Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/938430-07b4-45b3-9496-f53ee32ed816/1/MJoTZQiYnVf2sfFUPs1ww2MOq0o.roa
File: MJoTZQiYnVf2sfFUPs1ww2MOq0o.roa (raw, json)
Hash identifier: ncX6rzEtnGssdy5aa//YhC1y9GNDtNrHpVQ6lAoSiec=
Subject key identifier: 30:9A:13:65:08:98:9D:57:F6:B1:F1:54:3E:CD:70:C3:63:0E:AB:4A
Certificate issuer: /CN=d8aaac05996a5b4614c6eedaffe7f8f5f9a2bc67
Certificate serial: 09601E5D
Authority key identifier: D8:AA:AC:05:99:6A:5B:46:14:C6:EE:DA:FF:E7:F8:F5:F9:A2:BC:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KqsBZlqW0YUxu7a_-f49fmivGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/938430-07b4-45b3-9496-f53ee32ed816/1/MJoTZQiYnVf2sfFUPs1ww2MOq0o.roa
Signing time: Sat 01 Jan 2022 00:59:11 +0000
ROA not before: Sat 01 Jan 2022 00:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56595
IP address blocks: 192.124.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157294173 (0x9601e5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8aaac05996a5b4614c6eedaffe7f8f5f9a2bc67
Validity
Not Before: Jan 1 00:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=309a136508989d57f6b1f1543ecd70c3630eab4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1c:5f:dd:22:be:88:8b:63:cf:ba:36:c6:1c:
02:d9:ef:6a:16:74:e1:86:40:57:16:23:37:a6:2c:
3a:e0:cc:99:80:bd:ec:37:60:6b:73:d5:95:12:f5:
18:52:05:97:d4:b9:0b:86:e5:c3:ed:f9:f0:83:21:
f7:fb:13:8b:89:18:56:cc:fd:e6:1e:ef:e1:53:37:
db:8b:77:48:d8:c5:5d:d1:8c:8a:aa:cb:2d:e1:37:
3f:63:34:b6:0b:b2:9c:2e:8f:9e:02:37:44:4c:b0:
a9:f2:cb:8c:a0:a3:da:15:fd:c6:26:b8:4b:bf:1c:
ff:9a:9b:fe:67:8e:0f:22:3c:ab:08:8d:87:6f:71:
b9:22:90:14:4e:04:f7:d6:09:9e:23:3b:d0:9f:3b:
70:a1:13:1d:40:a8:f5:74:d8:b7:d0:d0:f7:3c:a6:
b2:aa:7e:e2:88:1d:1a:5a:5b:8c:d1:c8:7e:d8:27:
6f:0b:37:a9:31:5c:b3:ea:b6:b6:ba:30:92:08:c9:
fa:a5:a5:f2:d1:8d:a3:29:d7:db:97:cf:85:37:67:
84:88:ec:b8:fd:8e:3d:a5:1d:52:86:df:c1:d0:6e:
e5:df:68:f2:eb:59:71:d1:ab:a1:c7:74:69:d6:9e:
12:9c:bf:d2:9d:a2:d0:03:2c:33:f3:e7:35:11:41:
b8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9A:13:65:08:98:9D:57:F6:B1:F1:54:3E:CD:70:C3:63:0E:AB:4A
X509v3 Authority Key Identifier:
keyid:D8:AA:AC:05:99:6A:5B:46:14:C6:EE:DA:FF:E7:F8:F5:F9:A2:BC:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KqsBZlqW0YUxu7a_-f49fmivGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/938430-07b4-45b3-9496-f53ee32ed816/1/MJoTZQiYnVf2sfFUPs1ww2MOq0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/938430-07b4-45b3-9496-f53ee32ed816/1/2KqsBZlqW0YUxu7a_-f49fmivGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.201.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:60:d8:10:89:ae:74:6d:34:04:38:bb:f8:70:5d:bd:03:a3:
d4:a4:5f:65:7a:9e:e9:3e:89:d0:f5:b2:52:ae:00:e6:e4:1f:
1c:18:87:f1:4b:92:a7:06:92:c2:bc:2d:b1:17:84:98:14:8e:
97:dc:b3:eb:6d:72:9f:ae:31:90:13:97:27:21:1b:73:d0:c1:
c7:93:0d:27:c2:80:5c:02:6c:95:c0:02:5a:d7:52:7a:c1:1e:
20:17:df:2c:0e:d0:fb:2a:25:8f:bb:bd:b8:d6:50:ab:1f:a8:
72:26:25:a6:b8:e9:50:c7:66:d1:c3:fa:54:2c:24:74:82:0f:
14:ce:82:6a:93:11:59:36:37:ee:b9:41:6b:1e:20:23:63:75:
22:9e:71:8b:64:c4:88:9c:67:0a:69:d2:e4:7a:d2:89:ba:73:
8b:0e:ea:21:42:7b:a9:d4:aa:48:4a:cf:f7:3d:03:33:85:f5:
d2:19:e5:ae:dd:67:b7:22:e3:96:23:31:1c:1c:62:36:da:75:
bd:9e:77:7c:93:63:95:d2:08:e6:7a:9b:45:03:bf:e7:64:fb:
f3:60:2a:b4:1b:26:0a:82:0d:c7:6d:82:82:aa:6a:f3:d8:47:
3e:a4:b4:33:64:6f:42:af:77:d5:62:79:c9:bd:3f:5a:da:10:
b6:f2:af:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECWAeXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGFhYWMwNTk5NmE1YjQ2MTRjNmVlZGFmZmU3ZjhmNWY5YTJiYzY3MB4XDTIyMDEw
MTAwNTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA5YTEzNjUwODk4
OWQ1N2Y2YjFmMTU0M2VjZDcwYzM2MzBlYWI0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkcX90ivoiLY8+6NsYcAtnvahZ04YZAVxYjN6YsOuDMmYC9
7Ddga3PVlRL1GFIFl9S5C4blw+358IMh9/sTi4kYVsz95h7v4VM324t3SNjFXdGM
iqrLLeE3P2M0tguynC6PngI3REywqfLLjKCj2hX9xia4S78c/5qb/meODyI8qwiN
h29xuSKQFE4E99YJniM70J87cKETHUCo9XTYt9DQ9zymsqp+4ogdGlpbjNHIftgn
bws3qTFcs+q2trowkgjJ+qWl8tGNoynX25fPhTdnhIjsuP2OPaUdUobfwdBu5d9o
8utZcdGrocd0adaeEpy/0p2i0AMsM/PnNRFBuMECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwmhNlCJidV/ax8VQ+zXDDYw6rSjAfBgNVHSMEGDAWgBTYqqwFmWpbRhTG
7tr/5/j1+aK8ZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJLcXNCWmxxVzBZVXh1N2FfLWY0OWZtaXZHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvOTM4NDMwLTA3YjQtNDViMy05NDk2LWY1M2VlMzJlZDgxNi8x
L01Kb1RaUWlZblZmMnNmRlVQczF3dzJNT3Ewby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
OTM4NDMwLTA3YjQtNDViMy05NDk2LWY1M2VlMzJlZDgxNi8xLzJLcXNCWmxxVzBZ
VXh1N2FfLWY0OWZtaXZHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMB8yTANBgkqhkiG9w0BAQsFAAOC
AQEAK2DYEImudG00BDi7+HBdvQOj1KRfZXqe6T6J0PWyUq4A5uQfHBiH8UuSpwaS
wrwtsReEmBSOl9yz621yn64xkBOXJyEbc9DBx5MNJ8KAXAJslcACWtdSesEeIBff
LA7Q+yolj7u9uNZQqx+ociYlprjpUMdm0cP6VCwkdIIPFM6CapMRWTY37rlBax4g
I2N1Ip5xi2TEiJxnCmnS5HrSibpziw7qIUJ7qdSqSErP9z0DM4X10hnlrt1ntyLj
liMxHBxiNtp1vZ53fJNjldII5nqbRQO/52T782AqtBsmCoINx22Cgqpq89hHPqS0
M2RvQq931WJ5yb0/WtoQtvKvTA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:07 2023 by rpki-client on console-ams.rpki-client.org