Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/MhfMzG_ntJmha_QCRj08AO2RPqg.roa
File: MhfMzG_ntJmha_QCRj08AO2RPqg.roa (raw, json)
Hash identifier: +ahhj2cLQqjfJwioXgpFE+b4q3l9wDofp5x7efDM9pc=
Subject key identifier: 32:17:CC:CC:6F:E7:B4:99:A1:6B:F4:02:46:3D:3C:00:ED:91:3E:A8
Certificate issuer: /CN=d4b39fc8a53be1dc674b6da755e86110952174e4
Certificate serial: 075C5CF1
Authority key identifier: D4:B3:9F:C8:A5:3B:E1:DC:67:4B:6D:A7:55:E8:61:10:95:21:74:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LOfyKU74dxnS22nVehhEJUhdOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/MhfMzG_ntJmha_QCRj08AO2RPqg.roa
Signing time: Sat 01 Jan 2022 12:07:06 +0000
ROA not before: Sat 01 Jan 2022 12:07:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64457
IP address blocks: 2a0f:a302:500::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123493617 (0x75c5cf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b39fc8a53be1dc674b6da755e86110952174e4
Validity
Not Before: Jan 1 12:07:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3217cccc6fe7b499a16bf402463d3c00ed913ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:8e:7c:10:54:3f:ce:09:d0:87:bc:dc:91:
ac:d0:fa:08:6e:51:20:97:58:a3:29:95:c4:6d:d7:
14:7d:5c:5a:14:03:ed:29:79:88:e2:af:90:37:e6:
44:67:65:fd:6e:1c:9c:d7:43:51:4b:e9:68:07:76:
99:a8:f9:88:e8:34:ee:b1:64:7c:c0:e1:82:0a:ab:
f6:09:cf:28:c0:a7:6a:1f:04:23:b2:9d:49:d0:e5:
cc:ee:97:10:cb:5c:b8:ef:a1:44:bf:7a:ab:67:0d:
7c:54:b5:39:21:34:cb:62:43:65:31:8b:95:69:48:
a5:f9:52:ad:ec:94:af:f5:2c:e2:2c:91:d1:ce:0c:
6b:c4:39:57:89:95:bc:a7:d6:71:1b:4e:2f:34:23:
6e:d5:fc:c0:05:08:1f:bf:f3:63:8a:e6:07:bf:9c:
ec:8d:be:ac:0c:c1:d4:4d:46:f6:de:76:07:9e:85:
92:be:b6:de:ee:1b:7b:12:67:99:84:4a:6b:56:87:
12:e9:9f:cc:c5:0a:67:0f:ea:53:3e:04:53:d3:60:
fb:17:b3:d2:40:38:80:0a:99:9c:dd:bd:49:09:d9:
b4:33:cd:98:67:e3:63:af:3b:f0:dd:9a:79:4e:60:
62:02:3e:89:85:61:8f:74:ab:88:9a:8e:44:2d:25:
31:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:17:CC:CC:6F:E7:B4:99:A1:6B:F4:02:46:3D:3C:00:ED:91:3E:A8
X509v3 Authority Key Identifier:
keyid:D4:B3:9F:C8:A5:3B:E1:DC:67:4B:6D:A7:55:E8:61:10:95:21:74:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LOfyKU74dxnS22nVehhEJUhdOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/MhfMzG_ntJmha_QCRj08AO2RPqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/1LOfyKU74dxnS22nVehhEJUhdOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a302:500::/40
Signature Algorithm: sha256WithRSAEncryption
ae:b4:ba:c2:1a:9c:cf:3d:91:de:37:1a:c4:7b:7a:b1:8c:3b:
7b:c0:28:93:02:a7:bc:e6:78:a2:3e:68:2a:c9:af:52:ae:21:
53:3a:4c:5b:75:0b:e8:cf:f4:39:cf:f6:b0:15:3d:b3:8e:54:
54:5c:95:5e:e6:0c:51:c8:9c:21:d0:2f:6d:da:26:e6:37:9d:
3b:c8:5c:0c:78:d9:0f:a8:19:c4:42:52:7d:c2:53:a3:ae:66:
33:be:2d:3e:1d:a5:a9:11:bd:7d:ae:a4:05:7d:ec:62:41:10:
8c:39:9e:1f:35:2b:2b:d2:88:53:5e:c8:04:c8:f2:03:e4:44:
7b:fe:45:14:66:3f:19:71:45:2e:ce:f8:76:f2:e0:bf:7b:82:
a0:86:bd:ba:f5:bc:d3:14:08:d8:d5:b9:95:65:d4:4f:84:62:
43:f0:20:0b:e6:7a:26:5d:8c:7e:dc:08:d4:bd:81:24:61:9e:
e0:17:e5:db:0e:02:63:5a:52:27:ec:7d:e2:b6:c3:cc:1f:3c:
18:6d:14:54:ce:50:41:33:ac:42:c8:5c:44:9c:eb:03:46:fa:
d1:d1:b0:4b:16:0d:e6:f7:94:cc:03:8f:9d:e7:3d:25:13:6e:
19:14:43:17:53:4c:cf:94:fc:10:d4:85:f8:57:e1:8b:ef:a5:
14:ca:0f:40
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB1xc8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGIzOWZjOGE1M2JlMWRjNjc0YjZkYTc1NWU4NjExMDk1MjE3NGU0MB4XDTIyMDEw
MTEyMDcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIxN2NjY2M2ZmU3
YjQ5OWExNmJmNDAyNDYzZDNjMDBlZDkxM2VhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMezjnwQVD/OCdCHvNyRrND6CG5RIJdYoymVxG3XFH1cWhQD
7Sl5iOKvkDfmRGdl/W4cnNdDUUvpaAd2maj5iOg07rFkfMDhggqr9gnPKMCnah8E
I7KdSdDlzO6XEMtcuO+hRL96q2cNfFS1OSE0y2JDZTGLlWlIpflSreyUr/Us4iyR
0c4Ma8Q5V4mVvKfWcRtOLzQjbtX8wAUIH7/zY4rmB7+c7I2+rAzB1E1G9t52B56F
kr623u4bexJnmYRKa1aHEumfzMUKZw/qUz4EU9Ng+xez0kA4gAqZnN29SQnZtDPN
mGfjY6878N2aeU5gYgI+iYVhj3SriJqORC0lMR8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQyF8zMb+e0maFr9AJGPTwA7ZE+qDAfBgNVHSMEGDAWgBTUs5/IpTvh3GdL
badV6GEQlSF05DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFMT2Z5S1U3NGR4blMyMm5WZWhoRUpVaGRPUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNmJiZjU1LTRkODctNGU0Mi1iYTVlLWUyZjkzNTMzZDZlNC8x
L01oZk16R19udEptaGFfUUNSajA4QU8yUlBxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NmJiZjU1LTRkODctNGU0Mi1iYTVlLWUyZjkzNTMzZDZlNC8xLzFMT2Z5S1U3NGR4
blMyMm5WZWhoRUpVaGRPUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoPowIFMA0GCSqGSIb3DQEBCwUA
A4IBAQCutLrCGpzPPZHeNxrEe3qxjDt7wCiTAqe85niiPmgqya9SriFTOkxbdQvo
z/Q5z/awFT2zjlRUXJVe5gxRyJwh0C9t2ibmN507yFwMeNkPqBnEQlJ9wlOjrmYz
vi0+HaWpEb19rqQFfexiQRCMOZ4fNSsr0ohTXsgEyPID5ER7/kUUZj8ZcUUuzvh2
8uC/e4Kghr269bzTFAjY1bmVZdRPhGJD8CAL5nomXYx+3AjUvYEkYZ7gF+XbDgJj
WlIn7H3itsPMHzwYbRRUzlBBM6xCyFxEnOsDRvrR0bBLFg3m95TMA4+d5z0lE24Z
FEMXU0zPlPwQ1IX4V+GL76UUyg9A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:50 2023 by rpki-client on console-fra.rpki-client.org