Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MR1OCNohVYrWmslpG-5adVZVuSI.roa
File: MR1OCNohVYrWmslpG-5adVZVuSI.roa (raw, json)
Hash identifier: 57ufiqCYJJghyoHAgbLwtY/9W4b/KZImoDe3r64SJ10=
Subject key identifier: 31:1D:4E:08:DA:21:55:8A:D6:9A:C9:69:1B:EE:5A:75:56:55:B9:22
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018B5C072D4622F503B0816356B7D8511D80
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MR1OCNohVYrWmslpG-5adVZVuSI.roa
Signing time: Mon 23 Oct 2023 10:14:16 +0000
ROA not before: Mon 23 Oct 2023 10:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32167
IP address blocks: 2a0c:9a40:9d00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:07:2d:46:22:f5:03:b0:81:63:56:b7:d8:51:1d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Oct 23 10:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=311d4e08da21558ad69ac9691bee5a755655b922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:1f:c5:d8:7f:ac:f6:d5:f8:2d:98:97:8d:
e6:6c:61:8b:3a:1d:cd:2e:91:c3:f7:d2:9d:0a:f7:
37:33:de:a0:c5:2c:e2:ee:3a:ef:24:e3:40:3b:6d:
dd:0d:2e:92:ff:ee:85:ed:ba:69:5e:c2:ed:68:7f:
87:0f:73:bb:0f:58:af:e4:a3:b9:2f:1a:04:e6:f7:
59:68:00:8f:f8:bf:bf:2d:a4:8b:69:8f:d5:a1:52:
db:e8:28:27:35:a6:bb:0c:03:74:24:52:6e:2a:97:
19:2a:7f:d8:56:ec:e1:49:e1:59:70:89:f2:f3:68:
f2:f2:d4:e8:87:a3:dd:9e:0f:07:dd:6a:96:05:54:
9e:50:58:2d:e2:97:22:b2:e6:a8:ca:22:79:75:ed:
a3:a4:78:00:02:bb:cf:e2:22:05:cb:2c:87:6b:88:
79:dc:a2:d4:dc:95:80:0a:0e:31:22:55:1f:7e:9b:
e4:1a:5d:fc:4b:8d:a5:02:79:a9:ff:70:17:ff:ec:
96:89:8b:84:04:97:fc:59:2e:2d:3e:4c:91:ac:1c:
3a:df:be:3d:af:85:67:80:54:32:90:7c:9b:e7:5a:
60:a0:d5:3e:55:3c:71:e4:05:60:1e:36:9a:c4:6a:
1d:ce:9d:3c:c7:be:bb:30:1c:06:6b:98:0b:e8:4f:
08:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1D:4E:08:DA:21:55:8A:D6:9A:C9:69:1B:EE:5A:75:56:55:B9:22
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MR1OCNohVYrWmslpG-5adVZVuSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9d00::/40
Signature Algorithm: sha256WithRSAEncryption
20:d1:4d:71:97:34:3d:b8:09:b4:7d:54:f8:ae:a7:f6:83:f1:
61:65:26:71:54:df:4a:04:9f:0f:05:41:70:aa:b2:2a:cf:e4:
f4:8d:4f:4b:27:fc:bc:92:39:c0:7e:de:bc:ec:ec:39:49:8d:
a4:c8:22:cc:3e:11:aa:9b:df:c2:87:21:9d:1b:74:6d:50:35:
69:70:1a:a1:df:ff:01:2e:d4:cc:2e:c4:9a:f1:42:a4:ef:3a:
48:a1:07:c6:ef:d1:12:cc:33:79:88:26:df:65:0b:93:8e:db:
75:dc:06:c6:54:1d:10:82:19:55:1b:dc:0e:4a:61:29:d7:a0:
58:c3:f9:8e:53:f3:37:1c:e9:72:ba:23:7a:e8:65:2a:f5:cc:
63:3e:d1:16:7c:6f:22:15:77:c9:a5:b7:b3:3c:03:82:26:e6:
14:7e:a7:9b:22:57:67:c6:c2:0a:8a:fd:d9:41:ac:22:43:f7:
2e:88:df:9f:43:94:2d:ac:c4:ef:5a:d5:0f:3d:85:22:48:2e:
57:9a:4b:0b:a6:75:66:4a:05:52:13:c9:90:2f:93:a4:f2:4b:
17:b7:ff:8b:b3:d8:55:11:af:46:ee:30:85:48:ac:34:8e:9c:
87:3e:62:c1:ed:02:e7:e9:8f:8b:06:d8:16:b7:13:00:14:f1:
46:19:a2:13
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYtcBy1GIvUDsIFjVrfYUR2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMDIzMTAxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTFkNGUwOGRhMjE1NThhZDY5YWM5NjkxYmVlNWE3NTU2NTViOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8sfxdh/rPbV+C2Yl43mbGGLOh3N
LpHD99KdCvc3M96gxSzi7jrvJONAO23dDS6S/+6F7bppXsLtaH+HD3O7D1iv5KO5
LxoE5vdZaACP+L+/LaSLaY/VoVLb6CgnNaa7DAN0JFJuKpcZKn/YVuzhSeFZcIny
82jy8tToh6Pdng8H3WqWBVSeUFgt4pcisuaoyiJ5de2jpHgAArvP4iIFyyyHa4h5
3KLU3JWACg4xIlUffpvkGl38S42lAnmp/3AX/+yWiYuEBJf8WS4tPkyRrBw63749
r4VngFQykHyb51pgoNU+VTxx5AVgHjaaxGodzp08x767MBwGa5gL6E8IXQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDEdTgjaIVWK1prJaRvuWnVWVbkiMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTVIxT0NOb2hWWXJXbXNscEctNWFkVlpWdVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJ0w
DQYJKoZIhvcNAQELBQADggEBACDRTXGXND24CbR9VPiup/aD8WFlJnFU30oEnw8F
QXCqsirP5PSNT0sn/LySOcB+3rzs7DlJjaTIIsw+Eaqb38KHIZ0bdG1QNWlwGqHf
/wEu1MwuxJrxQqTvOkihB8bv0RLMM3mIJt9lC5OO23XcBsZUHRCCGVUb3A5KYSnX
oFjD+Y5T8zcc6XK6I3roZSr1zGM+0RZ8byIVd8mlt7M8A4Im5hR+p5siV2fGwgqK
/dlBrCJD9y6I359DlC2sxO9a1Q89hSJILleaSwumdWZKBVITyZAvk6TySxe3/4uz
2FURr0buMIVIrDSOnIc+YsHtAufpj4sG2Ba3EwAU8UYZohM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:45 2025 by rpki-client