Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/MnWJcOZEOwdIIaNTNHoUlSMHjRA.roa
File: MnWJcOZEOwdIIaNTNHoUlSMHjRA.roa (raw, json)
Hash identifier: lpHyo4WLppCEjh9zd8cZS7rjKLUOiIzA3z16ej+ahSo=
Subject key identifier: 32:75:89:70:E6:44:3B:07:48:21:A3:53:34:7A:14:95:23:07:8D:10
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 01857DEBC59CA02C20CDEEB9FB81BD975FB7
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/MnWJcOZEOwdIIaNTNHoUlSMHjRA.roa
Signing time: Wed 04 Jan 2023 17:54:41 +0000
ROA not before: Wed 04 Jan 2023 17:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12670
IP address blocks: 140.94.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7d:eb:c5:9c:a0:2c:20:cd:ee:b9:fb:81:bd:97:5f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Jan 4 17:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32758970e6443b074821a353347a149523078d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:67:12:4a:b9:38:e4:8e:e9:74:cc:81:d6:bd:
bc:42:ae:ea:51:51:cd:83:54:c6:f4:76:ff:ca:9b:
81:74:86:9c:6e:21:bc:cf:b1:e6:aa:f6:09:6f:04:
83:7b:f1:4c:5b:9f:34:ae:38:d8:9a:fb:a2:fc:51:
04:7f:c9:ae:b8:ac:66:5e:ec:ac:37:84:e6:3a:f2:
42:ba:21:41:da:61:27:86:c9:77:57:2c:da:08:45:
fc:56:cc:a0:ef:1f:c0:3c:9f:92:ca:91:b2:d0:9f:
1e:97:49:0d:ac:f0:ab:7e:e6:1d:42:af:43:39:17:
4a:02:b3:c4:d0:27:07:c2:58:68:25:dc:94:fe:a2:
81:36:d4:6f:d5:3c:93:e5:8d:af:2b:93:3c:97:3b:
52:ea:39:23:da:6a:1b:49:a2:d2:81:a7:33:55:d1:
43:4e:12:4a:f7:b8:2a:d8:9f:71:33:64:43:a0:4e:
fd:26:f7:79:bf:5e:93:34:37:9e:d4:43:db:e5:f6:
f3:80:90:cf:50:fb:0b:84:df:77:e3:6d:7d:eb:3f:
27:94:29:a9:44:de:13:65:02:6c:02:f2:35:89:0a:
ac:b2:11:93:6b:bf:b7:2f:72:2c:12:b0:0a:fd:67:
58:07:07:59:13:a0:17:70:a9:01:52:64:36:e2:85:
22:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:75:89:70:E6:44:3B:07:48:21:A3:53:34:7A:14:95:23:07:8D:10
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/MnWJcOZEOwdIIaNTNHoUlSMHjRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.94.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:ac:42:b3:4f:f1:b0:1c:5c:f6:5e:00:8f:30:4b:4a:2a:fd:
a4:3f:ca:aa:35:44:07:ee:78:91:73:ba:db:01:81:0b:6a:16:
08:cc:aa:03:f5:ed:bd:3c:74:f9:8f:9a:30:e6:ae:3d:14:ad:
1d:3c:c9:12:9a:50:64:c0:4c:4e:d4:f6:08:41:a8:cd:74:9a:
ba:29:75:4d:10:87:8e:19:2f:8d:af:06:bd:c1:da:b0:be:66:
ea:18:94:85:48:f6:55:6b:90:e7:25:9a:23:61:8e:95:6a:d4:
c7:d7:aa:d5:d5:ce:ca:5f:08:34:6e:1a:37:e4:27:1a:24:25:
17:51:7b:03:1d:8d:a1:3a:92:10:01:34:fe:fb:08:21:36:a6:
2c:90:03:30:4b:c6:e6:c7:8a:18:ad:eb:72:7e:ed:b1:e7:37:
ff:f3:f2:ac:f9:3d:88:c3:04:68:28:42:1d:cc:ea:7e:8e:ce:
2c:9d:11:69:dc:9a:c7:b5:4a:51:8f:48:4c:2d:c1:0a:1a:e3:
fb:e2:10:37:ef:2e:40:24:a0:99:ca:cf:1b:19:a2:cf:49:f7:
2c:8e:e7:aa:af:5e:ce:f3:23:24:55:2e:81:03:08:39:10:96:
b6:6b:66:5a:0a:57:32:4a:3f:2d:56:c4:bd:43:d3:11:ab:98:
ab:06:22:ec
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYV968WcoCwgze65+4G9l1+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDlhMTc3YmI1ZGZiNmVhYmU0Y2FkNzlkZWY4ZjhiMDA1
ZGY2NTYwHhcNMjMwMTA0MTc1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc1ODk3MGU2NDQzYjA3NDgyMWEzNTMzNDdhMTQ5NTIzMDc4ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGcSSrk45I7pdMyB1r28Qq7qUVHN
g1TG9Hb/ypuBdIacbiG8z7HmqvYJbwSDe/FMW580rjjYmvui/FEEf8muuKxmXuys
N4TmOvJCuiFB2mEnhsl3VyzaCEX8Vsyg7x/APJ+SypGy0J8el0kNrPCrfuYdQq9D
ORdKArPE0CcHwlhoJdyU/qKBNtRv1TyT5Y2vK5M8lztS6jkj2mobSaLSgaczVdFD
ThJK97gq2J9xM2RDoE79Jvd5v16TNDee1EPb5fbzgJDPUPsLhN9342196z8nlCmp
RN4TZQJsAvI1iQqsshGTa7+3L3IsErAK/WdYBwdZE6AXcKkBUmQ24oUiRwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDJ1iXDmRDsHSCGjUzR6FJUjB40QMB8GA1UdIwQY
MBaAFDvZoXe7Xftuq+TK153vj4sAXfZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUt
ZTM4MDMwYjY5ZDVhLzEvTW5XSmNPWkVPd2RJSWFOVE5Ib1VsU01IalJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUtZTM4MDMwYjY5ZDVh
LzEvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjF4wDQYJ
KoZIhvcNAQELBQADggEBAIysQrNP8bAcXPZeAI8wS0oq/aQ/yqo1RAfueJFzutsB
gQtqFgjMqgP17b08dPmPmjDmrj0UrR08yRKaUGTATE7U9ghBqM10mropdU0Qh44Z
L42vBr3B2rC+ZuoYlIVI9lVrkOclmiNhjpVq1MfXqtXVzspfCDRuGjfkJxokJRdR
ewMdjaE6khABNP77CCE2piyQAzBLxubHihit63J+7bHnN//z8qz5PYjDBGgoQh3M
6n6OziydEWncmse1SlGPSEwtwQoa4/viEDfvLkAkoJnKzxsZos9J9yyO56qvXs7z
IyRVLoEDCDkQlrZrZloKVzJKPy1WxL1D0xGrmKsGIuw=
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:43:24 2025 by rpki-client