Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/MVDGbw6u4GmDGyu77yBrK8LrEq8.roa
File: MVDGbw6u4GmDGyu77yBrK8LrEq8.roa (raw, json)
Hash identifier: Ml+fCEEF+XxewyZKjZYjyYHQFnJkUS2cIUHuvUfOfD8=
Subject key identifier: 31:50:C6:6F:0E:AE:E0:69:83:1B:2B:BB:EF:20:6B:2B:C2:EB:12:AF
Certificate issuer: /CN=f261df44b346823cce8c6643b5fa6919afb23195
Certificate serial: 018C59103FFFE7BBF4105C65B8E402A18534
Authority key identifier: F2:61:DF:44:B3:46:82:3C:CE:8C:66:43:B5:FA:69:19:AF:B2:31:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/MVDGbw6u4GmDGyu77yBrK8LrEq8.roa
Signing time: Mon 11 Dec 2023 13:28:06 +0000
ROA not before: Mon 11 Dec 2023 13:28:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208337
IP address blocks: 45.143.181.0/24 maxlen: 24
45.143.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:10:3f:ff:e7:bb:f4:10:5c:65:b8:e4:02:a1:85:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f261df44b346823cce8c6643b5fa6919afb23195
Validity
Not Before: Dec 11 13:28:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3150c66f0eaee069831b2bbbef206b2bc2eb12af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:3f:9b:12:78:88:8c:b0:da:6f:43:28:43:
78:42:ba:99:59:3c:a1:b4:69:31:65:f8:f2:b6:90:
f3:26:9f:fa:90:d1:e7:d9:0c:e9:e1:cd:14:9f:c5:
e2:f7:8c:77:37:7c:85:51:af:5b:c6:db:b2:60:49:
b6:95:ae:a4:97:26:7e:d8:23:6e:87:9d:55:52:8d:
f9:62:4b:6f:9e:f1:ee:44:bb:76:72:7f:3b:af:86:
87:96:db:cc:82:f2:a1:5a:87:c1:5e:4f:a3:fd:c0:
26:b9:d1:02:bd:97:67:01:6f:73:c8:0d:bb:a6:b2:
5e:af:c3:2b:6e:1e:04:1f:7b:5b:fd:f0:09:b4:7a:
fb:15:86:a3:a5:8b:7a:cc:79:79:aa:e1:97:20:ce:
91:50:e1:77:27:92:70:e0:76:42:40:e2:7a:57:e4:
54:86:e1:b9:19:90:b4:fb:57:04:7e:f4:12:f7:38:
25:ce:14:cb:8a:05:93:70:70:db:a4:05:66:3b:cf:
3a:62:55:7f:70:3b:d3:de:17:87:aa:95:92:52:07:
60:e2:cb:d2:ad:e4:9d:cb:d5:21:23:75:f6:08:ef:
d2:81:b8:a6:5c:86:39:79:be:ac:55:d0:bc:ff:65:
55:3e:eb:58:77:dc:57:b9:78:2e:66:68:0a:89:c3:
b7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:50:C6:6F:0E:AE:E0:69:83:1B:2B:BB:EF:20:6B:2B:C2:EB:12:AF
X509v3 Authority Key Identifier:
keyid:F2:61:DF:44:B3:46:82:3C:CE:8C:66:43:B5:FA:69:19:AF:B2:31:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/MVDGbw6u4GmDGyu77yBrK8LrEq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/8mHfRLNGgjzOjGZDtfppGa-yMZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.181.0-45.143.182.255
Signature Algorithm: sha256WithRSAEncryption
d7:a8:2d:fd:21:1e:86:43:fd:37:70:f6:60:a1:31:6d:2a:ac:
ba:35:cb:21:b0:82:64:a9:b3:63:9c:88:97:12:23:0e:41:0e:
c8:b0:c0:56:00:1a:6a:5b:31:3d:15:40:f3:cf:74:b7:06:3f:
f1:70:cd:de:46:4d:e9:1e:1e:01:92:66:03:ca:e3:d2:a9:48:
d7:8a:1b:e4:a6:bc:72:f2:5f:3d:3c:f9:f4:cf:f5:78:6b:c5:
69:7f:76:1c:e4:9f:76:81:80:e6:1f:12:33:04:e4:1c:95:bb:
70:67:e8:c2:96:9c:f4:c8:f9:ed:3e:d4:de:3c:3e:c4:0c:97:
cf:42:7e:a9:1d:f0:ad:49:43:9e:8e:cf:96:5a:83:7a:b8:e7:
3a:d1:7d:4f:c1:14:1f:5f:6b:44:c9:c4:64:1c:ab:55:b4:fc:
04:af:bc:68:47:d0:24:20:03:0e:80:d3:d2:ed:c1:09:0d:0e:
fd:a7:12:73:f6:b3:c5:32:8a:9d:29:02:e3:fc:e2:34:6c:22:
e8:11:bc:2e:b8:c7:ac:a4:37:bd:cb:77:bc:51:76:b3:54:ac:
fa:4b:58:20:0a:2f:f2:ba:18:b7:13:3a:b5:97:7f:ef:26:2f:
cc:33:72:60:b8:b6:25:14:9f:2b:15:04:ff:f2:e4:01:85:ef:
a7:5f:fe:82
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYxZED//57v0EFxluOQCoYU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjFkZjQ0YjM0NjgyM2NjZThjNjY0M2I1ZmE2OTE5YWZi
MjMxOTUwHhcNMjMxMjExMTMyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTUwYzY2ZjBlYWVlMDY5ODMxYjJiYmJlZjIwNmIyYmMyZWIxMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+8/mxJ4iIyw2m9DKEN4QrqZWTyh
tGkxZfjytpDzJp/6kNHn2Qzp4c0Un8Xi94x3N3yFUa9bxtuyYEm2la6klyZ+2CNu
h51VUo35YktvnvHuRLt2cn87r4aHltvMgvKhWofBXk+j/cAmudECvZdnAW9zyA27
prJer8Mrbh4EH3tb/fAJtHr7FYajpYt6zHl5quGXIM6RUOF3J5Jw4HZCQOJ6V+RU
huG5GZC0+1cEfvQS9zglzhTLigWTcHDbpAVmO886YlV/cDvT3heHqpWSUgdg4svS
reSdy9UhI3X2CO/SgbimXIY5eb6sVdC8/2VVPutYd9xXuXguZmgKicO3MQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDFQxm8OruBpgxsru+8gayvC6xKvMB8GA1UdIwQY
MBaAFPJh30SzRoI8zoxmQ7X6aRmvsjGVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1IZlJMTkdnanpPakdaRHRmcHBHYS15TVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8zY2I5ZDItNzBmZi00NmQ2LTljNzMt
NTc1ODYxNTYzNTRlLzEvTVZER2J3NnU0R21ER3l1Nzd5QnJLOExyRXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8zY2I5ZDItNzBmZi00NmQ2LTljNzMtNTc1ODYxNTYzNTRl
LzEvOG1IZlJMTkdnanpPakdaRHRmcHBHYS15TVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtj7UD
BAAtj7YwDQYJKoZIhvcNAQELBQADggEBANeoLf0hHoZD/Tdw9mChMW0qrLo1yyGw
gmSps2OciJcSIw5BDsiwwFYAGmpbMT0VQPPPdLcGP/Fwzd5GTekeHgGSZgPK49Kp
SNeKG+SmvHLyXz08+fTP9XhrxWl/dhzkn3aBgOYfEjME5ByVu3Bn6MKWnPTI+e0+
1N48PsQMl89Cfqkd8K1JQ56Oz5Zag3q45zrRfU/BFB9fa0TJxGQcq1W0/ASvvGhH
0CQgAw6A09LtwQkNDv2nEnP2s8Uyip0pAuP84jRsIugRvC64x6ykN73Ld7xRdrNU
rPpLWCAKL/K6GLcTOrWXf+8mL8wzcmC4tiUUnysVBP/y5AGF76df/oI=
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:23:15 2025 by rpki-client