Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/MpvT5a53uuejEqMlvnWHBEQ9ZOk.roa
File: MpvT5a53uuejEqMlvnWHBEQ9ZOk.roa (raw, json)
Hash identifier: FNoj5bIDvylWg7FcQ8ycX+fBvSN53V3R1GjR58UPKs8=
Subject key identifier: 32:9B:D3:E5:AE:77:BA:E7:A3:12:A3:25:BE:75:87:04:44:3D:64:E9
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0182E9E0974C3D2977DE7DACE3E512EF7AE1
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/MpvT5a53uuejEqMlvnWHBEQ9ZOk.roa
Signing time: Mon 29 Aug 2022 13:53:06 +0000
ROA not before: Mon 29 Aug 2022 13:53:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203133
IP address blocks: 2a0e:aa07:e048::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e9:e0:97:4c:3d:29:77:de:7d:ac:e3:e5:12:ef:7a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Aug 29 13:53:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=329bd3e5ae77bae7a312a325be758704443d64e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:15:2c:08:0c:20:e7:c3:65:94:6b:53:14:c0:
af:72:89:27:e9:61:1c:da:b2:87:d6:fb:6c:f3:22:
5e:d2:23:a7:aa:52:47:55:4b:8c:eb:00:9f:ba:5a:
17:0f:de:41:62:c0:f7:db:47:cb:67:cb:01:b1:1e:
e5:cc:bf:6e:19:ea:83:0a:43:1e:e8:30:5f:d1:ac:
93:ee:8f:1f:45:8d:46:bf:9d:6d:0b:d5:79:3c:b9:
7e:d4:fb:bf:b5:33:7a:88:ae:44:44:fb:08:53:af:
48:96:6d:48:64:e4:f1:90:59:7f:b4:92:24:19:64:
14:d9:3b:c3:53:90:c7:8b:09:60:b9:48:9e:52:00:
9c:cc:81:e0:20:4f:53:03:88:84:55:22:f7:22:eb:
c1:78:54:4e:68:38:e8:4d:8a:a9:38:d3:d5:f8:9e:
28:a2:db:e3:5f:c9:c6:0b:76:2e:5b:fb:db:e0:c0:
68:87:46:e1:4d:cd:2d:c8:cb:ba:df:58:bd:a4:fa:
c1:62:c7:9a:9f:d1:1d:86:b1:12:cc:f4:9c:d3:fd:
e1:80:ed:a5:8f:e5:5b:df:fe:4f:5d:4b:29:ed:91:
e5:b2:0b:ed:6c:07:d1:f2:28:72:1d:10:5c:a0:1f:
02:8f:3d:b7:ef:d7:6a:8e:32:c2:59:04:59:08:f0:
5d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9B:D3:E5:AE:77:BA:E7:A3:12:A3:25:BE:75:87:04:44:3D:64:E9
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/MpvT5a53uuejEqMlvnWHBEQ9ZOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e048::/48
Signature Algorithm: sha256WithRSAEncryption
87:d9:80:e1:59:fd:40:b8:d1:cb:6a:3b:e0:ae:d0:2e:6f:97:
78:39:1b:7a:9a:7a:e2:3d:7e:6e:78:a6:9a:72:16:4b:17:04:
b8:34:a3:f5:50:25:eb:79:0c:94:f9:49:fa:5f:64:21:24:80:
f7:80:d8:38:fd:6e:ba:6f:1d:ee:dd:91:5e:09:1e:21:b5:72:
da:2a:0f:a5:dd:ae:7e:fc:7d:a9:74:17:f5:7d:4c:eb:5f:c2:
dc:95:e4:86:f8:3f:64:02:83:5b:3a:9d:19:eb:d8:59:aa:92:
85:78:bb:f5:82:b5:d4:16:e2:a9:4b:09:ed:7b:63:e0:cf:9a:
29:bd:36:bc:7d:81:4a:87:7d:f9:0d:18:6a:1a:84:19:46:35:
31:20:e7:be:b3:6d:eb:59:d8:67:60:f1:d9:bb:d0:c1:86:ed:
26:2f:0d:5e:d4:89:89:cd:5b:04:b0:7e:99:91:db:0e:65:6b:
30:88:68:30:27:af:40:ec:dd:a3:9c:90:00:61:da:91:4c:d1:
97:30:46:8d:a6:90:f8:e2:91:99:01:eb:31:a2:a5:b8:08:55:
35:9b:16:6e:fd:21:cc:91:5b:11:ff:48:52:7e:9a:eb:a6:34:
a0:bc:0f:6a:35:36:2d:66:f9:4a:5f:54:86:47:71:bd:3f:84:
18:04:1d:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLp4JdMPSl33n2s4+US73rhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjIwODI5MTM1MzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjliZDNlNWFlNzdiYWU3YTMxMmEzMjViZTc1ODcwNDQ0M2Q2NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhUsCAwg58NllGtTFMCvcokn6WEc
2rKH1vts8yJe0iOnqlJHVUuM6wCfuloXD95BYsD320fLZ8sBsR7lzL9uGeqDCkMe
6DBf0ayT7o8fRY1Gv51tC9V5PLl+1Pu/tTN6iK5ERPsIU69Ilm1IZOTxkFl/tJIk
GWQU2TvDU5DHiwlguUieUgCczIHgIE9TA4iEVSL3IuvBeFROaDjoTYqpONPV+J4o
otvjX8nGC3YuW/vb4MBoh0bhTc0tyMu631i9pPrBYsean9EdhrESzPSc0/3hgO2l
j+Vb3/5PXUsp7ZHlsgvtbAfR8ihyHRBcoB8Cjz2379dqjjLCWQRZCPBdeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDKb0+Wud7rnoxKjJb51hwREPWTpMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvTXB2VDVhNTN1dWVqRXFNbHZuV0hCRVE5Wk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BI
MA0GCSqGSIb3DQEBCwUAA4IBAQCH2YDhWf1AuNHLajvgrtAub5d4ORt6mnriPX5u
eKaachZLFwS4NKP1UCXreQyU+Un6X2QhJID3gNg4/W66bx3u3ZFeCR4htXLaKg+l
3a5+/H2pdBf1fUzrX8LcleSG+D9kAoNbOp0Z69hZqpKFeLv1grXUFuKpSwnte2Pg
z5opvTa8fYFKh335DRhqGoQZRjUxIOe+s23rWdhnYPHZu9DBhu0mLw1e1ImJzVsE
sH6ZkdsOZWswiGgwJ69A7N2jnJAAYdqRTNGXMEaNppD44pGZAesxoqW4CFU1mxZu
/SHMkVsR/0hSfprrpjSgvA9qNTYtZvlKX1SGR3G9P4QYBB0c
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:31 2023 by rpki-client on console-fra.rpki-client.org