Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/MS1M_9WtrN_muNw5SGsHOb6hzH4.roa
File: MS1M_9WtrN_muNw5SGsHOb6hzH4.roa (raw, json)
Hash identifier: aRd0A1zkzD/gOQKi8fOL9B+pb56S+xvtGxqmZeFvPE8=
Subject key identifier: 31:2D:4C:FF:D5:AD:AC:DF:E6:B8:DC:39:48:6B:07:39:BE:A1:CC:7E
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0184E789381AB2215E5AF4883F9CCB64974A
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/MS1M_9WtrN_muNw5SGsHOb6hzH4.roa
Signing time: Tue 06 Dec 2022 13:04:00 +0000
ROA not before: Tue 06 Dec 2022 13:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 188.225.14.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:89:38:1a:b2:21:5e:5a:f4:88:3f:9c:cb:64:97:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Dec 6 13:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=312d4cffd5adacdfe6b8dc39486b0739bea1cc7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d5:b8:0a:c5:85:b5:8d:8e:a0:7f:fb:bf:26:
02:64:23:71:4c:1d:31:c8:04:7f:74:58:76:7d:86:
b4:b3:db:47:ca:2f:54:26:65:65:a6:a1:76:ac:e6:
98:fd:10:c7:27:a1:77:0c:d0:8f:63:c5:ba:84:fb:
fa:a9:0d:83:e8:78:15:f7:23:b0:ba:2b:55:e0:31:
d6:e5:bf:96:9a:e7:16:bd:a2:c2:7c:84:d1:ad:ca:
1f:cf:15:5e:0a:b3:b8:fe:71:5f:12:ec:81:86:5f:
46:d9:b6:ce:0f:e2:dc:f8:e5:c5:ab:d4:8b:d1:bf:
22:e7:f4:80:12:b1:c6:65:5e:dd:6c:d7:17:ad:d3:
dd:4f:ab:55:9a:e1:ff:28:cd:b2:e6:05:fd:67:69:
b2:42:8c:6f:7f:1f:c7:15:e0:b9:7b:b3:3f:49:5e:
e9:e3:9d:d4:a5:5a:dc:5a:02:7f:0c:80:f0:48:09:
47:43:ac:54:b5:7a:b0:90:ee:2d:cd:af:ba:11:94:
82:c3:db:9a:76:e5:d2:b3:5a:44:c1:50:5a:91:e4:
b1:78:18:20:aa:2d:77:4f:08:fe:e0:e2:54:77:fe:
20:84:ff:54:84:0e:14:7e:46:d8:7f:d0:b6:91:bb:
39:4f:19:b9:f9:4b:d9:73:e5:52:f8:5a:e9:07:f4:
f6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2D:4C:FF:D5:AD:AC:DF:E6:B8:DC:39:48:6B:07:39:BE:A1:CC:7E
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/MS1M_9WtrN_muNw5SGsHOb6hzH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
a4:25:a3:ea:2a:6c:3e:d2:c7:e4:74:bd:b7:c7:62:ad:7e:ae:
12:58:ce:99:45:fa:01:91:a7:ab:8f:15:95:f0:33:3f:02:11:
50:82:ea:dc:a7:a5:2c:eb:73:31:fb:b8:12:38:f0:32:8f:b9:
c2:4d:9c:bd:fa:6b:7a:df:54:74:46:c6:65:ec:50:cd:fc:d3:
4d:df:f9:b7:8c:8b:8d:57:2f:f7:a9:28:d8:2d:35:a1:9e:26:
fc:fe:9e:bf:58:a1:a4:d3:aa:1b:a3:60:34:94:d0:19:bc:12:
77:0f:58:b0:d8:07:5b:18:16:cc:9b:f5:5f:91:68:e0:54:f7:
cf:c2:2d:64:78:14:8b:7a:c3:a6:40:a0:44:1b:18:7d:27:7d:
e2:f7:0b:aa:97:68:e4:03:6b:9c:7e:12:ac:d0:ae:c9:7a:a7:
06:e6:06:34:59:0c:6e:fa:38:3e:8e:2a:e2:c3:1d:fa:d6:3b:
3a:2b:7c:e7:c1:a7:d4:ff:02:43:06:93:3b:50:36:03:69:de:
7d:09:50:b4:b4:08:86:d2:b8:cd:cb:5b:39:b2:26:5c:f8:a5:
d2:d3:77:05:05:a5:68:57:d0:3a:e2:41:5e:48:ca:2e:7e:c7:
e4:bb:41:dc:d6:43:03:72:d3:79:d0:ec:da:b4:9e:5c:5a:bb:
f1:21:d9:ea
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYTniTgasiFeWvSIP5zLZJdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMjA2MTMwNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJkNGNmZmQ1YWRhY2RmZTZiOGRjMzk0ODZiMDczOWJlYTFjYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidW4CsWFtY2OoH/7vyYCZCNxTB0x
yAR/dFh2fYa0s9tHyi9UJmVlpqF2rOaY/RDHJ6F3DNCPY8W6hPv6qQ2D6HgV9yOw
uitV4DHW5b+WmucWvaLCfITRrcofzxVeCrO4/nFfEuyBhl9G2bbOD+Lc+OXFq9SL
0b8i5/SAErHGZV7dbNcXrdPdT6tVmuH/KM2y5gX9Z2myQoxvfx/HFeC5e7M/SV7p
453UpVrcWgJ/DIDwSAlHQ6xUtXqwkO4tza+6EZSCw9uaduXSs1pEwVBakeSxeBgg
qi13Twj+4OJUd/4ghP9UhA4UfkbYf9C2kbs5Txm5+UvZc+VS+FrpB/T24wIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFDEtTP/Vrazf5rjcOUhrBzm+ocx+MB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvTVMxTV85V3RyTl9tdU53NVNHc0hPYjZoekg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwZgQCAAEwYAMEAE4o2AME
AVXBXAMEAFXBXwMEAFf5MgMEAF7kegMEALA53QMEALlocAMEALlocwMEALzhDgME
ALzhPAMEAMHJcwMEAsIjdAMEANkZWwMEANkZXwMEANmX5QMEANmX5zAPBAIAAjAJ
AwcAKgNvAAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCkJaPqKmw+0sfkdL23x2Ktfq4S
WM6ZRfoBkaerjxWV8DM/AhFQgurcp6Us63Mx+7gSOPAyj7nCTZy9+mt631R0RsZl
7FDN/NNN3/m3jIuNVy/3qSjYLTWhnib8/p6/WKGk06obo2A0lNAZvBJ3D1iw2Adb
GBbMm/VfkWjgVPfPwi1keBSLesOmQKBEGxh9J33i9wuql2jkA2ucfhKs0K7JeqcG
5gY0WQxu+jg+jiriwx361js6K3znwafU/wJDBpM7UDYDad59CVC0tAiG0rjNy1s5
siZc+KXS03cFBaVoV9A64kFeSMoufsfku0Hc1kMDctN50OzatJ5cWrvxIdnq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:40 2023 by rpki-client on console-ams.rpki-client.org