Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/MgP5JeXzakfMOhBs3eIoTMoUiSg.roa
File: MgP5JeXzakfMOhBs3eIoTMoUiSg.roa (raw, json)
Hash identifier: 3QsWXtgZx2vsaDSJtJM0w0HjLoO4syAWBwaHP/upyY8=
Subject key identifier: 32:03:F9:25:E5:F3:6A:47:CC:3A:10:6C:DD:E2:28:4C:CA:14:89:28
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 437999F2
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/MgP5JeXzakfMOhBs3eIoTMoUiSg.roa
Signing time: Thu 16 Jun 2022 13:36:44 +0000
ROA not before: Thu 16 Jun 2022 13:36:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51626
IP address blocks: 89.40.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1132042738 (0x437999f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jun 16 13:36:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3203f925e5f36a47cc3a106cdde2284cca148928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:56:77:70:fc:96:77:94:76:af:81:a9:62:05:
ba:51:8c:9a:b2:33:18:df:3d:80:12:30:cd:3d:6d:
06:8f:50:fd:5f:97:2d:b3:8a:51:bb:24:70:a2:bb:
d1:7e:9a:0b:3b:df:16:3b:f0:58:1b:40:06:bd:43:
44:2e:e2:38:91:33:7e:08:86:59:83:de:ef:9f:02:
c5:98:27:5e:75:a5:83:8d:b8:be:1c:15:a7:db:ef:
bb:0a:65:b0:60:bd:0c:d6:44:32:fd:13:1d:45:26:
d5:54:b4:5f:2a:1c:3f:8e:d0:ef:e7:e5:8c:d3:96:
55:cb:94:d0:c9:5b:36:28:ff:e6:99:6c:10:93:1f:
f0:01:68:3b:09:b3:02:e9:07:54:b4:d8:25:b3:b4:
d6:57:4a:8b:74:7d:9a:45:2a:50:98:75:a1:64:1f:
ba:42:cf:c8:35:c1:79:f6:13:56:0b:08:49:2b:ae:
33:73:0e:8a:17:2c:09:e5:dc:3d:8f:f5:1f:8a:8d:
7c:64:b1:fc:09:c4:54:2d:1c:0e:f8:10:48:c6:ce:
e5:22:a9:29:c8:f0:46:ac:d9:6d:8d:85:64:d6:20:
c0:a5:b2:0f:67:a9:5b:9d:29:54:4d:b5:a8:83:24:
2f:67:fe:db:66:92:2d:15:be:20:d0:09:fd:6c:c0:
fa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:03:F9:25:E5:F3:6A:47:CC:3A:10:6C:DD:E2:28:4C:CA:14:89:28
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/MgP5JeXzakfMOhBs3eIoTMoUiSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.100.0/22
Signature Algorithm: sha256WithRSAEncryption
35:9a:31:09:1c:d2:bb:d1:d3:1d:7a:af:0c:da:27:2f:f1:9c:
4a:50:12:65:8a:3f:2f:20:f5:33:a9:1a:9a:56:37:fd:03:7d:
26:38:4a:bb:d6:d5:e0:62:4e:b5:d2:2c:db:39:6e:a8:a3:e0:
1d:40:72:55:37:ac:a6:72:a2:8e:74:95:70:4b:40:0d:53:5f:
85:d5:8a:4f:e5:7f:b8:c1:de:b4:d7:ae:61:60:cb:55:0c:43:
a6:08:08:03:08:88:bd:16:1b:4c:7f:5e:b1:23:ac:a0:a3:29:
fd:72:c6:d1:54:45:81:81:d6:1a:4d:84:9b:28:01:bc:7f:38:
5b:6d:72:f4:44:0a:b3:d8:65:b6:ec:33:f9:3e:a5:02:1b:ad:
55:f1:67:94:51:03:4b:56:11:62:e5:8a:f7:6b:f7:3b:04:cc:
8e:cb:c7:9c:77:32:19:b0:79:6c:28:63:e3:50:ca:6a:47:67:
b4:25:c4:2a:d1:c6:ca:2a:04:41:c1:fc:b1:3e:04:e6:85:b8:
c7:8f:27:90:68:a3:02:da:6f:4d:3a:78:43:c4:dc:69:ee:ed:
a0:59:5c:17:f9:d5:48:0a:1f:b2:b3:9b:19:43:38:4f:f1:83:
d7:eb:a8:9c:37:79:76:4e:59:d0:fb:29:3c:f2:5b:61:bf:fe:
6e:15:74:7b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQ3mZ8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDYx
NjEzMzY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIwM2Y5MjVlNWYz
NmE0N2NjM2ExMDZjZGRlMjI4NGNjYTE0ODkyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRWd3D8lneUdq+BqWIFulGMmrIzGN89gBIwzT1tBo9Q/V+X
LbOKUbskcKK70X6aCzvfFjvwWBtABr1DRC7iOJEzfgiGWYPe758CxZgnXnWlg424
vhwVp9vvuwplsGC9DNZEMv0THUUm1VS0XyocP47Q7+fljNOWVcuU0MlbNij/5pls
EJMf8AFoOwmzAukHVLTYJbO01ldKi3R9mkUqUJh1oWQfukLPyDXBefYTVgsISSuu
M3MOihcsCeXcPY/1H4qNfGSx/AnEVC0cDvgQSMbO5SKpKcjwRqzZbY2FZNYgwKWy
D2epW50pVE21qIMkL2f+22aSLRW+INAJ/WzA+i0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQyA/kl5fNqR8w6EGzd4ihMyhSJKDAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9NZ1A1SmVYemFrZk1PaEJzM2VJb1RNb1VpU2cucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWShkMA0GCSqGSIb3DQEBCwUA
A4IBAQA1mjEJHNK70dMdeq8M2icv8ZxKUBJlij8vIPUzqRqaVjf9A30mOEq71tXg
Yk610izbOW6oo+AdQHJVN6ymcqKOdJVwS0ANU1+F1YpP5X+4wd60165hYMtVDEOm
CAgDCIi9FhtMf16xI6ygoyn9csbRVEWBgdYaTYSbKAG8fzhbbXL0RAqz2GW27DP5
PqUCG61V8WeUUQNLVhFi5Yr3a/c7BMyOy8ecdzIZsHlsKGPjUMpqR2e0JcQq0cbK
KgRBwfyxPgTmhbjHjyeQaKMC2m9NOnhDxNxp7u2gWVwX+dVICh+ys5sZQzhP8YPX
66icN3l2TlnQ+yk88lthv/5uFXR7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:56 2025 by rpki-client