Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/MWzEM6rU8bfDWyBulPpOBAPtOMw.roa
File: MWzEM6rU8bfDWyBulPpOBAPtOMw.roa (raw, json)
Hash identifier: QdXQMHhdptfqRgIcK2TzlNtfzgMvxtvvpAaEREc5IyE=
Subject key identifier: 31:6C:C4:33:AA:D4:F1:B7:C3:5B:20:6E:94:FA:4E:04:03:ED:38:CC
Certificate issuer: /CN=1a88f429edc86aa87bb3a17717cea71c70873af2
Certificate serial: 0327C544
Authority key identifier: 1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/MWzEM6rU8bfDWyBulPpOBAPtOMw.roa
Signing time: Sat 01 Jan 2022 06:56:13 +0000
ROA not before: Sat 01 Jan 2022 06:56:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51732
IP address blocks: 91.220.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52938052 (0x327c544)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a88f429edc86aa87bb3a17717cea71c70873af2
Validity
Not Before: Jan 1 06:56:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=316cc433aad4f1b7c35b206e94fa4e0403ed38cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a6:9f:77:14:2e:53:6c:59:ac:b0:f5:33:ff:
aa:db:60:25:91:59:fb:78:b0:c0:df:fc:43:1c:58:
28:46:4d:9f:c8:2c:2f:6c:93:0b:4e:19:85:56:c2:
f3:aa:7f:85:93:df:11:ca:17:97:4b:19:d5:54:12:
66:99:e2:63:04:a8:62:7a:bf:7e:82:c6:7b:45:97:
04:8b:b4:e5:dd:75:92:62:02:3c:39:50:bb:ca:95:
7f:94:b6:8f:1c:61:d2:7a:23:f1:39:b1:e7:28:41:
c2:77:86:50:a7:de:b4:dc:bf:27:56:1f:bc:13:55:
a3:15:55:50:6d:b4:fe:98:18:bd:eb:b4:eb:82:8a:
8f:83:d7:08:8f:37:39:84:73:d4:26:49:1b:94:6b:
af:28:b5:61:c8:e5:28:34:28:7c:92:65:45:f6:96:
f5:57:4b:72:1d:d2:9b:4d:6d:01:e7:df:be:a1:84:
19:cd:69:f2:b8:a9:0d:c9:33:e7:59:f0:a7:6c:d9:
03:cb:d7:b3:f3:68:a4:aa:60:60:e4:6a:65:ba:3f:
e1:3f:c5:a1:ea:76:0f:03:e7:3c:30:d7:42:34:d0:
ca:f5:25:cb:89:16:0c:e8:b0:c9:83:3d:f9:eb:5b:
2f:be:0d:17:18:72:0e:e3:1e:0a:f5:1e:f4:d8:8b:
79:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6C:C4:33:AA:D4:F1:B7:C3:5B:20:6E:94:FA:4E:04:03:ED:38:CC
X509v3 Authority Key Identifier:
keyid:1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/MWzEM6rU8bfDWyBulPpOBAPtOMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.79.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c7:91:e4:a1:e7:8a:7d:bb:dc:51:26:fb:45:78:ab:ac:98:
29:d9:cf:5d:67:a4:59:62:8b:de:b1:9e:65:22:cb:35:f7:6b:
9e:35:df:f9:b0:75:85:af:f2:53:fa:fe:10:cd:5c:08:00:a1:
b5:f6:89:86:11:e5:ca:f4:70:f5:ac:33:69:8a:9b:1a:e8:f2:
fc:27:3f:96:5f:92:22:31:05:16:93:14:10:71:8e:95:08:d2:
52:9b:0e:5d:d1:12:c7:8a:fe:8c:88:6a:f3:e3:36:0b:bc:dd:
8b:d0:d0:d9:11:5c:5e:24:17:87:bb:3f:00:3e:2d:e3:30:90:
09:4d:4e:ce:35:ef:74:3e:d3:9b:d9:34:bf:5c:c7:38:ff:96:
5f:d4:23:d7:30:1c:98:19:25:0a:3f:7a:c5:00:b7:83:05:b5:
b1:cd:0c:6a:d7:18:51:c4:be:35:66:4b:47:f6:41:3c:7d:dd:
98:30:66:35:28:87:7d:cb:c9:2d:2f:f7:16:61:fc:a0:d0:62:
2f:1b:71:0e:e6:15:6e:ef:e2:56:17:16:a4:10:85:95:54:20:
69:c9:5b:36:fd:41:87:bf:bb:1c:f2:97:4c:fe:62:f1:c4:a9:
ee:33:e5:37:76:33:8c:73:e5:bb:c1:6d:89:a5:ea:18:eb:19:
33:dc:0b:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyfFRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTg4ZjQyOWVkYzg2YWE4N2JiM2ExNzcxN2NlYTcxYzcwODczYWYyMB4XDTIyMDEw
MTA2NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE2Y2M0MzNhYWQ0
ZjFiN2MzNWIyMDZlOTRmYTRlMDQwM2VkMzhjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANimn3cULlNsWayw9TP/qttgJZFZ+3iwwN/8QxxYKEZNn8gs
L2yTC04ZhVbC86p/hZPfEcoXl0sZ1VQSZpniYwSoYnq/foLGe0WXBIu05d11kmIC
PDlQu8qVf5S2jxxh0noj8Tmx5yhBwneGUKfetNy/J1YfvBNVoxVVUG20/pgYveu0
64KKj4PXCI83OYRz1CZJG5Rrryi1YcjlKDQofJJlRfaW9VdLch3Sm01tAeffvqGE
Gc1p8ripDckz51nwp2zZA8vXs/NopKpgYORqZbo/4T/Foep2DwPnPDDXQjTQyvUl
y4kWDOiwyYM9+etbL74NFxhyDuMeCvUe9NiLeQECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxbMQzqtTxt8NbIG6U+k4EA+04zDAfBgNVHSMEGDAWgBQaiPQp7chqqHuz
oXcXzqcccIc68jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dvajBLZTNJYXFoN3M2RjNGODZuSEhDSE92SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvNzBkYjliLWUwN2EtNGZiZi05ZWJhLTA2ZDQ5OGY2MjBhMy8x
L01XekVNNnJVOGJmRFd5QnVsUHBPQkFQdE9Ndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
NzBkYjliLWUwN2EtNGZiZi05ZWJhLTA2ZDQ5OGY2MjBhMy8xL0dvajBLZTNJYXFo
N3M2RjNGODZuSEhDSE92SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcTzANBgkqhkiG9w0BAQsFAAOC
AQEAY8eR5KHnin273FEm+0V4q6yYKdnPXWekWWKL3rGeZSLLNfdrnjXf+bB1ha/y
U/r+EM1cCAChtfaJhhHlyvRw9awzaYqbGujy/Cc/ll+SIjEFFpMUEHGOlQjSUpsO
XdESx4r+jIhq8+M2C7zdi9DQ2RFcXiQXh7s/AD4t4zCQCU1OzjXvdD7Tm9k0v1zH
OP+WX9Qj1zAcmBklCj96xQC3gwW1sc0MatcYUcS+NWZLR/ZBPH3dmDBmNSiHfcvJ
LS/3FmH8oNBiLxtxDuYVbu/iVhcWpBCFlVQgaclbNv1Bh7+7HPKXTP5i8cSp7jPl
N3YzjHPlu8FtiaXqGOsZM9wLtA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:06 2025 by rpki-client