Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/mfax2TFID5T9teFlMCwU9j8oHzA.roa
File: mfax2TFID5T9teFlMCwU9j8oHzA.roa (raw, json)
Hash identifier: SQhyUs8JFRhWbusPUfkExTUlQ4pGhy2gfK9PEATTIYE=
Subject key identifier: 99:F6:B1:D9:31:48:0F:94:FD:B5:E1:65:30:2C:14:F6:3F:28:1F:30
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01840523A1EBDCB88C180FC41A632B2B62A0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/mfax2TFID5T9teFlMCwU9j8oHzA.roa
Signing time: Sun 23 Oct 2022 13:58:52 +0000
ROA not before: Sun 23 Oct 2022 13:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200857
IP address blocks: 2a0c:9a40:8103::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:05:23:a1:eb:dc:b8:8c:18:0f:c4:1a:63:2b:2b:62:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Oct 23 13:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99f6b1d931480f94fdb5e165302c14f63f281f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:73:d3:ce:cb:86:29:21:b0:c4:4e:52:59:b1:
dd:f8:c2:ae:5c:c2:81:7b:48:36:e5:5c:f9:94:06:
2f:d1:3c:4d:d5:cf:1e:98:30:d4:8d:f5:89:64:2c:
8a:5b:38:10:d2:9a:a3:09:2f:59:38:46:a7:de:a8:
89:9e:38:30:a4:58:53:a3:56:b1:8e:64:5b:46:dc:
2f:9f:b5:68:a1:6c:81:25:41:89:c8:1d:fe:9e:84:
eb:be:48:23:da:59:20:da:19:aa:5c:09:dc:58:47:
6c:df:22:39:08:f9:70:60:c3:82:b4:a1:fe:1d:85:
29:7e:32:81:ec:24:cd:e8:54:e9:4c:22:e5:27:32:
f6:5f:7c:72:e5:5d:61:8e:87:a7:2b:de:34:4a:52:
48:fe:fb:b6:94:c3:03:6c:41:58:2e:bf:15:2a:20:
b5:05:b6:37:1a:d3:6b:44:37:d7:d2:dd:31:05:83:
a4:68:f5:61:89:64:5f:ca:17:a7:1d:9d:3d:93:f0:
7e:5f:28:98:13:f5:5b:f4:88:44:22:c9:8a:43:33:
00:b8:3c:96:d9:31:ab:2e:f9:2e:24:41:bf:75:7c:
0b:dd:ef:81:b4:12:75:3e:c8:1f:e1:12:d5:9a:21:
0e:da:db:7f:94:a0:f4:d2:68:c3:19:67:88:0b:8c:
9d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F6:B1:D9:31:48:0F:94:FD:B5:E1:65:30:2C:14:F6:3F:28:1F:30
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/mfax2TFID5T9teFlMCwU9j8oHzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8103::/48
Signature Algorithm: sha256WithRSAEncryption
10:2a:42:ae:28:ae:43:17:20:b4:cc:d9:a1:52:31:43:b6:80:
8f:b0:3d:f9:69:95:88:8d:5d:97:9d:17:df:79:6f:2b:a4:e4:
36:b1:17:6e:e8:e4:5c:ac:ac:38:c7:22:dd:ee:d6:e4:41:d5:
67:9f:a9:12:4f:7e:14:be:b4:d6:73:07:27:ae:7f:c8:03:ac:
c8:03:d4:54:61:e4:e6:b9:2f:e7:6b:77:c8:59:d8:92:b6:5a:
96:f4:09:e0:66:f6:d9:47:7e:0c:95:69:40:81:5c:2d:6b:44:
30:5e:c4:26:00:3b:21:32:06:51:cc:d9:14:e0:70:f0:99:4d:
a0:91:ea:0f:96:b0:68:6a:1a:71:aa:87:0a:fd:dd:ff:df:37:
83:57:7d:ad:be:35:5a:92:90:a4:ce:b8:91:f2:a8:d9:68:e3:
15:60:b2:8a:5e:12:3a:dd:93:93:89:59:a6:3c:59:3f:a5:e4:
95:28:fc:50:45:2f:cd:27:b9:2f:5e:bf:99:ff:a9:9c:2d:67:
73:49:ed:82:e1:52:6d:a9:0a:f6:27:e0:dc:dd:35:2b:8d:6f:
7c:2e:81:6a:0e:52:85:e8:48:8b:c1:ff:fc:8b:21:5b:eb:d5:
9b:4b:ef:93:65:05:f8:85:c7:f3:19:cd:62:d1:b7:fb:d0:02:
a8:e2:3c:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQFI6Hr3LiMGA/EGmMrK2KgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIxMDIzMTM1ODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY2YjFkOTMxNDgwZjk0ZmRiNWUxNjUzMDJjMTRmNjNmMjgxZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXPTzsuGKSGwxE5SWbHd+MKuXMKB
e0g25Vz5lAYv0TxN1c8emDDUjfWJZCyKWzgQ0pqjCS9ZOEan3qiJnjgwpFhTo1ax
jmRbRtwvn7VooWyBJUGJyB3+noTrvkgj2lkg2hmqXAncWEds3yI5CPlwYMOCtKH+
HYUpfjKB7CTN6FTpTCLlJzL2X3xy5V1hjoenK940SlJI/vu2lMMDbEFYLr8VKiC1
BbY3GtNrRDfX0t0xBYOkaPVhiWRfyhenHZ09k/B+XyiYE/Vb9IhEIsmKQzMAuDyW
2TGrLvkuJEG/dXwL3e+BtBJ1Psgf4RLVmiEO2tt/lKD00mjDGWeIC4yd2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJn2sdkxSA+U/bXhZTAsFPY/KB8wMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvbWZheDJURklENVQ5dGVGbE1Dd1U5ajhvSHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIED
MA0GCSqGSIb3DQEBCwUAA4IBAQAQKkKuKK5DFyC0zNmhUjFDtoCPsD35aZWIjV2X
nRffeW8rpOQ2sRdu6ORcrKw4xyLd7tbkQdVnn6kST34UvrTWcwcnrn/IA6zIA9RU
YeTmuS/na3fIWdiStlqW9AngZvbZR34MlWlAgVwta0QwXsQmADshMgZRzNkU4HDw
mU2gkeoPlrBoahpxqocK/d3/3zeDV32tvjVakpCkzriR8qjZaOMVYLKKXhI63ZOT
iVmmPFk/peSVKPxQRS/NJ7kvXr+Z/6mcLWdzSe2C4VJtqQr2J+Dc3TUrjW98LoFq
DlKF6EiLwf/8iyFb69WbS++TZQX4hcfzGc1i0bf70AKo4jx8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:28 2023 by rpki-client on console-ams.rpki-client.org