Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/MkwCQXToH7PBOVvdkzdGZih5wno.roa
File: MkwCQXToH7PBOVvdkzdGZih5wno.roa (raw, json)
Hash identifier: kmPui53WK3ae9FxX84ED/78M7Spn5Tw/EYTEDsfWB7A=
Subject key identifier: 32:4C:02:41:74:E8:1F:B3:C1:39:5B:DD:93:37:46:66:28:79:C2:7A
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01873D34102A98E76233F7E95123058B55AB
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/MkwCQXToH7PBOVvdkzdGZih5wno.roa
Signing time: Sat 01 Apr 2023 14:23:54 +0000
ROA not before: Sat 01 Apr 2023 14:23:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207427
IP address blocks: 2a0c:b641:9e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3d:34:10:2a:98:e7:62:33:f7:e9:51:23:05:8b:55:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Apr 1 14:23:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=324c024174e81fb3c1395bdd933746662879c27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:14:15:87:dc:d8:21:cd:f6:d7:72:1b:bc:48:
6d:73:2e:b5:5a:01:d0:33:f0:10:f0:70:da:35:75:
e9:c9:50:08:da:03:7f:f1:ce:4d:1b:ef:c0:c1:70:
95:bd:08:f9:f7:77:41:7b:25:a4:37:fb:e5:53:0f:
42:2f:91:e8:4c:48:e8:3f:41:bc:29:e8:1d:33:80:
00:7e:14:c6:cb:54:61:b2:c0:53:cb:89:56:7d:d8:
a7:0e:f4:4c:05:a0:42:a7:d5:ed:25:e9:c2:98:c5:
96:1b:0d:38:f1:3d:58:a3:64:17:da:3b:f1:c5:fd:
8a:dd:8e:1f:aa:3f:50:e3:0a:f2:0b:bd:8a:40:85:
f9:e8:25:a0:a6:52:2b:03:e7:2d:24:ea:a5:c7:54:
61:0e:4b:61:eb:17:6a:f1:60:c2:75:78:d6:3c:2b:
e8:89:d8:a7:1d:04:7f:40:e9:08:80:93:42:0f:5d:
ad:b1:6f:ab:3e:5f:fe:d7:bb:bd:e1:2a:33:a4:0d:
e7:c2:a4:1a:84:2b:59:8e:2e:f0:a1:08:e2:02:a2:
25:55:eb:d8:61:6e:62:62:01:c5:b9:a1:7c:16:07:
00:41:d2:9a:47:b4:15:02:40:8e:de:53:36:5b:95:
a5:00:0e:62:81:19:eb:50:ed:2c:2e:e3:4f:68:ea:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4C:02:41:74:E8:1F:B3:C1:39:5B:DD:93:37:46:66:28:79:C2:7A
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/MkwCQXToH7PBOVvdkzdGZih5wno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:9e0::/44
Signature Algorithm: sha256WithRSAEncryption
1f:0b:10:22:e9:a4:72:90:30:f9:73:5e:7f:0c:9f:73:86:92:
f4:43:62:5e:f2:00:b5:c5:3b:7f:22:ff:d1:cd:5e:e4:64:d6:
85:a0:63:ee:83:6f:2f:63:2f:59:1d:4b:dd:e7:ba:65:73:30:
3b:19:33:22:80:4a:b9:81:0e:74:a2:76:7d:05:ef:d4:f6:63:
37:f5:e7:1f:06:07:1a:9c:d5:79:0e:e4:3a:96:69:93:09:09:
ba:f4:cb:84:c1:88:54:e3:5f:97:26:44:d6:4a:ca:37:16:8e:
20:a6:5d:28:11:ed:ba:f0:17:70:e0:a1:f2:44:71:e2:8e:75:
c9:e6:5a:60:2d:96:7f:03:32:11:fa:ce:04:eb:da:a7:06:fd:
b3:03:89:d5:45:fc:11:af:e4:2e:93:93:7c:dd:18:55:ad:b7:
e6:74:a8:b4:d9:ba:9a:08:0b:77:b8:7c:4d:0a:d2:c3:f9:9e:
07:81:5e:42:f3:59:1f:2a:ec:8c:09:13:26:bb:1b:aa:85:29:
b2:64:94:ab:70:57:ec:04:77:e2:8f:6f:f2:6c:59:26:a3:e4:
24:6e:33:70:95:a2:45:5e:8f:0a:19:3c:52:23:fe:0a:df:7e:
19:06:c3:7f:bc:5d:9f:cf:49:24:0f:28:c1:6a:f0:d9:eb:af:
a9:3d:52:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYc9NBAqmOdiM/fpUSMFi1WrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNDAxMTQyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRjMDI0MTc0ZTgxZmIzYzEzOTViZGQ5MzM3NDY2NjI4NzljMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxQVh9zYIc3213IbvEhtcy61WgHQ
M/AQ8HDaNXXpyVAI2gN/8c5NG+/AwXCVvQj593dBeyWkN/vlUw9CL5HoTEjoP0G8
KegdM4AAfhTGy1RhssBTy4lWfdinDvRMBaBCp9XtJenCmMWWGw048T1Yo2QX2jvx
xf2K3Y4fqj9Q4wryC72KQIX56CWgplIrA+ctJOqlx1RhDkth6xdq8WDCdXjWPCvo
idinHQR/QOkIgJNCD12tsW+rPl/+17u94SozpA3nwqQahCtZji7woQjiAqIlVevY
YW5iYgHFuaF8FgcAQdKaR7QVAkCO3lM2W5WlAA5igRnrUO0sLuNPaOoTIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDJMAkF06B+zwTlb3ZM3RmYoecJ6MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTWt3Q1FYVG9IN1BCT1Z2ZGt6ZEdaaWg1d25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQng
MA0GCSqGSIb3DQEBCwUAA4IBAQAfCxAi6aRykDD5c15/DJ9zhpL0Q2Je8gC1xTt/
Iv/RzV7kZNaFoGPug28vYy9ZHUvd57plczA7GTMigEq5gQ50onZ9Be/U9mM39ecf
BgcanNV5DuQ6lmmTCQm69MuEwYhU41+XJkTWSso3Fo4gpl0oEe268Bdw4KHyRHHi
jnXJ5lpgLZZ/AzIR+s4E69qnBv2zA4nVRfwRr+Quk5N83RhVrbfmdKi02bqaCAt3
uHxNCtLD+Z4HgV5C81kfKuyMCRMmuxuqhSmyZJSrcFfsBHfij2/ybFkmo+QkbjNw
laJFXo8KGTxSI/4K334ZBsN/vF2fz0kkDyjBavDZ66+pPVKS
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:43 2025 by rpki-client