Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/mW76VQ3T8YAE83A_c_EFS9t3Loc.roa
File: mW76VQ3T8YAE83A_c_EFS9t3Loc.roa (raw, json)
Hash identifier: ikI0w218bvzdX7ILRfz3WRye9pHXG4XKDBe2qI8TmGk=
Subject key identifier: 99:6E:FA:55:0D:D3:F1:80:04:F3:70:3F:73:F1:05:4B:DB:77:2E:87
Certificate issuer: /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial: 02E46574
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/mW76VQ3T8YAE83A_c_EFS9t3Loc.roa
Signing time: Sat 01 Jan 2022 10:04:32 +0000
ROA not before: Sat 01 Jan 2022 10:04:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.236.24.0/22 maxlen: 24
185.232.204.0/22 maxlen: 24
185.239.142.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48522612 (0x2e46574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Validity
Not Before: Jan 1 10:04:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=996efa550dd3f18004f3703f73f1054bdb772e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1e:03:a1:cc:82:8b:19:15:ee:74:c4:e4:0a:
20:06:66:97:d1:4a:6c:fd:06:76:cd:70:29:30:a1:
c9:63:70:c9:7f:f4:12:8f:87:39:ca:bc:53:58:22:
55:9e:b7:43:7b:59:b1:ae:14:42:a2:4e:09:06:99:
19:e3:f7:75:9c:31:d9:ed:b9:0a:ad:06:b2:b8:aa:
c6:5d:32:64:62:63:81:dc:4c:7c:e4:3b:7c:17:07:
43:45:86:eb:7a:2c:92:e1:3c:76:17:53:02:9f:d2:
b7:5d:6e:6f:06:06:9c:6f:e5:1c:24:88:53:b6:8f:
48:ee:f0:9e:a8:21:19:9f:7f:86:7c:a1:44:fc:15:
ee:3b:1f:1b:6b:5f:aa:c1:7a:77:18:8a:82:d0:84:
60:9a:f7:f7:60:dd:45:a0:18:b0:87:f2:f9:8a:84:
1e:7a:a4:73:05:ba:cb:88:b4:e4:45:c5:ec:b4:ec:
08:48:5f:34:b7:16:c3:f4:bb:1a:91:ee:28:1c:68:
c4:dd:e2:0a:a4:90:26:23:4b:97:78:b6:4a:18:6f:
cd:75:d5:9b:12:39:bf:7d:7d:65:07:0d:a4:34:ce:
1c:7b:2f:1f:84:eb:d0:4a:7a:62:d7:7d:67:34:ea:
e7:91:03:75:59:10:55:7f:03:04:5b:83:0c:86:a1:
e3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6E:FA:55:0D:D3:F1:80:04:F3:70:3F:73:F1:05:4B:DB:77:2E:87
X509v3 Authority Key Identifier:
keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/mW76VQ3T8YAE83A_c_EFS9t3Loc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.204.0/22
185.236.24.0/22
185.239.140.0-185.239.142.255
Signature Algorithm: sha256WithRSAEncryption
37:98:6c:bf:59:ee:36:34:ac:2f:d3:dc:c7:a2:63:cc:75:f8:
44:6d:50:94:27:8f:d9:ef:42:aa:55:7c:c5:66:1e:20:b1:86:
bf:6d:a3:7b:83:4b:ac:a7:55:bc:77:eb:ef:4b:48:74:f4:e9:
5f:f1:75:44:91:62:50:76:32:b5:5f:30:f5:07:0c:a1:ab:21:
86:f6:83:61:a2:9d:be:91:f0:62:dc:cb:87:36:aa:a5:4d:7a:
2c:94:90:ea:97:f7:29:85:ac:0a:71:45:5d:4f:7c:da:ea:92:
59:bd:63:91:da:43:99:0a:a7:20:88:15:70:b3:57:b7:cb:f8:
8c:b8:26:40:15:22:ac:88:b1:6d:62:9b:c0:d0:05:8b:88:32:
ce:60:09:81:1c:9c:3b:f6:47:3d:39:b5:a7:9c:66:ff:77:99:
50:3e:b7:7b:db:0c:ba:af:78:d0:b2:ed:63:34:42:a0:4a:cf:
7f:76:9f:dd:7a:bc:14:3c:67:39:97:00:00:07:48:c5:f4:60:
78:ea:51:ad:90:94:8c:4e:e6:82:23:40:0d:82:59:39:3f:7f:
3e:02:06:c3:a6:fc:fd:14:4c:d5:e5:de:45:b6:ad:60:f9:dd:
03:81:16:4b:d3:aa:2f:28:01:62:3c:71:f8:79:3b:ce:e1:d3:
98:95:63:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAuRldDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWVlY2Q3MWMxOTNlNGFjMzBlZDAzZDBiOWYwNWRhMTAxYzYwM2QyMB4XDTIyMDEw
MTEwMDQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk2ZWZhNTUwZGQz
ZjE4MDA0ZjM3MDNmNzNmMTA1NGJkYjc3MmU4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQeA6HMgosZFe50xOQKIAZml9FKbP0Gds1wKTChyWNwyX/0
Eo+HOcq8U1giVZ63Q3tZsa4UQqJOCQaZGeP3dZwx2e25Cq0Gsriqxl0yZGJjgdxM
fOQ7fBcHQ0WG63oskuE8dhdTAp/St11ubwYGnG/lHCSIU7aPSO7wnqghGZ9/hnyh
RPwV7jsfG2tfqsF6dxiKgtCEYJr392DdRaAYsIfy+YqEHnqkcwW6y4i05EXF7LTs
CEhfNLcWw/S7GpHuKBxoxN3iCqSQJiNLl3i2ShhvzXXVmxI5v319ZQcNpDTOHHsv
H4Tr0Ep6Ytd9ZzTq55EDdVkQVX8DBFuDDIah46cCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSZbvpVDdPxgATzcD9z8QVL23cuhzAfBgNVHSMEGDAWgBQR7s1xwZPkrDDt
A9C58F2hAcYD0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VlN05jY0dUNUt3dzdRUFF1ZkJkb1FIR0E5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8x
L21XNzZWUTNUOFlBRTgzQV9jX0VGUzl0M0xvYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8xL0VlN05jY0dUNUt3
dzdRUFF1ZkJkb1FIR0E5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEArnozAMEArnsGDAMAwQCue+MAwQA
ue+OMA0GCSqGSIb3DQEBCwUAA4IBAQA3mGy/We42NKwv09zHomPMdfhEbVCUJ4/Z
70KqVXzFZh4gsYa/baN7g0usp1W8d+vvS0h09Olf8XVEkWJQdjK1XzD1BwyhqyGG
9oNhop2+kfBi3MuHNqqlTXoslJDql/cphawKcUVdT3za6pJZvWOR2kOZCqcgiBVw
s1e3y/iMuCZAFSKsiLFtYpvA0AWLiDLOYAmBHJw79kc9ObWnnGb/d5lQPrd72wy6
r3jQsu1jNEKgSs9/dp/derwUPGc5lwAAB0jF9GB46lGtkJSMTuaCI0ANglk5P38+
AgbDpvz9FEzV5d5Ftq1g+d0DgRZL06ovKAFiPHH4eTvO4dOYlWN5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org