Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MSyYrK1ULU3FxbmyDmBwGZWECdM.roa
File: MSyYrK1ULU3FxbmyDmBwGZWECdM.roa (raw, json)
Hash identifier: CHuXs0khGwjxREPe3fOmyQqhBuDKBAILaEwBKoB/1uU=
Subject key identifier: 31:2C:98:AC:AD:54:2D:4D:C5:C5:B9:B2:0E:60:70:19:95:84:09:D3
Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Certificate serial: 01841D8606736B34ABBA57319BC27215DB5C
Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MSyYrK1ULU3FxbmyDmBwGZWECdM.roa
Signing time: Fri 28 Oct 2022 07:37:13 +0000
ROA not before: Fri 28 Oct 2022 07:37:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208354
IP address blocks: 2a0c:8500::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:86:06:73:6b:34:ab:ba:57:31:9b:c2:72:15:db:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Validity
Not Before: Oct 28 07:37:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=312c98acad542d4dc5c5b9b20e607019958409d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:95:9c:74:3e:f7:8c:0f:4a:09:f5:9b:e4:97:
87:96:59:7c:16:9f:ea:b2:3f:84:23:01:e1:72:6e:
7b:e9:6f:9e:83:59:24:d9:8d:e6:9f:2b:c9:b0:3f:
ca:85:75:24:ae:0a:d9:4a:6a:da:46:fb:9e:44:9a:
69:2d:01:d7:45:21:a6:68:00:d3:04:b9:2b:20:0d:
91:bf:4b:50:1c:4c:2e:a8:5b:fc:3c:ad:93:d7:53:
00:e5:c8:75:be:fc:05:89:eb:ae:67:3e:24:01:53:
22:ff:71:c8:eb:f0:a1:f7:c5:e7:89:b0:94:d2:27:
b2:6f:05:b3:20:63:bc:9d:87:2f:46:e9:7d:b8:01:
b2:e8:3d:85:18:a9:c3:4f:6c:93:e4:dd:76:46:9b:
9d:81:4f:6d:3a:d2:f3:64:e8:a4:b4:0f:4f:6e:0d:
14:d3:00:2a:6d:2d:75:22:40:f4:81:29:2b:a2:eb:
98:e5:58:30:af:fc:73:76:d0:f1:97:da:f8:38:b6:
fb:0c:39:14:c8:e5:3c:7a:ee:77:e3:dc:91:ef:e8:
70:d9:83:fd:08:ad:07:7c:2d:9a:37:71:e8:8f:4a:
8d:dc:74:b7:1f:3d:bf:18:8f:91:bf:f2:ac:9c:82:
3c:c6:b5:19:cc:13:e4:83:86:2a:60:52:84:5d:c8:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2C:98:AC:AD:54:2D:4D:C5:C5:B9:B2:0E:60:70:19:95:84:09:D3
X509v3 Authority Key Identifier:
keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MSyYrK1ULU3FxbmyDmBwGZWECdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:8500::/29
Signature Algorithm: sha256WithRSAEncryption
7a:c1:37:bd:5f:4f:24:56:73:d8:c3:05:86:d0:91:8b:cd:ef:
a3:1c:32:48:b0:58:34:60:f2:5e:88:78:0a:18:24:5d:1e:1c:
8e:f7:02:29:f9:13:9f:1e:bd:f5:3b:e4:54:36:95:d2:bb:26:
6b:de:58:23:ea:28:bc:59:53:fd:4f:7c:95:23:90:fc:bd:f9:
d3:2a:60:17:ba:8a:19:4b:fc:9b:30:4a:0f:74:65:b3:8f:44:
1a:dd:bd:40:72:c1:26:a2:f6:02:0e:7d:28:e4:3b:6b:17:56:
97:69:6e:6e:c2:b8:60:fd:5e:86:9e:23:31:af:c8:6c:3a:fa:
9e:59:b8:d0:89:c1:da:5e:53:77:b4:86:0e:7a:75:79:35:86:
e4:ad:95:b4:4b:08:e9:05:52:11:c1:67:40:93:af:02:f6:91:
86:51:af:f8:41:9c:c3:04:bb:e3:87:4a:d7:67:56:e6:ad:e6:
3e:dd:c4:fc:56:d2:35:09:65:8a:0b:ce:01:d7:ff:46:58:76:
7b:85:6b:32:10:2f:d7:25:70:82:42:e9:8a:cc:32:9c:14:21:
84:56:01:b9:22:f3:b9:be:30:5b:83:5f:38:a0:b4:fa:20:3f:
78:47:3f:16:56:32:aa:1b:f3:17:84:0f:b3:9f:7d:e8:34:de:
21:81:3e:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQdhgZzazSrulcxm8JyFdtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl
NzZkZjEwHhcNMjIxMDI4MDczNzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJjOThhY2FkNTQyZDRkYzVjNWI5YjIwZTYwNzAxOTk1ODQwOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5WcdD73jA9KCfWb5JeHlll8Fp/q
sj+EIwHhcm576W+eg1kk2Y3mnyvJsD/KhXUkrgrZSmraRvueRJppLQHXRSGmaADT
BLkrIA2Rv0tQHEwuqFv8PK2T11MA5ch1vvwFieuuZz4kAVMi/3HI6/Ch98XnibCU
0ieybwWzIGO8nYcvRul9uAGy6D2FGKnDT2yT5N12RpudgU9tOtLzZOiktA9Pbg0U
0wAqbS11IkD0gSkrouuY5Vgwr/xzdtDxl9r4OLb7DDkUyOU8eu5349yR7+hw2YP9
CK0HfC2aN3Hoj0qN3HS3Hz2/GI+Rv/KsnII8xrUZzBPkg4YqYFKEXch3kQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDEsmKytVC1NxcW5sg5gcBmVhAnTMB8GA1UdIwQY
MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt
N2NmZWFmMDg2ZTE0LzEvTVN5WXJLMVVMVTNGeGJteURtQndHWldFQ2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0
LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgyFADAN
BgkqhkiG9w0BAQsFAAOCAQEAesE3vV9PJFZz2MMFhtCRi83voxwySLBYNGDyXoh4
ChgkXR4cjvcCKfkTnx699TvkVDaV0rsma95YI+oovFlT/U98lSOQ/L350ypgF7qK
GUv8mzBKD3Rls49EGt29QHLBJqL2Ag59KOQ7axdWl2lubsK4YP1ehp4jMa/IbDr6
nlm40InB2l5Td7SGDnp1eTWG5K2VtEsI6QVSEcFnQJOvAvaRhlGv+EGcwwS744dK
12dW5q3mPt3E/FbSNQlligvOAdf/Rlh2e4VrMhAv1yVwgkLpiswynBQhhFYBuSLz
ub4wW4NfOKC0+iA/eEc/FlYyqhvzF4QPs5996DTeIYE+3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:26 2024 by rpki-client on console-ams.rpki-client.org