Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/mlh9iQ2VWADVIW6gDN8_AEzoEkw.roa
File: mlh9iQ2VWADVIW6gDN8_AEzoEkw.roa (raw, json)
Hash identifier: 5XMtKPU9lOaWRizwe7/o6QoUmRhoWs75uik8NOfEJsI=
Subject key identifier: 9A:58:7D:89:0D:95:58:00:D5:21:6E:A0:0C:DF:3F:00:4C:E8:12:4C
Certificate issuer: /CN=17972d43835cd6a66e54e5a5856ce57de282d43a
Certificate serial: 03539B
Authority key identifier: 17:97:2D:43:83:5C:D6:A6:6E:54:E5:A5:85:6C:E5:7D:E2:82:D4:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5ctQ4Nc1qZuVOWlhWzlfeKC1Do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/mlh9iQ2VWADVIW6gDN8_AEzoEkw.roa
Signing time: Wed 20 Apr 2022 13:57:14 +0000
ROA not before: Wed 20 Apr 2022 13:57:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205614
IP address blocks: 2001:67c:814::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218011 (0x3539b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17972d43835cd6a66e54e5a5856ce57de282d43a
Validity
Not Before: Apr 20 13:57:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a587d890d955800d5216ea00cdf3f004ce8124c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9c:1e:5b:3e:7e:24:06:dc:11:7b:30:49:50:
10:8b:0b:7c:b1:4a:d6:b4:b3:6f:7e:88:99:c6:1f:
0e:d4:c0:76:a9:74:6c:46:1e:a0:bd:a6:35:1a:f8:
a2:e9:5d:9a:ff:37:aa:5b:65:59:a8:bc:b9:10:ec:
7f:57:88:06:24:10:b6:16:23:3e:d6:2f:58:0f:5e:
e3:3c:69:8e:b0:ec:d4:cc:c3:d5:19:2f:67:76:db:
5c:12:5f:2b:9c:df:9c:bf:d0:68:f1:49:13:66:03:
e2:f7:fe:59:2a:38:93:2f:1e:5a:0d:fd:e5:9d:bd:
92:e8:c2:93:d9:15:02:91:fc:e8:45:88:4a:f2:84:
f7:0b:f3:71:c5:ac:30:f3:49:9a:eb:c6:a0:ae:65:
48:ae:95:46:4a:4b:77:82:69:4d:2a:57:ff:7f:a8:
a4:5b:dd:2e:b5:f3:92:84:3f:a0:21:fb:1d:80:91:
22:89:63:dd:2a:f9:54:d1:fc:2c:3b:aa:71:83:4f:
a6:98:e4:53:b6:2a:8e:7d:fd:50:ef:02:8e:01:be:
b0:7a:5e:1d:8e:59:12:02:e7:cd:d6:21:c7:2b:ec:
fb:21:e9:58:dc:19:e8:ea:0a:af:89:7a:0e:0e:79:
d2:27:98:22:2a:c2:50:87:64:df:81:c2:95:fc:97:
0c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:58:7D:89:0D:95:58:00:D5:21:6E:A0:0C:DF:3F:00:4C:E8:12:4C
X509v3 Authority Key Identifier:
keyid:17:97:2D:43:83:5C:D6:A6:6E:54:E5:A5:85:6C:E5:7D:E2:82:D4:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5ctQ4Nc1qZuVOWlhWzlfeKC1Do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/mlh9iQ2VWADVIW6gDN8_AEzoEkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/F5ctQ4Nc1qZuVOWlhWzlfeKC1Do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:814::/48
Signature Algorithm: sha256WithRSAEncryption
47:78:4d:93:a3:44:13:80:9d:3d:d1:21:05:41:11:0f:aa:62:
a8:3f:cc:93:60:23:ee:7c:dd:3c:0c:e3:22:1d:8b:cf:99:5a:
72:d7:52:f1:79:f1:d0:c2:eb:6c:7d:3d:3a:15:d1:dc:b3:9f:
bc:c7:83:45:e2:fd:e5:3e:6f:56:08:41:2d:4f:5f:29:fd:00:
be:e8:f7:9d:f4:63:84:63:f5:47:62:c6:61:b9:bc:51:7e:34:
b5:83:95:f2:3d:e7:c7:38:8f:27:d7:c6:84:f3:5a:87:47:e2:
06:48:6b:c0:af:1b:87:d7:f0:fd:1f:3b:1e:ec:b1:57:80:5e:
05:4b:35:52:fc:f2:60:88:c6:ca:69:2e:37:69:3e:3e:8b:cb:
46:37:d0:46:b5:59:fb:22:d8:1f:bf:d3:17:83:3b:98:8c:b9:
da:4a:59:c1:63:52:42:ff:54:ae:d7:39:c1:fc:34:e9:ee:b8:
57:a2:c7:15:05:37:74:31:a5:72:e0:bb:c7:06:e3:82:92:3d:
5d:61:d8:a8:ea:1c:7b:13:53:e9:f7:bb:7f:9a:ba:a6:ea:6c:
b0:6b:d6:55:9b:2e:ac:06:e6:7c:3b:d8:fe:80:b8:e1:23:d3:
14:39:4a:c4:32:6c:d3:c3:29:01:94:0c:22:d8:a1:95:38:d0:
1c:94:83:7a
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDA1ObMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE3
OTcyZDQzODM1Y2Q2YTY2ZTU0ZTVhNTg1NmNlNTdkZTI4MmQ0M2EwHhcNMjIwNDIw
MTM1NzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YTU4N2Q4OTBkOTU1
ODAwZDUyMTZlYTAwY2RmM2YwMDRjZTgxMjRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAv5weWz5+JAbcEXswSVAQiwt8sUrWtLNvfoiZxh8O1MB2qXRs
Rh6gvaY1Gvii6V2a/zeqW2VZqLy5EOx/V4gGJBC2FiM+1i9YD17jPGmOsOzUzMPV
GS9ndttcEl8rnN+cv9Bo8UkTZgPi9/5ZKjiTLx5aDf3lnb2S6MKT2RUCkfzoRYhK
8oT3C/Nxxaww80ma68agrmVIrpVGSkt3gmlNKlf/f6ikW90utfOShD+gIfsdgJEi
iWPdKvlU0fwsO6pxg0+mmORTtiqOff1Q7wKOAb6wel4djlkSAufN1iHHK+z7IelY
3Bno6gqviXoODnnSJ5giKsJQh2TfgcKV/JcMeQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFJpYfYkNlVgA1SFuoAzfPwBM6BJMMB8GA1UdIwQYMBaAFBeXLUODXNamblTl
pYVs5X3igtQ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RjVjdFE0TmMxcVp1Vk9XbGhXemxmZUtDMURvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82NS9lOTkyYzQtZmVhNi00ZTllLWEyOWItOTA5NWVjYzg3ODc4LzEv
bWxoOWlRMlZXQURWSVc2Z0ROOF9BRXpvRWt3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9l
OTkyYzQtZmVhNi00ZTllLWEyOWItOTA5NWVjYzg3ODc4LzEvRjVjdFE0TmMxcVp1
Vk9XbGhXemxmZUtDMURvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgUMA0GCSqGSIb3DQEBCwUA
A4IBAQBHeE2To0QTgJ090SEFQREPqmKoP8yTYCPufN08DOMiHYvPmVpy11LxefHQ
wutsfT06FdHcs5+8x4NF4v3lPm9WCEEtT18p/QC+6Ped9GOEY/VHYsZhubxRfjS1
g5XyPefHOI8n18aE81qHR+IGSGvArxuH1/D9Hzse7LFXgF4FSzVS/PJgiMbKaS43
aT4+i8tGN9BGtVn7Itgfv9MXgzuYjLnaSlnBY1JC/1Su1znB/DTp7rhXoscVBTd0
MaVy4LvHBuOCkj1dYdio6hx7E1Pp97t/mrqm6mywa9ZVmy6sBuZ8O9j+gLjhI9MU
OUrEMmzTwykBlAwi2KGVONAclIN6
-----END CERTIFICATE-----
Generated at Thu Apr 24 01:03:37 2025 by rpki-client