Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/mCA_480ZV61Ze648wYz6foBKoFk.roa
File: mCA_480ZV61Ze648wYz6foBKoFk.roa (raw, json)
Hash identifier: /DTuhDfA2GVo28j28fT7ynX8wHXCWpNm8Hy+0Zt6y6E=
Subject key identifier: 98:20:3F:E3:CD:19:57:AD:59:7B:AE:3C:C1:8C:FA:7E:80:4A:A0:59
Certificate issuer: /CN=2e0d40517a873b7dc2aeb28d0ed6a2f993a3d74d
Certificate serial: 03AB3315
Authority key identifier: 2E:0D:40:51:7A:87:3B:7D:C2:AE:B2:8D:0E:D6:A2:F9:93:A3:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lg1AUXqHO33CrrKNDtai-ZOj100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/mCA_480ZV61Ze648wYz6foBKoFk.roa
Signing time: Sat 01 Jan 2022 11:04:39 +0000
ROA not before: Sat 01 Jan 2022 11:04:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13039
IP address blocks: 192.54.45.0/24 maxlen: 24
192.109.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61551381 (0x3ab3315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0d40517a873b7dc2aeb28d0ed6a2f993a3d74d
Validity
Not Before: Jan 1 11:04:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98203fe3cd1957ad597bae3cc18cfa7e804aa059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:fc:dc:bf:cb:3b:5b:06:8b:27:a8:65:18:
9d:64:bc:fb:85:f1:e3:d7:17:60:69:7a:f7:24:63:
04:8d:a0:be:65:b8:45:4a:8b:cc:0f:33:1d:fc:88:
33:45:6a:ae:b1:1c:ba:b4:95:de:51:db:ba:de:21:
c0:15:e0:ed:3e:38:38:ea:0b:9c:67:cc:95:da:f4:
d6:26:20:72:53:10:16:b9:59:16:2c:d7:36:6d:91:
90:f7:3f:6e:f2:36:3b:c4:56:9f:31:66:7c:b6:3c:
f3:41:01:90:8e:5c:2a:3a:2d:0a:f5:d9:18:b9:a4:
06:92:83:5d:fa:88:7c:22:2d:a9:73:68:85:30:2f:
71:95:28:14:80:9d:69:b0:ac:54:4e:e4:ae:db:b2:
32:31:a5:16:24:0a:ed:10:ee:91:5f:94:16:c2:06:
31:9d:6f:c0:07:cf:4a:bb:8f:0d:90:ad:af:fb:26:
40:87:5f:5e:8d:4d:25:20:0f:44:82:b5:fc:a4:9d:
9c:9d:e2:d1:fd:02:d0:8b:8b:0c:e3:80:65:e3:f2:
39:9c:83:ce:61:2f:fb:4a:d9:c7:1b:7d:ac:e5:3f:
ab:f2:1b:9b:72:fa:a6:64:8f:5d:1b:b4:91:92:ee:
54:b7:2e:74:14:d8:5f:7f:26:cf:6f:ec:8e:d5:69:
fb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:20:3F:E3:CD:19:57:AD:59:7B:AE:3C:C1:8C:FA:7E:80:4A:A0:59
X509v3 Authority Key Identifier:
keyid:2E:0D:40:51:7A:87:3B:7D:C2:AE:B2:8D:0E:D6:A2:F9:93:A3:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lg1AUXqHO33CrrKNDtai-ZOj100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/mCA_480ZV61Ze648wYz6foBKoFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.54.45.0/24
192.109.252.0/24
Signature Algorithm: sha256WithRSAEncryption
86:16:ca:c7:24:85:1d:c1:01:06:7e:ef:2a:3a:ec:40:18:2c:
26:e0:58:c1:e9:cb:c6:68:7b:1d:c9:b2:c5:67:bd:1a:70:11:
66:8e:47:71:f5:a6:9a:88:b8:37:62:5b:ce:c9:27:fa:ef:62:
70:bc:23:86:a5:d4:63:4a:e4:6f:40:56:00:d9:28:b2:8a:4d:
3f:35:c9:b9:81:4e:94:b1:23:8b:5b:19:7a:da:5d:34:41:2c:
4c:f7:8e:2d:56:0c:9b:e7:4b:45:7f:1c:4f:c1:c5:b9:dc:4f:
37:90:22:0a:11:39:02:11:0f:14:d5:93:8d:e3:7c:8c:8a:bb:
24:31:1f:26:c0:ca:67:5f:27:f5:01:c3:65:1f:7a:98:8c:8a:
b7:7d:8d:69:22:b2:c0:9c:fe:66:98:63:f0:c3:2c:23:10:0e:
45:0d:05:27:32:05:5c:b7:a8:9e:e1:40:8a:6d:35:70:d3:47:
61:8a:42:fe:b9:90:d3:bb:38:bc:98:2c:82:c3:a3:da:7d:20:
bf:ac:d8:39:0f:5f:38:38:e5:40:12:f5:0c:dd:73:ee:13:7c:
c4:7d:bb:e6:24:d7:02:97:b5:a7:5f:3a:cf:f1:8c:e3:94:ba:
ae:fa:2e:26:ac:9a:33:54:51:4e:f2:42:1a:db:c4:db:bf:1e:
dc:80:ca:b5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA6szFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTBkNDA1MTdhODczYjdkYzJhZWIyOGQwZWQ2YTJmOTkzYTNkNzRkMB4XDTIyMDEw
MTExMDQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgyMDNmZTNjZDE5
NTdhZDU5N2JhZTNjYzE4Y2ZhN2U4MDRhYTA1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsQ/Ny/yztbBosnqGUYnWS8+4Xx49cXYGl69yRjBI2gvmW4
RUqLzA8zHfyIM0VqrrEcurSV3lHbut4hwBXg7T44OOoLnGfMldr01iYgclMQFrlZ
FizXNm2RkPc/bvI2O8RWnzFmfLY880EBkI5cKjotCvXZGLmkBpKDXfqIfCItqXNo
hTAvcZUoFICdabCsVE7krtuyMjGlFiQK7RDukV+UFsIGMZ1vwAfPSruPDZCtr/sm
QIdfXo1NJSAPRIK1/KSdnJ3i0f0C0IuLDOOAZePyOZyDzmEv+0rZxxt9rOU/q/Ib
m3L6pmSPXRu0kZLuVLcudBTYX38mz2/sjtVp+/kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSYID/jzRlXrVl7rjzBjPp+gEqgWTAfBgNVHSMEGDAWgBQuDUBReoc7fcKu
so0O1qL5k6PXTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xnMUFVWHFITzMzQ3JyS05EdGFpLVpPajEwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMTRlOTIwLTE0YTctNDFjZi1iZGQ3LTU3Nzg2OTUxYjc4Zi8x
L21DQV80ODBaVjYxWmU2NDh3WXo2Zm9CS29Gay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MTRlOTIwLTE0YTctNDFjZi1iZGQ3LTU3Nzg2OTUxYjc4Zi8xL0xnMUFVWHFITzMz
Q3JyS05EdGFpLVpPajEwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMA2LQMEAMBt/DANBgkqhkiG9w0B
AQsFAAOCAQEAhhbKxySFHcEBBn7vKjrsQBgsJuBYwenLxmh7HcmyxWe9GnARZo5H
cfWmmoi4N2Jbzskn+u9icLwjhqXUY0rkb0BWANkosopNPzXJuYFOlLEji1sZetpd
NEEsTPeOLVYMm+dLRX8cT8HFudxPN5AiChE5AhEPFNWTjeN8jIq7JDEfJsDKZ18n
9QHDZR96mIyKt32NaSKywJz+Zphj8MMsIxAORQ0FJzIFXLeonuFAim01cNNHYYpC
/rmQ07s4vJgsgsOj2n0gv6zYOQ9fODjlQBL1DN1z7hN8xH275iTXApe1p186z/GM
45S6rvouJqyaM1RRTvJCGtvE278e3IDKtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:18 2024 by rpki-client on console-ams.rpki-client.org