Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3ff027-33d4-419d-aa6b-4b983f1b84a2/1/MCKmNNF9IMeAqWmVW4OvEaKdK94.roa
File: MCKmNNF9IMeAqWmVW4OvEaKdK94.roa (raw, json)
Hash identifier: xRcQNBRWYu3lLp/cxYO2COPy0mAf36W2VpjLX5hGYaM=
Subject key identifier: 30:22:A6:34:D1:7D:20:C7:80:A9:69:95:5B:83:AF:11:A2:9D:2B:DE
Certificate issuer: /CN=ee2c487b6b6bdda22179072d92a8f01e8e736634
Certificate serial: 0D6274BF
Authority key identifier: EE:2C:48:7B:6B:6B:DD:A2:21:79:07:2D:92:A8:F0:1E:8E:73:66:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ixIe2tr3aIheQctkqjwHo5zZjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3ff027-33d4-419d-aa6b-4b983f1b84a2/1/MCKmNNF9IMeAqWmVW4OvEaKdK94.roa
Signing time: Sat 01 Jan 2022 04:58:03 +0000
ROA not before: Sat 01 Jan 2022 04:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57376
IP address blocks: 185.232.0.0/22 maxlen: 24
149.232.252.0/22 maxlen: 24
2a0c:9700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224556223 (0xd6274bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee2c487b6b6bdda22179072d92a8f01e8e736634
Validity
Not Before: Jan 1 04:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3022a634d17d20c780a969955b83af11a29d2bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:71:65:d6:f3:b9:48:52:81:7e:d2:2d:e8:a4:
3a:7d:45:18:36:d1:b5:f3:c6:c0:57:35:2f:26:0d:
cc:d4:72:a8:9c:8e:77:c2:db:22:9b:8f:1f:ed:e7:
36:06:e6:2d:b7:1a:36:64:63:82:7c:29:75:08:2d:
e9:9f:be:72:e9:77:17:69:bd:fe:bd:6e:6c:df:30:
8d:0f:e8:01:c2:ee:64:98:f1:7d:c2:43:24:9a:04:
26:66:a8:71:fd:ef:32:ce:fa:a8:ae:3b:8a:d3:23:
f4:f1:7c:17:6d:42:0d:72:33:b5:61:f9:93:f9:99:
78:c0:a0:be:14:9e:68:a3:16:5a:23:ea:a6:23:36:
32:02:ac:fc:29:08:85:01:cb:8b:b0:c5:fb:3c:de:
5e:b0:cb:f0:de:01:e2:3a:9f:52:18:5d:da:76:3f:
e5:19:a2:48:36:f1:4f:9a:da:d8:35:18:44:61:29:
e5:b3:1d:ef:1a:37:db:51:0d:b9:bb:52:81:5d:b2:
49:2d:63:04:15:86:da:9a:0c:6f:cd:63:ce:c4:0e:
85:f0:9d:77:03:ba:4a:34:ff:0e:34:f2:40:0c:09:
8c:50:10:c4:3e:c3:62:70:5a:b2:13:5d:60:be:35:
4a:01:e3:ba:2d:d4:6a:1c:da:9f:8b:5d:ae:7c:e8:
87:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:22:A6:34:D1:7D:20:C7:80:A9:69:95:5B:83:AF:11:A2:9D:2B:DE
X509v3 Authority Key Identifier:
keyid:EE:2C:48:7B:6B:6B:DD:A2:21:79:07:2D:92:A8:F0:1E:8E:73:66:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ixIe2tr3aIheQctkqjwHo5zZjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ff027-33d4-419d-aa6b-4b983f1b84a2/1/MCKmNNF9IMeAqWmVW4OvEaKdK94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ff027-33d4-419d-aa6b-4b983f1b84a2/1/7ixIe2tr3aIheQctkqjwHo5zZjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.252.0/22
185.232.0.0/22
IPv6:
2a0c:9700::/29
Signature Algorithm: sha256WithRSAEncryption
26:2a:02:32:2f:ce:42:9b:dc:25:5e:b5:8e:44:91:78:a5:0d:
a8:5a:ff:6a:82:cb:48:95:5d:dc:19:c0:8b:89:e7:a1:fa:08:
c8:0b:e4:36:89:5e:6a:f7:f3:20:e3:b7:66:90:b3:2a:40:f8:
b3:38:9c:5e:41:9c:50:0c:1c:a6:86:d0:27:c6:17:e7:09:09:
a4:50:6a:92:dc:72:32:93:1f:e0:30:30:02:d8:46:b7:2f:03:
30:12:60:02:78:5a:0b:d6:53:c1:71:c2:ae:01:f1:9a:92:aa:
78:b0:77:1a:77:1a:22:5d:2a:96:5b:4f:6a:9e:a4:3e:6f:1b:
18:84:df:18:5f:c6:e5:2b:1f:83:36:21:1a:6f:80:65:76:d4:
9f:f6:c7:bd:18:ee:6d:9e:5d:b7:ee:9a:fa:be:45:fc:8b:bf:
a7:93:5b:02:c2:ea:66:f4:d4:29:77:d5:f8:b9:53:df:3d:38:
6b:0b:23:fc:33:ab:35:43:59:c0:22:31:70:0c:32:54:fd:25:
56:a4:c2:dd:45:ed:60:a1:f1:73:82:ad:f1:68:38:93:c7:26:
d7:c6:7f:b7:a9:f6:72:fa:84:b5:6a:10:f0:90:77:ca:6d:1d:
86:85:e8:d0:e7:cd:41:5f:20:fd:fa:ec:43:f3:3b:c2:a7:2f:
18:46:1b:22
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDWJ0vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTJjNDg3YjZiNmJkZGEyMjE3OTA3MmQ5MmE4ZjAxZThlNzM2NjM0MB4XDTIyMDEw
MTA0NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAyMmE2MzRkMTdk
MjBjNzgwYTk2OTk1NWI4M2FmMTFhMjlkMmJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhxZdbzuUhSgX7SLeikOn1FGDbRtfPGwFc1LyYNzNRyqJyO
d8LbIpuPH+3nNgbmLbcaNmRjgnwpdQgt6Z++cul3F2m9/r1ubN8wjQ/oAcLuZJjx
fcJDJJoEJmaocf3vMs76qK47itMj9PF8F21CDXIztWH5k/mZeMCgvhSeaKMWWiPq
piM2MgKs/CkIhQHLi7DF+zzeXrDL8N4B4jqfUhhd2nY/5RmiSDbxT5ra2DUYRGEp
5bMd7xo321ENubtSgV2ySS1jBBWG2poMb81jzsQOhfCddwO6SjT/DjTyQAwJjFAQ
xD7DYnBashNdYL41SgHjui3Uahzan4tdrnzoh80CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQwIqY00X0gx4CpaZVbg68Rop0r3jAfBgNVHSMEGDAWgBTuLEh7a2vdoiF5
By2SqPAejnNmNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdpeEllMnRyM2FJaGVRY3RrcWp3SG81elpqUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvM2ZmMDI3LTMzZDQtNDE5ZC1hYTZiLTRiOTgzZjFiODRhMi8x
L01DS21OTkY5SU1lQXFXbVZXNE92RWFLZEs5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
M2ZmMDI3LTMzZDQtNDE5ZC1hYTZiLTRiOTgzZjFiODRhMi8xLzdpeEllMnRyM2FJ
aGVRY3RrcWp3SG81elpqUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEApXo/AMEArnoADANBAIAAjAHAwUD
KgyXADANBgkqhkiG9w0BAQsFAAOCAQEAJioCMi/OQpvcJV61jkSReKUNqFr/aoLL
SJVd3BnAi4nnofoIyAvkNoleavfzIOO3ZpCzKkD4szicXkGcUAwcpobQJ8YX5wkJ
pFBqktxyMpMf4DAwAthGty8DMBJgAnhaC9ZTwXHCrgHxmpKqeLB3GncaIl0qlltP
ap6kPm8bGITfGF/G5SsfgzYhGm+AZXbUn/bHvRjubZ5dt+6a+r5F/Iu/p5NbAsLq
ZvTUKXfV+LlT3z04awsj/DOrNUNZwCIxcAwyVP0lVqTC3UXtYKHxc4Kt8Wg4k8cm
18Z/t6n2cvqEtWoQ8JB3ym0dhoXo0OfNQV8g/frsQ/M7wqcvGEYbIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:45 2024 by rpki-client on console-fra.rpki-client.org