Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/mfe7HJHA2urqptAZ5nNBDD50RYM.roa
File: mfe7HJHA2urqptAZ5nNBDD50RYM.roa (raw, json)
Hash identifier: ol1qXW8Hbl2YhMV34E6ShsJbfP+EeqgkDzcqoZRjwEM=
Subject key identifier: 99:F7:BB:1C:91:C0:DA:EA:EA:A6:D0:19:E6:73:41:0C:3E:74:45:83
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E37F6DF140F25BE7844E47700142C
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/mfe7HJHA2urqptAZ5nNBDD50RYM.roa
Signing time: Mon 02 Jan 2023 06:14:43 +0000
ROA not before: Mon 02 Jan 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31396
IP address blocks: 2a0c:b641:410::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:37:f6:df:14:0f:25:be:78:44:e4:77:00:14:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99f7bb1c91c0daeaeaa6d019e673410c3e744583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:ea:0c:9e:30:74:78:5b:ad:3e:a0:6c:f1:
1b:a4:68:5e:1e:7b:75:47:06:aa:ab:bb:d9:91:ed:
8f:bc:10:c1:ea:0f:00:ff:d1:f0:06:a1:58:d3:92:
e0:70:5e:da:9d:f2:66:e3:ae:79:b5:32:f1:eb:2f:
6a:bd:84:3b:b9:cb:87:ce:d8:8d:60:07:53:f9:35:
e1:e3:3a:db:d4:42:0a:85:dd:5d:7d:10:92:df:be:
3a:44:ac:7a:f9:a0:d6:0c:99:e9:34:34:06:10:8e:
b6:3b:67:19:b9:f6:09:f5:6e:03:f9:b9:ce:2b:db:
ed:87:79:26:28:48:93:69:89:99:f8:42:27:98:a0:
0e:9b:a7:97:9d:c1:d2:75:81:3d:67:00:b7:78:70:
d0:9b:c0:e2:8f:e9:22:20:5c:e3:b6:7b:66:c3:9f:
1f:e9:40:68:be:e6:b9:c7:3f:24:42:2c:4a:af:bd:
e3:55:d5:73:59:ce:2c:60:a4:39:2d:43:02:ba:7d:
46:34:8c:1a:cb:ed:e8:45:46:9b:39:d2:a9:09:2d:
3e:a0:0b:f1:c5:e9:f5:4e:2e:60:5d:ca:fa:04:a0:
87:63:c6:de:bf:2c:07:69:20:4a:d9:90:39:7a:55:
9c:36:a5:6a:c2:ab:03:34:a2:66:76:2f:c7:d1:a9:
be:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F7:BB:1C:91:C0:DA:EA:EA:A6:D0:19:E6:73:41:0C:3E:74:45:83
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/mfe7HJHA2urqptAZ5nNBDD50RYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:410::/44
Signature Algorithm: sha256WithRSAEncryption
09:bb:54:c2:0a:e9:0a:66:41:5e:9a:b8:72:b5:24:ad:bc:28:
a2:c6:12:d5:24:37:dd:39:ee:a2:0c:8d:50:7f:83:bc:03:95:
dd:42:03:df:25:cb:27:0e:e2:85:8e:51:2a:fc:1a:14:eb:15:
2f:4b:35:f2:2e:ff:e8:5c:65:4d:39:38:ca:f5:ac:d3:02:72:
8a:35:18:d5:e8:69:d1:83:7c:9d:c9:7b:8a:20:d9:0f:72:e4:
9c:c3:91:99:da:61:ec:d7:55:55:dd:5b:52:b8:a1:7c:56:c9:
79:56:de:d6:af:66:56:48:1c:47:f3:fa:30:02:f3:42:7b:1d:
3a:89:6d:78:c0:91:22:c1:8f:17:ed:d3:f0:d9:cb:75:ac:f0:
67:25:3c:35:4f:b6:9c:dd:c0:e7:82:e7:99:61:b2:40:d5:2d:
ad:8a:61:40:6e:00:18:e1:ef:91:22:b9:5a:32:29:f8:4f:8b:
40:d2:fc:27:07:6e:d5:ca:5c:1d:5a:23:b5:86:4f:c8:0f:00:
2a:1e:96:d2:74:cf:bf:b9:e7:4b:71:8a:c6:bf:27:3d:69:5d:
ba:bd:75:24:8b:d4:12:e6:f5:7b:f3:6f:fa:9f:35:55:21:a5:
8d:d1:7a:cb:e9:62:32:53:bf:a0:41:f6:a0:5d:4f:d4:07:2b:
63:29:a1:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHjf23xQPJb54ROR3ABQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY3YmIxYzkxYzBkYWVhZWFhNmQwMTllNjczNDEwYzNlNzQ0NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLDqDJ4wdHhbrT6gbPEbpGheHnt1
Rwaqq7vZke2PvBDB6g8A/9HwBqFY05LgcF7anfJm4655tTLx6y9qvYQ7ucuHztiN
YAdT+TXh4zrb1EIKhd1dfRCS3746RKx6+aDWDJnpNDQGEI62O2cZufYJ9W4D+bnO
K9vth3kmKEiTaYmZ+EInmKAOm6eXncHSdYE9ZwC3eHDQm8Dij+kiIFzjtntmw58f
6UBovua5xz8kQixKr73jVdVzWc4sYKQ5LUMCun1GNIway+3oRUabOdKpCS0+oAvx
xen1Ti5gXcr6BKCHY8bevywHaSBK2ZA5elWcNqVqwqsDNKJmdi/H0am+KQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJn3uxyRwNrq6qbQGeZzQQw+dEWDMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvbWZlN0hKSEEydXJxcHRBWjVuTkJERDUwUllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAJu1TCCukKZkFemrhytSStvCiixhLVJDfdOe6i
DI1Qf4O8A5XdQgPfJcsnDuKFjlEq/BoU6xUvSzXyLv/oXGVNOTjK9azTAnKKNRjV
6GnRg3ydyXuKINkPcuScw5GZ2mHs11VV3VtSuKF8Vsl5Vt7Wr2ZWSBxH8/owAvNC
ex06iW14wJEiwY8X7dPw2ct1rPBnJTw1T7ac3cDngueZYbJA1S2timFAbgAY4e+R
IrlaMin4T4tA0vwnB27VylwdWiO1hk/IDwAqHpbSdM+/uedLcYrGvyc9aV26vXUk
i9QS5vV782/6nzVVIaWN0XrL6WIyU7+gQfagXU/UBytjKaF8
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:47 2025 by rpki-client