Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/mb45-5bNEoG5GmYjJ27Gdd13HGs.roa
File: mb45-5bNEoG5GmYjJ27Gdd13HGs.roa (raw, json)
Hash identifier: +vwA4azn+Ft6Cqjb1RP5kSuBYxFxMpfTBEx87Z6FAIs=
Subject key identifier: 99:BE:39:FB:96:CD:12:81:B9:1A:66:23:27:6E:C6:75:DD:77:1C:6B
Certificate issuer: /CN=dad7a0b00102a28416e3093b5765a0b27755ccf3
Certificate serial: 137821B5
Authority key identifier: DA:D7:A0:B0:01:02:A2:84:16:E3:09:3B:57:65:A0:B2:77:55:CC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/mb45-5bNEoG5GmYjJ27Gdd13HGs.roa
Signing time: Sat 01 Jan 2022 05:01:51 +0000
ROA not before: Sat 01 Jan 2022 05:01:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198477
IP address blocks: 185.55.31.0/24 maxlen: 24
37.99.192.0/21 maxlen: 21
185.55.30.0/24 maxlen: 24
37.99.192.0/24 maxlen: 24
185.55.29.0/24 maxlen: 24
185.55.28.0/22 maxlen: 22
185.55.28.0/24 maxlen: 24
37.99.196.0/24 maxlen: 24
37.99.195.0/24 maxlen: 24
37.99.194.0/24 maxlen: 24
37.99.193.0/24 maxlen: 24
37.99.199.0/24 maxlen: 24
37.99.198.0/24 maxlen: 24
37.99.197.0/24 maxlen: 24
2a02:5440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326640053 (0x137821b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dad7a0b00102a28416e3093b5765a0b27755ccf3
Validity
Not Before: Jan 1 05:01:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99be39fb96cd1281b91a6623276ec675dd771c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:13:e1:42:a7:e2:f1:8a:d5:b0:cf:75:9e:
0c:96:df:cf:36:8a:47:d3:a5:a7:a0:4e:20:de:35:
b2:9e:7a:58:89:c8:f0:1d:47:e4:6f:e2:6b:84:c2:
aa:a5:cd:2e:41:da:7c:f8:57:27:e2:d5:f3:a6:c4:
e6:22:82:20:3f:27:b5:56:1c:41:ff:88:78:1b:b8:
0e:64:c7:37:bb:c0:dd:87:b0:1f:78:92:61:47:77:
0a:b3:45:0a:a4:90:75:c7:09:c7:8a:12:0d:d5:91:
72:0a:ca:c1:df:56:ae:8e:54:2d:86:86:7c:1d:49:
21:f8:14:18:ee:b2:83:d4:84:fa:33:b2:c3:b4:18:
a5:06:08:44:78:54:0b:c7:55:36:3f:be:38:d3:72:
a8:26:1f:47:4f:98:eb:e2:36:20:a3:a3:16:bc:c7:
75:8b:cb:34:13:b2:20:cb:4b:58:a3:5a:a7:6d:c3:
33:85:54:40:df:a9:dd:2c:cb:fa:b4:e9:3a:d4:91:
e3:b2:01:12:14:b2:df:6b:fc:a2:64:71:70:9a:05:
a5:18:bd:b9:fb:cb:ac:04:88:08:ff:02:b9:2c:aa:
77:3e:5d:0e:45:3f:ff:7f:17:2e:4f:d0:7e:26:4c:
8d:1c:50:a2:95:48:04:09:b2:81:c4:33:6b:a7:97:
d2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BE:39:FB:96:CD:12:81:B9:1A:66:23:27:6E:C6:75:DD:77:1C:6B
X509v3 Authority Key Identifier:
keyid:DA:D7:A0:B0:01:02:A2:84:16:E3:09:3B:57:65:A0:B2:77:55:CC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/mb45-5bNEoG5GmYjJ27Gdd13HGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/2tegsAECooQW4wk7V2WgsndVzPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.192.0/21
185.55.28.0/22
IPv6:
2a02:5440::/32
Signature Algorithm: sha256WithRSAEncryption
02:8b:3f:ea:b9:6e:41:ca:38:a4:d4:de:03:bb:73:47:de:37:
3c:05:d5:f7:20:b6:58:18:1e:a4:bf:27:13:88:2a:b9:71:53:
13:08:6e:26:3f:88:b2:bf:b5:18:8b:80:95:10:da:02:8b:5a:
e4:bc:14:46:aa:9d:a2:17:45:aa:11:01:c0:9b:a6:c4:bb:e1:
e9:bb:d1:64:f0:38:2d:d2:22:d8:4d:80:6b:a8:f9:d6:28:46:
26:55:e0:aa:ef:10:af:61:e9:fa:ce:fe:1c:31:06:79:a7:95:
60:33:6d:59:46:96:7c:31:f8:6d:ce:d4:cf:af:ad:44:01:56:
f7:fd:1e:b2:89:76:28:c3:37:d9:77:08:34:4b:ef:a9:53:3d:
39:47:a9:1a:80:54:ff:91:e2:25:59:3f:e8:4c:cf:37:48:86:
3a:02:75:d7:74:4c:e8:0a:c9:4e:17:66:cd:fd:96:48:fe:92:
52:c0:3a:47:0f:37:6f:6f:ed:51:bf:8c:93:39:5e:08:8e:e8:
ac:b9:fb:6f:57:68:8b:04:0e:08:2c:34:8d:0b:5a:f2:bf:70:
f0:2d:ae:b8:cf:94:8d:dc:c0:4a:17:4a:50:e4:0f:51:ea:f3:
5f:84:9c:1d:ab:b9:a6:5f:b7:cd:e9:b2:45:e9:e5:04:fb:46:
7d:ed:c6:1a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEE3ghtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWQ3YTBiMDAxMDJhMjg0MTZlMzA5M2I1NzY1YTBiMjc3NTVjY2YzMB4XDTIyMDEw
MTA1MDE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTliZTM5ZmI5NmNk
MTI4MWI5MWE2NjIzMjc2ZWM2NzVkZDc3MWM2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0XE+FCp+LxitWwz3WeDJbfzzaKR9Olp6BOIN41sp56WInI
8B1H5G/ia4TCqqXNLkHafPhXJ+LV86bE5iKCID8ntVYcQf+IeBu4DmTHN7vA3Yew
H3iSYUd3CrNFCqSQdccJx4oSDdWRcgrKwd9Wro5ULYaGfB1JIfgUGO6yg9SE+jOy
w7QYpQYIRHhUC8dVNj++ONNyqCYfR0+Y6+I2IKOjFrzHdYvLNBOyIMtLWKNap23D
M4VUQN+p3SzL+rTpOtSR47IBEhSy32v8omRxcJoFpRi9ufvLrASICP8CuSyqdz5d
DkU//38XLk/QfiZMjRxQopVIBAmygcQza6eX0rUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSZvjn7ls0SgbkaZiMnbsZ13XccazAfBgNVHSMEGDAWgBTa16CwAQKihBbj
CTtXZaCyd1XM8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ0ZWdzQUVDb29RVzR3azdWMldnc25kVnpQTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZTJjYjE2LTljMTYtNDBiMS1hYzhjLTk1OWRjMjFlOTI5My8x
L21iNDUtNWJORW9HNUdtWWpKMjdHZGQxM0hHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZTJjYjE2LTljMTYtNDBiMS1hYzhjLTk1OWRjMjFlOTI5My8xLzJ0ZWdzQUVDb29R
VzR3azdWMldnc25kVnpQTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAyVjwAMEArk3HDANBAIAAjAHAwUA
KgJUQDANBgkqhkiG9w0BAQsFAAOCAQEAAos/6rluQco4pNTeA7tzR943PAXV9yC2
WBgepL8nE4gquXFTEwhuJj+Isr+1GIuAlRDaAota5LwURqqdohdFqhEBwJumxLvh
6bvRZPA4LdIi2E2Aa6j51ihGJlXgqu8Qr2Hp+s7+HDEGeaeVYDNtWUaWfDH4bc7U
z6+tRAFW9/0esol2KMM32XcINEvvqVM9OUepGoBU/5HiJVk/6EzPN0iGOgJ113RM
6ArJThdmzf2WSP6SUsA6Rw83b2/tUb+MkzleCI7orLn7b1doiwQOCCw0jQta8r9w
8C2uuM+UjdzAShdKUOQPUerzX4ScHau5pl+3zemyRenlBPtGfe3GGg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:15 2023 by rpki-client on console.sobornost.net