Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/mM4gBX6sP9onaVvqAuBvjVYK2JM.roa
File: mM4gBX6sP9onaVvqAuBvjVYK2JM.roa (raw, json)
Hash identifier: ON4NZmyHBYdqMwmLwK5wLcYPqANqLi/Z9ildgllO1Dw=
Subject key identifier: 98:CE:20:05:7E:AC:3F:DA:27:69:5B:EA:02:E0:6F:8D:56:0A:D8:93
Certificate issuer: /CN=62af1d7f36b1865802535e49a7331e035ad01008
Certificate serial: 0184CDE3AB5A99E896002F521A270C7F071D
Authority key identifier: 62:AF:1D:7F:36:B1:86:58:02:53:5E:49:A7:33:1E:03:5A:D0:10:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yq8dfzaxhlgCU15JpzMeA1rQEAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/mM4gBX6sP9onaVvqAuBvjVYK2JM.roa
Signing time: Thu 01 Dec 2022 13:32:40 +0000
ROA not before: Thu 01 Dec 2022 13:32:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47305
IP address blocks: 195.182.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:e3:ab:5a:99:e8:96:00:2f:52:1a:27:0c:7f:07:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62af1d7f36b1865802535e49a7331e035ad01008
Validity
Not Before: Dec 1 13:32:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98ce20057eac3fda27695bea02e06f8d560ad893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f8:62:91:ff:5b:a1:d0:14:02:b9:11:d3:c5:
f1:e0:bb:44:46:ad:23:c8:40:21:49:16:8c:d7:d5:
0b:c2:d5:79:91:06:4d:1b:ea:bc:a2:cd:64:65:bf:
88:44:86:b3:5a:af:21:9e:59:2a:7f:bf:4d:d2:78:
28:ed:8d:8c:47:06:29:6d:0e:66:8d:71:ed:de:9f:
61:fe:40:54:70:e6:a3:12:c4:59:f4:27:d4:ca:f4:
05:e4:16:c1:15:ce:72:05:5c:b2:89:0e:10:55:b7:
70:83:ff:df:91:14:cd:91:70:54:10:ba:a6:55:bd:
ee:f1:54:90:ad:52:06:ea:90:b6:c0:9d:fc:9f:51:
a0:c5:a2:fb:0d:26:50:aa:6e:d1:53:e5:b3:a2:25:
c7:63:af:b4:b1:14:9e:04:1a:0f:42:05:3f:c2:52:
23:38:e9:66:81:04:5c:41:85:14:aa:29:e4:5d:a1:
b1:65:80:d7:21:dc:64:1d:e2:8e:3e:df:d1:4e:35:
36:bc:27:2b:ef:67:eb:a9:7c:4f:ed:0f:be:4c:f3:
5a:84:25:35:05:6f:8f:e8:b6:ee:a9:3a:d8:ed:bf:
c2:d4:0e:bd:cb:00:9f:3a:05:0f:23:7d:f9:7b:25:
db:b0:a5:6c:e6:9d:92:c7:a3:1a:ff:d1:30:49:7f:
f1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CE:20:05:7E:AC:3F:DA:27:69:5B:EA:02:E0:6F:8D:56:0A:D8:93
X509v3 Authority Key Identifier:
keyid:62:AF:1D:7F:36:B1:86:58:02:53:5E:49:A7:33:1E:03:5A:D0:10:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yq8dfzaxhlgCU15JpzMeA1rQEAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/mM4gBX6sP9onaVvqAuBvjVYK2JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/Yq8dfzaxhlgCU15JpzMeA1rQEAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.40.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:0e:70:06:e6:07:64:57:81:9b:c3:d6:4f:6b:56:f5:14:e8:
24:85:f7:cf:b8:af:5a:0c:c6:41:b3:27:61:1b:64:06:42:9b:
8f:cf:5c:18:0c:9b:e7:b3:3b:03:24:07:de:64:1a:aa:c2:39:
36:b9:82:ff:fc:7d:d8:7e:de:29:03:11:3c:95:19:52:fc:70:
38:27:08:ed:b3:95:6a:f0:d6:0c:01:5a:22:7e:ff:e8:eb:22:
6d:72:b7:46:56:37:72:5d:09:bb:47:17:44:4e:49:3e:7b:85:
6c:74:78:6c:7d:e3:1e:12:56:50:37:2e:64:15:21:15:4d:cd:
d1:f1:f4:68:b6:0d:d8:38:c8:39:d2:d6:02:e6:55:a1:e7:61:
b7:e9:6c:60:2c:cb:89:0d:53:c9:84:8b:17:e0:04:72:8c:1e:
a9:4e:21:68:c1:48:0d:b8:ef:c4:d8:47:af:b3:48:09:85:bd:
7d:c2:42:23:df:cd:b9:10:7a:e0:29:76:b0:5b:21:d0:23:0d:
e9:7f:05:dd:96:c4:25:6b:22:da:68:90:e3:c8:8c:9b:b4:09:
12:ab:8f:be:ae:fd:81:af:c3:b4:8f:e8:fa:54:e9:32:37:95:
34:65:aa:90:8e:ca:82:76:17:e5:2b:07:75:08:39:5f:04:f8:
f3:54:f5:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTN46tameiWAC9SGicMfwcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYWYxZDdmMzZiMTg2NTgwMjUzNWU0OWE3MzMxZTAzNWFk
MDEwMDgwHhcNMjIxMjAxMTMzMjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGNlMjAwNTdlYWMzZmRhMjc2OTViZWEwMmUwNmY4ZDU2MGFkODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovhikf9bodAUArkR08Xx4LtERq0j
yEAhSRaM19ULwtV5kQZNG+q8os1kZb+IRIazWq8hnlkqf79N0ngo7Y2MRwYpbQ5m
jXHt3p9h/kBUcOajEsRZ9CfUyvQF5BbBFc5yBVyyiQ4QVbdwg//fkRTNkXBUELqm
Vb3u8VSQrVIG6pC2wJ38n1GgxaL7DSZQqm7RU+WzoiXHY6+0sRSeBBoPQgU/wlIj
OOlmgQRcQYUUqinkXaGxZYDXIdxkHeKOPt/RTjU2vCcr72frqXxP7Q++TPNahCU1
BW+P6LbuqTrY7b/C1A69ywCfOgUPI335eyXbsKVs5p2Sx6Ma/9EwSX/xKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjOIAV+rD/aJ2lb6gLgb41WCtiTMB8GA1UdIwQY
MBaAFGKvHX82sYZYAlNeSaczHgNa0BAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXE4ZGZ6YXhobGdDVTE1SnB6TWVBMXJRRUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9lZDk2YzUtZDYzMy00MDJmLThlMDAt
MmIxZDY3NDU5NWI3LzEvbU00Z0JYNnNQOW9uYVZ2cUF1QnZqVllLMkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9lZDk2YzUtZDYzMy00MDJmLThlMDAtMmIxZDY3NDU5NWI3
LzEvWXE4ZGZ6YXhobGdDVTE1SnB6TWVBMXJRRUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7YoMA0G
CSqGSIb3DQEBCwUAA4IBAQBNDnAG5gdkV4Gbw9ZPa1b1FOgkhffPuK9aDMZBsydh
G2QGQpuPz1wYDJvnszsDJAfeZBqqwjk2uYL//H3Yft4pAxE8lRlS/HA4Jwjts5Vq
8NYMAVoifv/o6yJtcrdGVjdyXQm7RxdETkk+e4VsdHhsfeMeElZQNy5kFSEVTc3R
8fRotg3YOMg50tYC5lWh52G36WxgLMuJDVPJhIsX4ARyjB6pTiFowUgNuO/E2Eev
s0gJhb19wkIj3825EHrgKXawWyHQIw3pfwXdlsQlayLaaJDjyIybtAkSq4++rv2B
r8O0j+j6VOkyN5U0ZaqQjsqCdhflKwd1CDlfBPjzVPVz
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:10 2025 by rpki-client