Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/MZ4vPJzcaM4r1-ICmyzd5Fw5duo.roa
File: MZ4vPJzcaM4r1-ICmyzd5Fw5duo.roa (raw, json)
Hash identifier: 7ZyBIO4DNFxLjyXWxAzOzZDDuHEoyMHecbH7l8zsw+Q=
Subject key identifier: 31:9E:2F:3C:9C:DC:68:CE:2B:D7:E2:02:9B:2C:DD:E4:5C:39:76:EA
Certificate issuer: /CN=843d1afcf13bd2117d47df683e40a63287004cfe
Certificate serial: 01856CAF0B942B0B8067F4D59C91544B0F4E
Authority key identifier: 84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/MZ4vPJzcaM4r1-ICmyzd5Fw5duo.roa
Signing time: Sun 01 Jan 2023 09:34:49 +0000
ROA not before: Sun 01 Jan 2023 09:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212001
IP address blocks: 45.142.85.0/24 maxlen: 24
45.142.86.0/24 maxlen: 24
45.142.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0b:94:2b:0b:80:67:f4:d5:9c:91:54:4b:0f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843d1afcf13bd2117d47df683e40a63287004cfe
Validity
Not Before: Jan 1 09:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=319e2f3c9cdc68ce2bd7e2029b2cdde45c3976ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4d:5e:15:36:8c:8b:25:b5:06:45:b7:e1:40:
20:1e:73:8e:99:6e:8d:52:22:68:fc:21:48:98:ea:
5d:81:16:4e:a8:e2:d3:25:96:1c:f4:85:a4:a7:d3:
f7:2f:7e:5f:af:e3:9f:50:0f:65:ec:84:22:32:6d:
db:4a:60:ee:ff:0a:18:e8:93:d8:73:51:18:63:8d:
28:b1:d4:ea:45:60:50:fc:62:3d:94:03:08:45:34:
1e:5d:6a:f2:0a:95:76:51:1f:b7:be:a3:af:26:7e:
43:e5:62:e6:a5:45:60:ea:43:ad:b2:84:93:f1:e6:
63:2f:a8:dd:2a:c9:66:49:85:09:08:16:0c:aa:fd:
24:56:0d:33:72:e4:d7:bb:80:21:09:9f:33:84:77:
4d:92:0b:0a:05:5f:78:7d:35:36:8b:3a:2b:c5:6e:
9e:b9:1a:af:b0:82:11:49:20:64:4f:21:6c:90:35:
83:e4:4a:cd:2b:46:1d:4e:24:c0:ca:5c:81:ca:6a:
d9:6f:40:c8:61:0e:d1:30:fd:31:3f:d3:dd:63:d6:
22:5e:f2:d9:50:9e:06:33:9f:27:a6:b6:2d:49:2f:
91:87:5c:bd:81:6f:b8:27:56:f2:69:4c:2b:3b:76:
4e:fc:82:c6:7f:68:f4:71:9c:6c:2a:81:c7:6f:92:
2e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9E:2F:3C:9C:DC:68:CE:2B:D7:E2:02:9B:2C:DD:E4:5C:39:76:EA
X509v3 Authority Key Identifier:
keyid:84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/MZ4vPJzcaM4r1-ICmyzd5Fw5duo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.85.0-45.142.87.255
Signature Algorithm: sha256WithRSAEncryption
dd:ba:c4:05:f7:40:36:37:d0:8b:e9:9c:33:8f:4e:12:31:d7:
bf:ff:47:2f:f8:4c:6e:76:c4:aa:f3:eb:a4:70:b5:63:00:5a:
73:34:ac:1a:a4:fd:3a:fd:cd:91:66:04:8d:8e:27:35:04:53:
28:b4:c4:ad:d8:cd:05:5d:60:d8:c5:d4:59:c3:7b:19:2a:af:
e1:d3:bb:6b:6e:72:06:7e:a5:68:27:ed:7f:73:b1:75:51:59:
34:24:18:06:a7:ca:ef:9c:5a:3a:01:55:13:59:94:43:0e:55:
e4:0b:9d:ef:8e:0b:c6:08:ad:74:3f:5c:1d:02:a7:fd:af:1a:
20:c3:da:9c:c3:69:1a:81:25:81:3b:68:66:37:ec:ef:c9:44:
e8:51:d7:05:8c:c8:8d:2a:25:d2:35:12:48:62:60:2e:31:e2:
ea:ea:93:04:7a:8b:cd:30:ab:4d:f5:f6:10:9e:37:09:2d:50:
85:cb:a4:0c:90:0a:44:63:b9:48:63:9b:cb:83:26:6c:00:ca:
ef:82:09:4f:04:56:76:b5:a3:b7:6f:25:14:6a:fc:35:fb:b6:
f2:25:6c:57:08:97:8c:a9:b6:d0:62:f3:14:15:2b:c2:1d:ca:
b8:b7:1b:ce:90:fb:74:b1:81:e4:d4:a4:a0:36:fe:d5:a3:09:
83:90:4e:b7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsrwuUKwuAZ/TVnJFUSw9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2QxYWZjZjEzYmQyMTE3ZDQ3ZGY2ODNlNDBhNjMyODcw
MDRjZmUwHhcNMjMwMTAxMDkzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTllMmYzYzljZGM2OGNlMmJkN2UyMDI5YjJjZGRlNDVjMzk3NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA201eFTaMiyW1BkW34UAgHnOOmW6N
UiJo/CFImOpdgRZOqOLTJZYc9IWkp9P3L35fr+OfUA9l7IQiMm3bSmDu/woY6JPY
c1EYY40osdTqRWBQ/GI9lAMIRTQeXWryCpV2UR+3vqOvJn5D5WLmpUVg6kOtsoST
8eZjL6jdKslmSYUJCBYMqv0kVg0zcuTXu4AhCZ8zhHdNkgsKBV94fTU2izorxW6e
uRqvsIIRSSBkTyFskDWD5ErNK0YdTiTAylyBymrZb0DIYQ7RMP0xP9PdY9YiXvLZ
UJ4GM58nprYtSS+Rh1y9gW+4J1byaUwrO3ZO/ILGf2j0cZxsKoHHb5IuXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDGeLzyc3GjOK9fiApss3eRcOXbqMB8GA1UdIwQY
MBaAFIQ9GvzxO9IRfUffaD5ApjKHAEz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEt
YjFmM2JjYzY3YWFlLzEvTVo0dlBKemNhTTRyMS1JQ215emQ1Rnc1ZHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEtYjFmM2JjYzY3YWFl
LzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtjlUD
BAMtjlAwDQYJKoZIhvcNAQELBQADggEBAN26xAX3QDY30IvpnDOPThIx17//Ry/4
TG52xKrz66RwtWMAWnM0rBqk/Tr9zZFmBI2OJzUEUyi0xK3YzQVdYNjF1FnDexkq
r+HTu2tucgZ+pWgn7X9zsXVRWTQkGAanyu+cWjoBVRNZlEMOVeQLne+OC8YIrXQ/
XB0Cp/2vGiDD2pzDaRqBJYE7aGY37O/JROhR1wWMyI0qJdI1EkhiYC4x4urqkwR6
i80wq0319hCeNwktUIXLpAyQCkRjuUhjm8uDJmwAyu+CCU8EVna1o7dvJRRq/DX7
tvIlbFcIl4ypttBi8xQVK8Idyri3G86Q+3SxgeTUpKA2/tWjCYOQTrc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:43 2025 by rpki-client