Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Mf-2viwcsKqe30YLu6HFgBZVYD8.roa
File: Mf-2viwcsKqe30YLu6HFgBZVYD8.roa (raw, json)
Hash identifier: YRXN5hofM/kTrS4q1A7ltQK1AYnhC1cocsYyAqst2ck=
Subject key identifier: 31:FF:B6:BE:2C:1C:B0:AA:9E:DF:46:0B:BB:A1:C5:80:16:55:60:3F
Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702
Certificate serial: 37B8D13D
Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Mf-2viwcsKqe30YLu6HFgBZVYD8.roa
Signing time: Sat 01 Jan 2022 00:57:32 +0000
ROA not before: Sat 01 Jan 2022 00:57:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51402
IP address blocks: 185.196.224.0/22 maxlen: 22
185.128.120.0/22 maxlen: 22
185.221.136.0/22 maxlen: 22
178.239.64.0/20 maxlen: 20
2a02:2760::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934859069 (0x37b8d13d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702
Validity
Not Before: Jan 1 00:57:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31ffb6be2c1cb0aa9edf460bbba1c5801655603f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3e:13:70:30:8c:2f:f8:d3:eb:51:e6:cf:bc:
bd:f0:86:6f:aa:08:c0:75:59:85:d8:60:31:71:14:
ee:d3:e1:52:c0:29:a1:d8:12:2c:df:58:ab:9f:6c:
36:1f:d3:be:25:1c:0e:14:36:70:63:a3:29:37:e6:
72:b0:38:5c:9a:ab:df:47:b6:2b:8d:a0:ea:0f:8f:
d5:40:2b:62:aa:5a:88:ac:2b:99:7d:17:8a:6d:73:
4e:bf:8d:d7:23:60:d1:83:6f:66:ce:84:10:d5:7f:
b6:39:dd:c0:a0:e8:b4:18:5c:79:44:dc:60:b7:6a:
f5:2c:8f:4f:30:20:f5:b6:95:1d:fc:f1:86:8a:7c:
1d:7b:89:6c:99:ae:85:ed:85:f9:de:f9:1e:13:29:
c0:78:93:53:16:86:22:b2:08:60:10:ae:01:8c:ff:
c5:c3:f3:46:ee:01:5f:10:c1:e6:8e:b0:83:29:ac:
bb:a0:64:45:26:38:2e:9d:dd:88:6b:55:f7:ea:b9:
9b:28:8e:3b:4c:39:bc:8c:e9:81:7e:b5:f0:f9:79:
93:c7:52:ee:b5:97:f4:f6:4f:da:16:ce:3e:60:10:
c0:35:0f:b1:8a:13:0a:cb:ee:ff:33:1f:bf:11:54:
f9:58:b5:5e:5f:34:9c:db:6c:a3:0a:bf:10:27:f5:
2a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FF:B6:BE:2C:1C:B0:AA:9E:DF:46:0B:BB:A1:C5:80:16:55:60:3F
X509v3 Authority Key Identifier:
keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Mf-2viwcsKqe30YLu6HFgBZVYD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.64.0/20
185.128.120.0/22
185.196.224.0/22
185.221.136.0/22
IPv6:
2a02:2760::/32
Signature Algorithm: sha256WithRSAEncryption
80:bb:39:05:9c:35:a1:dc:7d:d0:e1:f4:68:d8:5f:e3:46:ea:
93:45:ef:bc:dc:ab:a6:2e:f3:71:cb:32:70:b5:4b:25:e2:c3:
4f:bb:24:8c:ce:c7:2e:37:5e:65:50:91:e2:77:ff:b3:da:84:
66:99:9d:d0:56:67:16:3c:62:60:9c:7a:9d:ed:99:cc:4b:a7:
52:f8:63:12:f6:09:19:41:9d:fd:0f:c3:f9:a5:5a:70:7e:26:
85:75:7e:cb:0d:95:ac:f2:5a:1f:db:a9:31:e5:44:14:7c:3b:
93:91:79:dc:9b:ee:1b:31:60:52:9b:22:c1:20:43:20:bc:4e:
11:5d:28:39:8d:94:7a:c7:12:ad:32:23:07:bb:21:99:a5:6b:
92:b2:93:f4:63:f7:28:e9:2f:27:e7:23:e9:fb:64:7b:8a:69:
44:c2:c6:b1:8e:68:1b:f5:83:ba:f5:69:df:83:dd:9e:f2:7e:
e7:bc:ab:80:68:c4:cf:80:f4:03:02:c1:10:ff:f0:93:71:f9:
ea:8c:9a:b3:d7:65:af:6e:dd:50:91:36:4f:42:57:ce:2a:8a:
81:ef:af:e6:50:ef:fe:2c:c3:6e:59:11:3e:6f:5a:6b:99:07:
b1:89:bb:79:e7:1e:06:ea:a1:8f:7a:83:36:08:29:9f:70:25:
18:39:02:dd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEN7jRPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjhkZjk5ODI0Y2U2N2IwY2I1Zjg3ZmM0NjU5OWUxM2FkZWE1NzAyMB4XDTIyMDEw
MTAwNTczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFmZmI2YmUyYzFj
YjBhYTllZGY0NjBiYmJhMWM1ODAxNjU1NjAzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8+E3AwjC/40+tR5s+8vfCGb6oIwHVZhdhgMXEU7tPhUsAp
odgSLN9Yq59sNh/TviUcDhQ2cGOjKTfmcrA4XJqr30e2K42g6g+P1UArYqpaiKwr
mX0Xim1zTr+N1yNg0YNvZs6EENV/tjndwKDotBhceUTcYLdq9SyPTzAg9baVHfzx
hop8HXuJbJmuhe2F+d75HhMpwHiTUxaGIrIIYBCuAYz/xcPzRu4BXxDB5o6wgyms
u6BkRSY4Lp3diGtV9+q5myiOO0w5vIzpgX618Pl5k8dS7rWX9PZP2hbOPmAQwDUP
sYoTCsvu/zMfvxFU+Vi1Xl80nNtsowq/ECf1KsMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQx/7a+LBywqp7fRgu7ocWAFlVgPzAfBgNVHSMEGDAWgBRCjfmYJM5nsMtf
h/xGWZ4TrepXAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FvMzVtQ1RPWjdETFg0ZjhSbG1lRTYzcVZ3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvODAyYjM1LTY3M2MtNDc1Ni05NzYxLWYyMjc0OTY1YzA5NS8x
L01mLTJ2aXdjc0txZTMwWUx1NkhGZ0JaVllEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
ODAyYjM1LTY3M2MtNDc1Ni05NzYxLWYyMjc0OTY1YzA5NS8xL1FvMzVtQ1RPWjdE
TFg0ZjhSbG1lRTYzcVZ3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBLLvQAMEArmAeAMEArnE4AMEArnd
iDANBAIAAjAHAwUAKgInYDANBgkqhkiG9w0BAQsFAAOCAQEAgLs5BZw1odx90OH0
aNhf40bqk0XvvNyrpi7zccsycLVLJeLDT7skjM7HLjdeZVCR4nf/s9qEZpmd0FZn
FjxiYJx6ne2ZzEunUvhjEvYJGUGd/Q/D+aVacH4mhXV+yw2VrPJaH9upMeVEFHw7
k5F53JvuGzFgUpsiwSBDILxOEV0oOY2UescSrTIjB7shmaVrkrKT9GP3KOkvJ+cj
6ftke4ppRMLGsY5oG/WDuvVp34PdnvJ+57yrgGjEz4D0AwLBEP/wk3H56oyas9dl
r27dUJE2T0JXziqKge+v5lDv/izDblkRPm9aa5kHsYm7eeceBuqhj3qDNggpn3Al
GDkC3Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:18 2025 by rpki-client