Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/mLzVd84_d0z0Hkamfu2pHw04k_g.roa
File: mLzVd84_d0z0Hkamfu2pHw04k_g.roa (raw, json)
Hash identifier: VdCivDFF59Ta1VCdGY/Vemfud/DBOc4AAwWe+tburZs=
Subject key identifier: 98:BC:D5:77:CE:3F:77:4C:F4:1E:46:A6:7E:ED:A9:1F:0D:38:93:F8
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 01857002783ECD66C3479BF42272E0753737
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/mLzVd84_d0z0Hkamfu2pHw04k_g.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42087
IP address blocks: 2a00:1fa2:ba00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:78:3e:cd:66:c3:47:9b:f4:22:72:e0:75:37:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98bcd577ce3f774cf41e46a67eeda91f0d3893f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:92:4e:88:00:50:a7:c3:b1:f5:3e:18:7d:
7e:0b:7c:dc:f0:be:e7:5b:9f:53:c3:87:14:e4:04:
3a:46:65:99:f5:8a:4c:e8:7b:48:72:f7:6d:a6:32:
18:38:99:f9:44:d6:91:b5:f9:21:79:e2:38:6c:41:
45:97:84:a2:3a:bb:4b:5b:38:61:35:07:0b:f3:ee:
ca:13:d1:61:ba:d3:d8:6c:f7:b7:fb:93:d6:f1:6f:
40:a1:8e:46:45:11:08:d0:e8:17:d8:57:86:5c:8b:
2d:f0:a9:a9:ec:2a:56:d8:50:3d:23:0f:5a:72:3b:
ad:c1:f9:8f:d1:11:14:34:8e:34:69:b1:2a:c4:2a:
e6:fc:d4:68:0d:ab:35:64:94:1e:3e:46:34:94:aa:
a5:d0:dc:90:21:e5:f0:92:37:cd:05:14:6d:dc:f1:
23:71:d2:d6:b7:3f:76:08:0d:ce:50:40:4f:08:a3:
74:ae:ec:67:d2:7b:7e:8e:07:fd:27:7f:7a:73:5e:
41:6a:8d:cc:be:78:b7:ed:c2:76:09:0b:ed:c6:53:
0a:3e:70:a4:af:ab:e6:30:35:bc:52:c5:2d:94:96:
6c:7c:aa:ae:51:7f:92:4e:0e:cd:8e:9e:6f:31:d5:
c4:18:99:1c:e5:66:60:d9:cd:26:fc:86:fb:a1:d6:
fb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BC:D5:77:CE:3F:77:4C:F4:1E:46:A6:7E:ED:A9:1F:0D:38:93:F8
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/mLzVd84_d0z0Hkamfu2pHw04k_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1fa2:ba00::/40
Signature Algorithm: sha256WithRSAEncryption
7e:06:d2:07:00:89:aa:03:3e:1e:bb:45:fc:f0:75:47:91:85:
1a:5f:ab:48:f7:db:f4:52:4b:50:54:5a:46:ed:37:b9:c6:35:
ca:65:bb:1f:ff:fb:7b:31:df:cb:86:74:d9:41:e8:e6:b1:ac:
7f:08:7f:88:e0:f2:56:8f:a7:c8:0d:fb:f6:3e:9a:a5:20:ef:
c9:be:c4:1d:eb:c0:94:4a:85:fc:4e:33:c4:ca:c6:05:e1:43:
e4:83:13:71:45:09:55:37:f8:e4:21:b7:35:c8:85:2c:23:54:
44:98:bd:cb:19:d7:e7:6e:11:bd:25:c1:74:97:4f:e9:fe:9a:
1b:66:e4:54:44:20:b9:51:f2:73:48:1a:8f:af:3e:11:69:6a:
d6:2c:e2:6e:e2:6f:8e:81:11:cf:67:45:da:2c:a7:c6:30:87:
4c:de:87:b5:58:59:63:5c:fc:ef:e1:5b:4f:6d:05:70:cd:84:
4b:fe:37:76:fd:27:6d:f0:65:54:9f:4f:2e:30:8a:ec:d3:5e:
08:1a:ae:63:12:c2:60:fc:07:f4:ae:fa:f6:96:5d:ea:08:ac:
ec:26:af:a4:49:f1:9a:0a:db:cc:d2:70:f0:80:99:98:71:75:
db:6a:c5:ac:0d:ab:4b:23:e7:bf:39:ab:a5:90:e9:24:fe:81:
5f:f4:83:2c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwAng+zWbDR5v0InLgdTc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJjZDU3N2NlM2Y3NzRjZjQxZTQ2YTY3ZWVkYTkxZjBkMzg5M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpCSTogAUKfDsfU+GH1+C3zc8L7n
W59Tw4cU5AQ6RmWZ9YpM6HtIcvdtpjIYOJn5RNaRtfkheeI4bEFFl4SiOrtLWzhh
NQcL8+7KE9FhutPYbPe3+5PW8W9AoY5GRREI0OgX2FeGXIst8Kmp7CpW2FA9Iw9a
cjutwfmP0REUNI40abEqxCrm/NRoDas1ZJQePkY0lKql0NyQIeXwkjfNBRRt3PEj
cdLWtz92CA3OUEBPCKN0ruxn0nt+jgf9J396c15Bao3Mvni37cJ2CQvtxlMKPnCk
r6vmMDW8UsUtlJZsfKquUX+STg7Njp5vMdXEGJkc5WZg2c0m/Ib7odb7iwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJi81XfOP3dM9B5Gpn7tqR8NOJP4MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbUx6VmQ4NF9kMHowSGthbWZ1MnBIdzA0a19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgAforow
DQYJKoZIhvcNAQELBQADggEBAH4G0gcAiaoDPh67RfzwdUeRhRpfq0j32/RSS1BU
WkbtN7nGNcplux//+3sx38uGdNlB6OaxrH8If4jg8laPp8gN+/Y+mqUg78m+xB3r
wJRKhfxOM8TKxgXhQ+SDE3FFCVU3+OQhtzXIhSwjVESYvcsZ1+duEb0lwXSXT+n+
mhtm5FREILlR8nNIGo+vPhFpatYs4m7ib46BEc9nRdosp8Ywh0zeh7VYWWNc/O/h
W09tBXDNhEv+N3b9J23wZVSfTy4wiuzTXggarmMSwmD8B/Su+vaWXeoIrOwmr6RJ
8ZoK28zScPCAmZhxddtqxawNq0sj5785q6WQ6ST+gV/0gyw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:59 2025 by rpki-client