Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/MWYBCxsrw8CmgQAIBCxeEyJyvOs.roa
File: MWYBCxsrw8CmgQAIBCxeEyJyvOs.roa (raw, json)
Hash identifier: cHkgDalzwrNgYqRGrdqby4qyr8m/1aNzqcdtUAFGnDk=
Subject key identifier: 31:66:01:0B:1B:2B:C3:C0:A6:81:00:08:04:2C:5E:13:22:72:BC:EB
Certificate issuer: /CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Certificate serial: 0184C3B8D56CB792617123BB8976646F312F
Authority key identifier: 76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/MWYBCxsrw8CmgQAIBCxeEyJyvOs.roa
Signing time: Tue 29 Nov 2022 14:09:41 +0000
ROA not before: Tue 29 Nov 2022 14:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207227
IP address blocks: 185.74.36.0/22 maxlen: 22
2a05:48c0::/29 maxlen: 29
2a13:1f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:b8:d5:6c:b7:92:61:71:23:bb:89:76:64:6f:31:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Validity
Not Before: Nov 29 14:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3166010b1b2bc3c0a6810008042c5e132272bceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d9:e4:ae:db:4a:48:0c:aa:b0:e1:7e:9b:ec:
4e:29:ad:35:34:e1:8d:a7:f5:34:48:23:bf:04:23:
eb:fa:25:c8:5d:c2:ba:63:96:40:47:57:ff:a3:1a:
ff:51:d1:88:8f:23:ca:74:dc:ac:57:51:5b:8b:97:
24:82:5e:1c:ce:0f:90:fb:6f:3e:60:32:5c:5b:aa:
aa:13:c6:87:e1:b4:59:83:83:63:fd:9b:c8:20:60:
a7:38:6b:97:55:a5:52:ea:2e:8c:95:6b:98:e5:31:
17:1f:bf:b3:07:ae:b9:e0:98:64:be:79:9b:5b:7a:
4e:4d:33:8e:15:8a:2f:a0:d3:96:99:02:1a:da:a2:
65:80:8b:b7:4a:80:4d:0f:35:d0:d9:f8:05:6a:60:
95:e6:43:dd:ec:85:ac:c4:c0:13:6f:43:69:b2:ac:
97:5a:d9:da:60:f7:25:03:ce:b2:22:32:cc:25:41:
28:74:83:9a:ac:c7:d8:5f:f5:4a:58:09:45:73:72:
df:42:68:5c:58:69:a0:ba:2b:7d:45:c5:ed:72:4e:
c3:f0:74:d6:96:25:37:01:7a:cc:fc:5f:bb:33:e1:
e9:cd:9e:c2:be:f6:04:29:46:b5:97:d1:72:8e:df:
75:5d:8d:58:df:06:f5:9c:28:66:d0:1c:6c:91:e4:
8b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:66:01:0B:1B:2B:C3:C0:A6:81:00:08:04:2C:5E:13:22:72:BC:EB
X509v3 Authority Key Identifier:
keyid:76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/MWYBCxsrw8CmgQAIBCxeEyJyvOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.36.0/22
IPv6:
2a05:48c0::/29
2a13:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
29:fc:f8:29:b7:56:c6:1b:ab:6f:de:5f:00:18:f1:39:ff:2e:
a3:cf:1d:92:b3:3f:b6:dd:8f:3a:b4:a0:86:f1:47:7f:30:0c:
77:dc:97:91:82:20:a2:fb:30:2f:56:29:81:65:02:4f:1c:65:
90:98:50:73:04:23:00:9a:7b:7e:2f:d4:ca:0a:df:3c:97:b7:
cb:a3:4d:9d:5d:50:0b:62:66:50:bc:d6:da:c5:aa:ad:09:bc:
0c:fe:72:72:c1:e7:94:83:72:5d:7e:b7:58:4d:9b:0f:29:16:
2d:02:04:83:22:97:3b:d7:60:ef:4a:62:e9:35:3d:90:32:e9:
25:25:8b:ca:5c:ce:b5:a3:ba:a4:b9:e7:2e:bb:2b:12:e6:fe:
a6:2a:c2:d3:78:ee:d8:e4:01:6f:da:37:8b:b6:38:27:58:4c:
9d:36:74:44:ec:94:5a:ef:37:bc:94:77:55:67:23:bd:5e:c0:
35:f4:1d:89:5c:17:ef:22:c9:6b:aa:65:ad:e7:d4:3f:cf:4b:
62:ad:08:3f:1b:cc:d6:c4:20:2b:68:77:9f:b2:d8:62:22:56:
56:0b:7d:75:99:95:31:9f:5d:0f:8d:c1:f5:c9:c8:02:1f:d6:
48:9e:30:ad:72:cc:cd:b7:4d:7d:50:0c:81:75:75:10:90:71:
67:39:70:bd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYTDuNVst5JhcSO7iXZkbzEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjIzOGEzM2M1NTBjYzVkZjAyNDRmM2ZjNmUzZGJkOTFl
NGMzOWUwHhcNMjIxMTI5MTQwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY2MDEwYjFiMmJjM2MwYTY4MTAwMDgwNDJjNWUxMzIyNzJiY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9nkrttKSAyqsOF+m+xOKa01NOGN
p/U0SCO/BCPr+iXIXcK6Y5ZAR1f/oxr/UdGIjyPKdNysV1Fbi5ckgl4czg+Q+28+
YDJcW6qqE8aH4bRZg4Nj/ZvIIGCnOGuXVaVS6i6MlWuY5TEXH7+zB6654Jhkvnmb
W3pOTTOOFYovoNOWmQIa2qJlgIu3SoBNDzXQ2fgFamCV5kPd7IWsxMATb0NpsqyX
WtnaYPclA86yIjLMJUEodIOarMfYX/VKWAlFc3LfQmhcWGmguit9RcXtck7D8HTW
liU3AXrM/F+7M+HpzZ7CvvYEKUa1l9Fyjt91XY1Y3wb1nChm0BxskeSL8wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDFmAQsbK8PApoEACAQsXhMicrzrMB8GA1UdIwQY
MBaAFHYiOKM8VQzF3wJE8/xuPb2R5MOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2Qt
MWIxZmM3OWQwNTUxLzEvTVdZQkN4c3J3OENtZ1FBSUJDeGVFeUp5dk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2QtMWIxZmM3OWQwNTUx
LzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuUokMBQE
AgACMA4DBQMqBUjAAwUDKhMfQDANBgkqhkiG9w0BAQsFAAOCAQEAKfz4KbdWxhur
b95fABjxOf8uo88dkrM/tt2POrSghvFHfzAMd9yXkYIgovswL1YpgWUCTxxlkJhQ
cwQjAJp7fi/UygrfPJe3y6NNnV1QC2JmULzW2sWqrQm8DP5ycsHnlINyXX63WE2b
DykWLQIEgyKXO9dg70pi6TU9kDLpJSWLylzOtaO6pLnnLrsrEub+pirC03ju2OQB
b9o3i7Y4J1hMnTZ0ROyUWu83vJR3VWcjvV7ANfQdiVwX7yLJa6plrefUP89LYq0I
PxvM1sQgK2h3n7LYYiJWVgt9dZmVMZ9dD43B9cnIAh/WSJ4wrXLMzbdNfVAMgXV1
EJBxZzlwvQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:43 2023 by rpki-client on console-fra.rpki-client.org