Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/MK25UR3rp_bvJY8Ry_D-1A4PqGw.roa
File: MK25UR3rp_bvJY8Ry_D-1A4PqGw.roa (raw, json)
Hash identifier: 2COHti3Dntt7IkVEg6h0Eb67clesiVJNLHfP4IYX3X0=
Subject key identifier: 30:AD:B9:51:1D:EB:A7:F6:EF:25:8F:11:CB:F0:FE:D4:0E:0F:A8:6C
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018C8B99713F0C2697D0C703C311FBDF3CB7
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/MK25UR3rp_bvJY8Ry_D-1A4PqGw.roa
Signing time: Thu 21 Dec 2023 08:58:58 +0000
ROA not before: Thu 21 Dec 2023 08:58:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:92c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:99:71:3f:0c:26:97:d0:c7:03:c3:11:fb:df:3c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Dec 21 08:58:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30adb9511deba7f6ef258f11cbf0fed40e0fa86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:51:0b:36:94:c1:f9:16:7f:08:13:0f:1d:
1b:42:8f:64:79:c3:25:3c:2e:82:8b:39:62:a3:16:
aa:d8:01:9b:f9:7a:ab:0c:ad:56:a9:e5:a5:e9:a8:
9e:a3:f4:bb:c4:6e:07:a6:af:5d:0d:a1:41:43:9b:
63:27:53:d0:10:36:bd:75:56:53:bb:2f:ec:dd:f7:
28:53:19:22:96:e9:1a:ac:4b:11:7b:16:cb:f1:9d:
18:32:5d:a9:4b:d5:69:bd:d3:4e:ea:fd:80:27:aa:
e6:d3:f1:af:e8:80:03:c0:dc:66:c9:9f:81:97:fa:
60:30:4d:17:91:cc:7f:79:7d:98:ed:17:cf:1c:ec:
c1:e7:09:18:3d:41:15:4d:49:22:8f:27:43:f7:bd:
c1:e8:2a:2e:6a:cf:e7:ac:75:37:d6:fd:36:40:03:
47:c8:9b:02:da:a0:88:4b:12:e1:f5:9a:e0:b7:d4:
52:72:64:08:7b:3c:7d:a4:37:12:c6:94:55:bf:0a:
e5:05:41:70:4e:7d:b1:09:28:d7:d0:f4:6e:20:19:
98:8b:e0:46:b6:58:66:cb:70:20:43:5a:51:13:db:
a4:ef:58:4d:84:f0:cb:b6:e7:86:21:f2:a7:25:3a:
70:fc:1c:b8:cb:9b:2b:3f:ae:62:ab:e0:f4:2b:6f:
e6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AD:B9:51:1D:EB:A7:F6:EF:25:8F:11:CB:F0:FE:D4:0E:0F:A8:6C
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/MK25UR3rp_bvJY8Ry_D-1A4PqGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:ab:5a:45:c5:3b:91:80:3d:80:cb:f1:70:c5:f5:2c:7a:9e:
3b:db:d2:65:0b:aa:aa:fe:88:a3:ee:94:08:a0:b6:29:0f:68:
f4:a0:0e:f2:08:63:67:0d:08:54:84:ed:cf:76:dd:ec:b1:67:
66:0c:d2:f8:df:f5:16:d2:d4:e3:b7:2f:a0:a4:55:fb:37:0e:
9e:ef:e7:2c:fc:9b:f6:9c:99:56:25:7b:04:e5:bb:de:6f:02:
77:22:5d:64:87:9f:83:0f:23:76:8d:91:4e:8f:08:b1:1d:12:
02:19:6a:92:0a:cc:56:fa:0c:76:44:71:10:80:09:4e:6d:a0:
f4:51:0d:20:68:df:b5:c2:5e:5c:20:00:d5:44:11:c9:b5:e2:
90:f4:13:19:d2:ad:83:6d:fd:6b:14:f8:f7:b5:7e:5a:74:59:
12:ab:74:9b:3d:e9:0c:4c:c1:9f:c5:6d:60:48:e4:43:10:66:
95:06:89:1d:8a:83:68:91:bd:b3:86:51:58:99:8d:d9:6f:74:
88:c3:0f:e5:4e:51:55:8b:20:ed:49:48:18:6a:5c:4f:2a:7a:
88:0a:20:72:26:c0:56:c4:6f:a3:80:8e:09:42:59:69:15:98:
fb:92:ca:71:af:63:44:83:ee:5f:db:fe:58:1a:f5:20:62:63:
b6:95:20:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyLmXE/DCaX0McDwxH73zy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjMxMjIxMDg1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFkYjk1MTFkZWJhN2Y2ZWYyNThmMTFjYmYwZmVkNDBlMGZhODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/dRCzaUwfkWfwgTDx0bQo9kecMl
PC6Cizlioxaq2AGb+XqrDK1WqeWl6aieo/S7xG4Hpq9dDaFBQ5tjJ1PQEDa9dVZT
uy/s3fcoUxkilukarEsRexbL8Z0YMl2pS9VpvdNO6v2AJ6rm0/Gv6IADwNxmyZ+B
l/pgME0Xkcx/eX2Y7RfPHOzB5wkYPUEVTUkijydD973B6Couas/nrHU31v02QANH
yJsC2qCISxLh9Zrgt9RScmQIezx9pDcSxpRVvwrlBUFwTn2xCSjX0PRuIBmYi+BG
tlhmy3AgQ1pRE9uk71hNhPDLtueGIfKnJTpw/By4y5srP65iq+D0K2/mTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDCtuVEd66f27yWPEcvw/tQOD6hsMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvTUsyNVVSM3JwX2J2Slk4UnlfRC0xQTRQcUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOSwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKqtaRcU7kYA9gMvxcMX1LHqeO9vSZQuqqv6Io+6U
CKC2KQ9o9KAO8ghjZw0IVITtz3bd7LFnZgzS+N/1FtLU47cvoKRV+zcOnu/nLPyb
9pyZViV7BOW73m8CdyJdZIefgw8jdo2RTo8IsR0SAhlqkgrMVvoMdkRxEIAJTm2g
9FENIGjftcJeXCAA1UQRybXikPQTGdKtg239axT497V+WnRZEqt0mz3pDEzBn8Vt
YEjkQxBmlQaJHYqDaJG9s4ZRWJmN2W90iMMP5U5RVYsg7UlIGGpcTyp6iAogcibA
VsRvo4COCUJZaRWY+5LKca9jRIPuX9v+WBr1IGJjtpUgcw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:49 2025 by rpki-client