38:d6:17:f7:5c:40:4e:
9e:d8:fa:0b:89:3a:af:bf:15:01:91:4f:2d:df:26:
af:48:2e:7b:45:c6:16:38:e7:9c:04:9d:d7:f8:07:
10:73:2b:44:aa:7e:3f:10:9e:1e:0f:b0:9a:c3:b0:
cb:e9:da:e4:ed:f0:59:b1:08:81:a8:17:25:78:1e:
0e:09:ea:ce:2d:22:fd:3e:6d:7c:63:cf:7d:fa:33:
6a:14:eb:da:f2:f2:7e:07:5f:90:29:e2:3b:55:0a:
b9:51:1a:b4:18:7a:32:1b:51:3a:b5:b6:b1:d3:0c:
9d:71:05:74:f1:82:e1:4e:a8:3b:6d:f9:80:76:a6:
16:bd:e1:9e:47:a8:14:66:99:2b:46:7a:77:76:7c:
63:f6:b4:1e:93:d5:b3:bb:ee:e5:1b:43:7c:71:bc:
c7:a8:94:36:91:64:15:32:ac:36:88:d9:c7:6d:22:
3f:4f:68:85:59:67:31:11:c8:e9:fc:d0:c5:b9:58:
61:c1:15:26:76:08:b1:cf:18:9b:8d:87:b4:7d:aa:
4e:c1:99:1b:f7:54:97:d4:59:ee:dc:c2:63:2d:41:
92:b3:a8:55:49:f6:b0:08:a7:1b:2e:f4:fe:ed:bc:
b0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8C:A3:4B:64:BF:77:0E:CC:AF:12:0B:FA:C2:40:91:0C:C2:6E:DE
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/moyjS2S_dw7MrxIL-sJAkQzCbt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/20
5.178.2.0/23
37.128.200.0/22
46.23.100.0/22
85.158.148.0/22
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:46:0d:ed:7b:3e:de:38:21:9e:d5:21:17:ad:bc:1a:e9:1e:
fa:47:94:9c:e8:f2:30:ae:a5:0e:da:e9:a1:cf:9a:8f:00:ca:
b1:f5:c7:d0:c8:66:dc:e8:fe:42:81:a5:7b:22:d9:c8:b6:41:
4b:35:b2:44:87:61:94:d3:3c:98:7d:80:79:84:40:05:cb:3d:
2c:d3:25:61:4b:61:58:9a:53:78:fc:27:24:db:27:cf:3d:db:
31:75:ab:a0:98:b7:8b:29:d0:8e:7f:47:b1:59:7c:59:a2:01:
4b:18:a0:19:7c:ae:57:6a:82:70:b2:a2:3a:00:ff:7d:51:4a:
27:1d:ff:f4:02:4a:b5:57:a8:2f:1d:a2:b0:63:1d:c6:3a:93:
ff:00:88:6d:e1:1a:87:d9:0d:20:17:7f:cf:d6:3e:c4:b3:ec:
a7:d8:cc:48:06:dd:30:97:f9:0a:66:b9:5e:d5:a0:b0:18:18:
3e:a1:aa:f4:4d:4e:4a:70:50:44:eb:ee:1a:73:1a:1a:a4:db:
12:f1:06:d0:de:a4:7b:55:dd:0d:0e:56:d1:9f:1d:8d:f7:ef:
66:cf:ba:aa:51:35:f0:35:ed:0b:77:f4:f0:6d:0c:33:cb:68:
56:8b:39:9e:22:57:96:2c:30:2b:2b:4c:87:61:c3:62:28:da:
bc:0e:5c:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRBDIjn1/2JxPzO0iKjJ1eYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTA0MDUxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThjYTM0YjY0YmY3NzBlY2NhZjEyMGJmYWMyNDA5MTBjYzI2ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YnRJiCfqra5cAsLcSej4E+zPHr1
IzjWF/dcQE6e2PoLiTqvvxUBkU8t3yavSC57RcYWOOecBJ3X+AcQcytEqn4/EJ4e
D7Caw7DL6drk7fBZsQiBqBcleB4OCerOLSL9Pm18Y899+jNqFOva8vJ+B1+QKeI7
VQq5URq0GHoyG1E6tbax0wydcQV08YLhTqg7bfmAdqYWveGeR6gUZpkrRnp3dnxj
9rQek9Wzu+7lG0N8cbzHqJQ2kWQVMqw2iNnHbSI/T2iFWWcxEcjp/NDFuVhhwRUm
dgixzxibjYe0fapOwZkb91SX1Fnu3MJjLUGSs6hVSfawCKcbLvT+7bywqQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJqMo0tkv3cOzK8SC/rCQJEMwm7eMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbW95alMyU19kdzdNcnhJTC1zSkFrUXpDYnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEBQrwAwQB
BbICAwQCJYDIAwQCLhdkAwQCVZ6UAwQCpNdgMA0GCSqGSIb3DQEBCwUAA4IBAQCh
Rg3tez7eOCGe1SEXrbwa6R76R5Sc6PIwrqUO2umhz5qPAMqx9cfQyGbc6P5CgaV7
ItnItkFLNbJEh2GU0zyYfYB5hEAFyz0s0yVhS2FYmlN4/Cck2yfPPdsxdaugmLeL
KdCOf0exWXxZogFLGKAZfK5XaoJwsqI6AP99UUonHf/0Akq1V6gvHaKwYx3GOpP/
AIht4RqH2Q0gF3/P1j7Es+yn2MxIBt0wl/kKZrle1aCwGBg+oar0TU5KcFBE6+4a
cxoapNsS8QbQ3qR7Vd0NDlbRnx2N9+9mz7qqUTXwNe0Ld/TwbQwzy2hWizmeIleW
LDArK0yHYcNiKNq8Dlzq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org