Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/Mrc4I-reR7K0MxI7hyyPFJiY_E4.roa
File: Mrc4I-reR7K0MxI7hyyPFJiY_E4.roa (raw, json)
Hash identifier: LnoVfNSVzCEmWy/oqJD/fWk0Z4rus88vdEAziPaqgJ0=
Subject key identifier: 32:B7:38:23:EA:DE:47:B2:B4:33:12:3B:87:2C:8F:14:98:98:FC:4E
Certificate issuer: /CN=46af6ca33534b8530b9f214ec8ea93dd25bd1fcf
Certificate serial: 0182922396A563C92C4BB9305F2731F5B9A8
Authority key identifier: 46:AF:6C:A3:35:34:B8:53:0B:9F:21:4E:C8:EA:93:DD:25:BD:1F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rq9sozU0uFMLnyFOyOqT3SW9H88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/Mrc4I-reR7K0MxI7hyyPFJiY_E4.roa
Signing time: Fri 12 Aug 2022 12:59:41 +0000
ROA not before: Fri 12 Aug 2022 12:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199070
IP address blocks: 91.242.171.0/24 maxlen: 24
91.242.170.0/24 maxlen: 24
91.242.170.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:92:23:96:a5:63:c9:2c:4b:b9:30:5f:27:31:f5:b9:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46af6ca33534b8530b9f214ec8ea93dd25bd1fcf
Validity
Not Before: Aug 12 12:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32b73823eade47b2b433123b872c8f149898fc4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:2c:62:e0:27:95:9c:a9:2a:48:1e:34:36:
a9:32:5b:bf:a0:40:99:da:6f:46:0f:00:1b:3e:f6:
58:62:a9:50:63:a1:30:e8:a3:a8:d6:f2:45:db:8b:
c5:a5:6f:0c:b6:63:f8:ec:84:39:aa:65:11:e9:d6:
4e:a9:bf:77:b1:67:60:74:f2:7d:20:7a:41:77:d4:
6d:ce:a3:59:6d:9e:70:34:74:68:00:1c:c9:2b:de:
61:49:58:d0:f9:9a:00:f6:a8:ab:52:41:46:fb:49:
17:d5:7f:62:56:b2:fc:3b:15:37:ef:d6:f7:56:15:
af:a5:f8:20:12:0f:2a:25:93:53:bb:cf:b4:40:16:
7c:1e:55:36:dc:41:76:e9:da:b8:53:99:b0:03:8d:
9e:20:60:47:fc:d8:a0:3a:bf:3a:e9:36:a6:b7:9f:
8b:b0:b3:57:2c:ee:78:d5:4a:71:60:1a:38:c5:ce:
4e:bb:c7:65:ef:a4:e9:4e:f8:67:12:c0:d5:9d:2b:
f3:55:04:1f:7d:6c:54:83:73:af:02:78:eb:0c:61:
02:f4:6f:62:e7:4e:86:f5:84:60:e0:c5:f5:1a:b3:
55:c1:e4:b0:49:82:16:cd:2a:48:78:d0:71:b4:a9:
54:51:a9:a4:fe:96:b2:d7:d8:57:a1:f3:66:70:a2:
b9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B7:38:23:EA:DE:47:B2:B4:33:12:3B:87:2C:8F:14:98:98:FC:4E
X509v3 Authority Key Identifier:
keyid:46:AF:6C:A3:35:34:B8:53:0B:9F:21:4E:C8:EA:93:DD:25:BD:1F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rq9sozU0uFMLnyFOyOqT3SW9H88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/Mrc4I-reR7K0MxI7hyyPFJiY_E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8e80af-2d64-4784-8115-c5cefd98f621/1/Rq9sozU0uFMLnyFOyOqT3SW9H88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.170.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:8d:1e:9b:3d:1b:1b:28:3a:5b:de:44:0a:60:d1:d7:37:8a:
1a:4d:7d:89:49:c2:a6:f6:84:b7:70:4f:71:b4:20:c6:ad:4e:
be:c9:90:7d:66:1b:5d:b8:f1:9e:4d:79:92:ac:08:00:82:8b:
82:44:3a:19:13:3f:40:f3:3d:48:54:a6:a2:74:bf:bb:c0:b2:
f5:07:e0:78:53:76:cf:b8:f9:08:af:10:de:e8:4f:59:32:14:
12:dd:06:28:cf:95:07:e9:72:2b:56:bd:1e:0f:0b:0e:f7:6e:
72:10:51:90:c9:f4:af:e8:3f:38:1e:08:9e:1a:26:a3:2f:d3:
2a:17:f3:45:81:cb:18:8a:d9:fe:04:14:3b:f2:69:da:de:32:
c8:0d:1f:e3:48:d3:a9:b4:9b:68:80:41:71:59:b7:ea:11:58:
fb:40:9a:7a:5f:96:07:b7:05:43:b4:fe:7e:01:ed:7e:4f:41:
fe:ec:ef:eb:a4:21:5b:25:8b:86:8b:e1:f7:49:3c:35:d0:3c:
01:52:68:1a:b2:75:7e:e9:31:7e:ea:32:a4:22:e8:e0:0a:07:
ae:29:21:08:a2:71:51:3f:24:ac:fe:cb:d5:2b:1c:58:19:5b:
c2:93:ad:6b:85:af:d0:82:13:da:be:64:1e:1b:bd:ce:8e:46:
c4:01:2d:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKSI5alY8ksS7kwXycx9bmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YWY2Y2EzMzUzNGI4NTMwYjlmMjE0ZWM4ZWE5M2RkMjVi
ZDFmY2YwHhcNMjIwODEyMTI1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmI3MzgyM2VhZGU0N2IyYjQzMzEyM2I4NzJjOGYxNDk4OThmYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCIsYuAnlZypKkgeNDapMlu/oECZ
2m9GDwAbPvZYYqlQY6Ew6KOo1vJF24vFpW8MtmP47IQ5qmUR6dZOqb93sWdgdPJ9
IHpBd9RtzqNZbZ5wNHRoABzJK95hSVjQ+ZoA9qirUkFG+0kX1X9iVrL8OxU379b3
VhWvpfggEg8qJZNTu8+0QBZ8HlU23EF26dq4U5mwA42eIGBH/NigOr866Tamt5+L
sLNXLO541UpxYBo4xc5Ou8dl76TpTvhnEsDVnSvzVQQffWxUg3OvAnjrDGEC9G9i
506G9YRg4MX1GrNVweSwSYIWzSpIeNBxtKlUUamk/pay19hXofNmcKK5TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDK3OCPq3keytDMSO4csjxSYmPxOMB8GA1UdIwQY
MBaAFEavbKM1NLhTC58hTsjqk90lvR/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnE5c296VTB1Rk1MbnlGT3lPcVQzU1c5SDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZTgwYWYtMmQ2NC00Nzg0LTgxMTUt
YzVjZWZkOThmNjIxLzEvTXJjNEktcmVSN0swTXhJN2h5eVBGSmlZX0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZTgwYWYtMmQ2NC00Nzg0LTgxMTUtYzVjZWZkOThmNjIx
LzEvUnE5c296VTB1Rk1MbnlGT3lPcVQzU1c5SDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/KqMA0G
CSqGSIb3DQEBCwUAA4IBAQCojR6bPRsbKDpb3kQKYNHXN4oaTX2JScKm9oS3cE9x
tCDGrU6+yZB9ZhtduPGeTXmSrAgAgouCRDoZEz9A8z1IVKaidL+7wLL1B+B4U3bP
uPkIrxDe6E9ZMhQS3QYoz5UH6XIrVr0eDwsO925yEFGQyfSv6D84HgieGiajL9Mq
F/NFgcsYitn+BBQ78mna3jLIDR/jSNOptJtogEFxWbfqEVj7QJp6X5YHtwVDtP5+
Ae1+T0H+7O/rpCFbJYuGi+H3STw10DwBUmgasnV+6TF+6jKkIujgCgeuKSEIonFR
PySs/svVKxxYGVvCk61rha/QghPavmQeG73OjkbEAS3N
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:41:30 2025 by rpki-client