Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/mpvjOM3a0nEVyEqcvqdPWSdwOT0.roa
File: mpvjOM3a0nEVyEqcvqdPWSdwOT0.roa (raw, json)
Hash identifier: rYzw7zo0tAh0d7ZS782I9Nta4BpEaOf2ksqUhGEYGhk=
Subject key identifier: 9A:9B:E3:38:CD:DA:D2:71:15:C8:4A:9C:BE:A7:4F:59:27:70:39:3D
Certificate issuer: /CN=d2323101b29596ff442d3749373b8e9983354670
Certificate serial: 01857039A87220E2371CB7F50DAFE3340BAA
Authority key identifier: D2:32:31:01:B2:95:96:FF:44:2D:37:49:37:3B:8E:99:83:35:46:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jIxAbKVlv9ELTdJNzuOmYM1RnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/mpvjOM3a0nEVyEqcvqdPWSdwOT0.roa
Signing time: Mon 02 Jan 2023 02:05:04 +0000
ROA not before: Mon 02 Jan 2023 02:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 45.152.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a8:72:20:e2:37:1c:b7:f5:0d:af:e3:34:0b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2323101b29596ff442d3749373b8e9983354670
Validity
Not Before: Jan 2 02:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a9be338cddad27115c84a9cbea74f592770393d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f0:b9:7d:ed:bd:0c:6a:17:10:e6:a9:9e:7b:
9d:ce:86:29:74:e7:1e:98:22:dc:3d:d6:01:06:73:
8e:0a:8c:f9:6d:2a:c2:70:c9:ec:6b:14:f5:a1:71:
63:82:3d:6e:84:a3:d8:20:24:f9:5f:0c:77:26:f6:
58:d9:19:3e:20:53:c0:84:04:67:b6:06:02:66:ee:
74:d7:07:b3:d4:bc:7e:ec:fb:be:69:f7:80:12:71:
a2:16:d5:45:24:93:00:d1:e6:2c:af:66:69:74:76:
89:c2:42:14:f8:3e:8b:83:62:7e:ea:f3:58:83:cf:
46:39:08:10:12:4a:70:8b:cb:20:56:65:99:c7:87:
04:dd:fb:bc:52:e7:7b:4b:7e:4c:77:82:9d:ad:d0:
cb:f5:01:60:9f:f5:7a:4d:51:6f:53:75:11:3c:bf:
b2:dc:1d:66:50:58:33:2b:36:09:60:d0:4e:f1:46:
de:5b:b2:2c:35:fb:79:5e:be:34:06:3c:e6:61:dd:
66:f1:33:74:56:8a:4f:48:76:d7:2a:10:a9:89:14:
cd:6d:98:b0:38:df:66:00:14:8e:7f:f4:1b:e5:e6:
41:6d:7c:2c:bc:d9:e5:14:5b:3e:47:60:cb:d6:a4:
e4:82:92:b5:96:01:d0:aa:ee:bb:36:30:d0:65:9d:
18:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9B:E3:38:CD:DA:D2:71:15:C8:4A:9C:BE:A7:4F:59:27:70:39:3D
X509v3 Authority Key Identifier:
keyid:D2:32:31:01:B2:95:96:FF:44:2D:37:49:37:3B:8E:99:83:35:46:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jIxAbKVlv9ELTdJNzuOmYM1RnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/mpvjOM3a0nEVyEqcvqdPWSdwOT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/0jIxAbKVlv9ELTdJNzuOmYM1RnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.24.0/22
Signature Algorithm: sha256WithRSAEncryption
14:5c:49:5e:f8:7e:34:04:b2:61:5e:e0:cb:c0:1d:d5:29:9b:
dc:c4:e9:8c:f6:8b:37:0e:44:81:69:24:9b:68:de:c5:ec:7c:
2d:38:21:ff:9d:62:9b:b4:6f:0b:58:87:5a:a4:22:ae:f8:4b:
72:60:a5:83:17:19:df:20:64:96:5b:09:59:60:43:92:88:d9:
2a:9c:57:c3:27:d0:a4:ed:7b:12:29:3e:c6:5c:bc:f3:cb:72:
64:5c:ca:13:5f:fe:4d:1d:b3:cb:95:77:ed:75:74:0b:01:9a:
ca:68:91:4f:27:4a:e1:62:7b:ee:3f:24:2c:b1:b7:7d:a9:7d:
24:99:be:31:fd:d7:eb:34:1e:5a:9b:4e:9a:d2:82:96:12:e2:
6a:2d:ef:3b:b0:1a:2f:43:3f:97:9a:e9:bd:00:27:b1:db:b0:
39:ed:ea:53:c7:06:71:81:1c:c7:1b:ec:c9:b6:5f:c2:c0:c6:
cc:62:72:8e:9e:b4:a7:9d:17:87:f0:26:08:8a:83:c7:f9:81:
bc:02:7b:4a:e7:dd:67:c9:37:db:8a:fc:0e:9e:54:c1:41:41:
fc:35:73:72:5a:99:fb:b8:d9:f4:65:b1:a8:62:9a:f8:f8:17:
1b:3a:9f:8a:0c:69:3c:3c:af:6b:46:90:35:eb:15:80:c7:96:
0a:19:42:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOahyIOI3HLf1Da/jNAuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzIzMTAxYjI5NTk2ZmY0NDJkMzc0OTM3M2I4ZTk5ODMz
NTQ2NzAwHhcNMjMwMTAyMDIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTliZTMzOGNkZGFkMjcxMTVjODRhOWNiZWE3NGY1OTI3NzAzOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPC5fe29DGoXEOapnnudzoYpdOce
mCLcPdYBBnOOCoz5bSrCcMnsaxT1oXFjgj1uhKPYICT5Xwx3JvZY2Rk+IFPAhARn
tgYCZu501wez1Lx+7Pu+afeAEnGiFtVFJJMA0eYsr2ZpdHaJwkIU+D6Lg2J+6vNY
g89GOQgQEkpwi8sgVmWZx4cE3fu8Uud7S35Md4KdrdDL9QFgn/V6TVFvU3URPL+y
3B1mUFgzKzYJYNBO8UbeW7IsNft5Xr40BjzmYd1m8TN0VopPSHbXKhCpiRTNbZiw
ON9mABSOf/Qb5eZBbXwsvNnlFFs+R2DL1qTkgpK1lgHQqu67NjDQZZ0YNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqb4zjN2tJxFchKnL6nT1kncDk9MB8GA1UdIwQY
MBaAFNIyMQGylZb/RC03STc7jpmDNUZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpJeEFiS1ZsdjlFTFRkSk56dU9tWU0xUm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81YjQxODUtYjA4MC00OThlLThjYzct
NmE2YWY1Yjc0ZDM4LzEvbXB2ak9NM2EwbkVWeUVxY3ZxZFBXU2R3T1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81YjQxODUtYjA4MC00OThlLThjYzctNmE2YWY1Yjc0ZDM4
LzEvMGpJeEFiS1ZsdjlFTFRkSk56dU9tWU0xUm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZgYMA0G
CSqGSIb3DQEBCwUAA4IBAQAUXEle+H40BLJhXuDLwB3VKZvcxOmM9os3DkSBaSSb
aN7F7HwtOCH/nWKbtG8LWIdapCKu+EtyYKWDFxnfIGSWWwlZYEOSiNkqnFfDJ9Ck
7XsSKT7GXLzzy3JkXMoTX/5NHbPLlXftdXQLAZrKaJFPJ0rhYnvuPyQssbd9qX0k
mb4x/dfrNB5am06a0oKWEuJqLe87sBovQz+Xmum9ACex27A57epTxwZxgRzHG+zJ
tl/CwMbMYnKOnrSnnReH8CYIioPH+YG8AntK591nyTfbivwOnlTBQUH8NXNyWpn7
uNn0ZbGoYpr4+BcbOp+KDGk8PK9rRpA16xWAx5YKGUJM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:18 2025 by rpki-client