Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/MJ3v-XkCaDgx61ntx1dSLyMLTJA.roa
File: MJ3v-XkCaDgx61ntx1dSLyMLTJA.roa (raw, json)
Hash identifier: kvxYGQyv2XnczLuP5RmmqegSTwmrb/hb2mzDkfNuoNI=
Subject key identifier: 30:9D:EF:F9:79:02:68:38:31:EB:59:ED:C7:57:52:2F:23:0B:4C:90
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 093600BF
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/MJ3v-XkCaDgx61ntx1dSLyMLTJA.roa
Signing time: Sat 01 Jan 2022 12:58:51 +0000
ROA not before: Sat 01 Jan 2022 12:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42682
IP address blocks: 2a02:2698:4c00::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154534079 (0x93600bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=309deff97902683831eb59edc757522f230b4c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:eb:a3:ff:29:84:ec:e7:7d:9e:8d:c6:fd:e5:
7b:6b:d1:7a:51:11:74:a7:c0:35:d4:c3:49:fe:39:
63:81:03:b0:0c:e5:1f:7f:6d:c6:10:8d:b9:73:3e:
2d:9e:b5:29:64:fc:2d:12:be:f5:b6:f1:cf:5f:c5:
b2:60:7b:2b:26:25:44:7a:46:75:2f:ed:77:cb:2d:
01:99:bf:ef:f7:2b:b1:4a:f7:e7:c7:97:71:d5:7e:
0f:ea:be:89:1f:2f:cc:fb:ca:e7:7a:bf:3e:f2:88:
0e:a1:bd:59:e9:de:1b:55:cb:32:4e:10:5c:c6:f6:
15:b0:c1:0b:69:64:7c:9c:78:f3:68:18:0d:04:9c:
fb:ec:0e:5a:ba:12:f8:02:4e:de:e8:f5:c7:29:d6:
74:00:08:33:74:f9:2b:4d:a9:ff:cd:ae:ec:d7:65:
b0:1f:93:53:5d:09:6e:69:cc:c5:ff:da:a1:76:51:
09:9d:57:ff:6f:e3:19:30:a6:f4:70:95:3f:6a:ef:
d7:67:20:17:b2:9d:5e:1b:f4:24:3e:b5:eb:38:54:
0f:9a:ab:b3:29:0c:df:9f:0b:60:4c:7c:c8:66:71:
e7:4a:a2:13:50:e4:53:d9:b0:fc:ea:59:97:77:76:
72:5f:ce:52:38:d9:04:35:13:73:ef:b4:08:57:a7:
45:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9D:EF:F9:79:02:68:38:31:EB:59:ED:C7:57:52:2F:23:0B:4C:90
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/MJ3v-XkCaDgx61ntx1dSLyMLTJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:4c00::/38
Signature Algorithm: sha256WithRSAEncryption
9a:76:18:a8:65:56:3e:b0:6b:8e:0e:5d:23:83:eb:e6:57:0c:
66:2a:b6:d8:2a:0c:6d:36:89:27:d9:b5:fb:f3:d5:ea:e8:5e:
dd:65:d3:66:32:95:95:1d:fd:7c:e5:5b:b3:b3:99:c7:48:92:
d2:1d:3b:1f:32:f7:76:be:51:6b:93:31:62:ff:ed:d2:53:87:
7b:91:55:18:b9:73:60:b1:b0:f5:e4:c4:7b:6b:17:6d:b3:54:
b2:61:5f:e5:c0:d5:01:60:e4:ca:f1:a4:a7:fe:ec:4e:46:be:
e1:ae:5e:cf:81:55:8c:b6:02:b5:61:9b:b5:f3:ec:4a:d4:8d:
9a:d2:fc:ca:12:3c:0b:76:9d:28:c6:fc:1a:27:f6:41:c0:fa:
9d:79:dc:85:f9:72:05:a8:64:45:bb:48:c7:5b:66:dd:11:72:
80:41:69:73:26:f8:2b:eb:fa:d1:f8:49:ac:7a:7b:5d:e7:a3:
35:6d:dd:72:34:e8:77:a4:f9:84:1c:04:03:11:ba:9d:35:1c:
e3:81:e4:d5:85:5e:cd:ba:91:8e:04:00:ae:0c:d4:a1:67:21:
ea:06:92:d1:8e:79:13:83:4f:e9:4f:1e:c7:40:75:c7:a3:16:
fd:52:29:f5:7e:a6:98:3b:4b:27:c6:00:d9:86:9b:c4:dd:d1:
54:2b:6e:10
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECTYAvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA5ZGVmZjk3OTAy
NjgzODMxZWI1OWVkYzc1NzUyMmYyMzBiNGM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIXro/8phOznfZ6Nxv3le2vRelERdKfANdTDSf45Y4EDsAzl
H39txhCNuXM+LZ61KWT8LRK+9bbxz1/FsmB7KyYlRHpGdS/td8stAZm/7/crsUr3
58eXcdV+D+q+iR8vzPvK53q/PvKIDqG9WeneG1XLMk4QXMb2FbDBC2lkfJx482gY
DQSc++wOWroS+AJO3uj1xynWdAAIM3T5K02p/82u7NdlsB+TU10JbmnMxf/aoXZR
CZ1X/2/jGTCm9HCVP2rv12cgF7KdXhv0JD616zhUD5qrsykM358LYEx8yGZx50qi
E1DkU9mw/OpZl3d2cl/OUjjZBDUTc++0CFenRQECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQwne/5eQJoODHrWe3HV1IvIwtMkDAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L01KM3YtWGtDYURneDYxbnR4MWRTTHlNTFRKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJphMMA0GCSqGSIb3DQEBCwUA
A4IBAQCadhioZVY+sGuODl0jg+vmVwxmKrbYKgxtNokn2bX789Xq6F7dZdNmMpWV
Hf185Vuzs5nHSJLSHTsfMvd2vlFrkzFi/+3SU4d7kVUYuXNgsbD15MR7axdts1Sy
YV/lwNUBYOTK8aSn/uxORr7hrl7PgVWMtgK1YZu18+xK1I2a0vzKEjwLdp0oxvwa
J/ZBwPqdedyF+XIFqGRFu0jHW2bdEXKAQWlzJvgr6/rR+Emsentd56M1bd1yNOh3
pPmEHAQDEbqdNRzjgeTVhV7NupGOBACuDNShZyHqBpLRjnkTg0/pTx7HQHXHoxb9
Uin1fqaYO0snxgDZhpvE3dFUK24Q
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:44 2025 by rpki-client