Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa
File: MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa (raw, json)
Hash identifier: 9pfEbRKhKB5CCeWmrSA7x+6HapsgSYyqvT5Q7Ao7JI4=
Subject key identifier: 30:54:6D:CC:F0:D6:84:81:4B:4C:DA:06:24:AB:34:A0:E1:61:E5:45
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018335E4CCCA01EBC9AB83538E4F21DC8A9A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa
Signing time: Tue 13 Sep 2022 08:08:50 +0000
ROA not before: Tue 13 Sep 2022 08:08:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 82.153.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:e4:cc:ca:01:eb:c9:ab:83:53:8e:4f:21:dc:8a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 13 08:08:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30546dccf0d684814b4cda0624ab34a0e161e545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e8:be:82:04:8b:4b:e4:31:c7:9b:4f:3c:0f:
2e:ff:1d:a6:5c:80:1f:7c:d1:9c:d0:aa:70:80:80:
32:0d:4d:26:2a:48:30:c3:bb:2c:c1:f0:03:a5:03:
9f:dc:b6:df:67:21:98:ad:0b:44:66:4b:db:07:9a:
64:71:ea:ae:b8:dc:7f:4c:be:a1:98:fa:27:a0:17:
ae:12:7d:41:51:22:81:83:71:ee:41:5d:c0:5f:6a:
b3:e7:98:72:c5:a0:05:a2:48:bd:a3:4f:ce:c6:7f:
b1:1b:1e:d7:0b:3e:a3:fb:cf:d9:3f:0e:c4:70:d2:
ce:6e:26:4c:29:74:9d:f7:bf:47:6e:37:5e:08:24:
3a:c9:9e:dc:92:09:9f:73:74:70:8c:fe:1a:77:58:
3d:87:ed:1c:74:b8:66:81:09:d2:71:f5:82:fa:d2:
86:7a:c9:c3:b3:36:bb:50:0d:b5:01:27:d0:da:1d:
a6:6f:42:0d:e7:3f:47:01:35:13:00:28:2a:55:f2:
8c:2a:50:7d:13:cd:93:f2:b4:3f:fb:0c:0f:14:9f:
fa:0b:15:52:b9:a6:5e:1b:fc:6f:1a:92:3b:34:ce:
03:b4:2d:e9:42:2a:8b:3b:01:35:3f:67:55:b7:9b:
7b:c1:9f:ed:b1:30:3d:0e:4b:77:7f:d4:f5:71:24:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:54:6D:CC:F0:D6:84:81:4B:4C:DA:06:24:AB:34:A0:E1:61:E5:45
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:2e:c0:94:3a:b8:93:16:a2:4a:ed:97:dd:76:4d:dd:d6:95:
bc:95:b9:66:46:ce:14:ad:ec:03:29:fd:1e:5f:38:b6:00:0b:
4e:d7:13:72:4c:e9:02:43:af:4d:80:ab:bd:64:5d:f2:14:d6:
2b:c9:42:b3:a1:34:58:14:c8:9f:2e:82:0e:a2:09:10:80:c6:
8d:60:26:1e:6d:fb:e3:11:88:3e:0c:68:6f:77:df:a8:05:b1:
e7:0c:94:be:45:dc:78:5a:81:ad:bb:85:ef:72:ff:2f:f2:4f:
23:63:ce:4f:b2:bb:46:fb:5e:0b:44:d6:8c:df:6d:fd:63:17:
8e:a9:72:da:07:81:c9:bb:1f:31:15:13:d2:94:3b:10:5b:ba:
7e:42:aa:3f:e8:73:7b:bf:30:66:67:81:59:86:27:5d:c0:02:
2e:84:cf:20:92:e0:43:75:eb:82:08:e6:b3:b1:9b:84:c4:a9:
ee:ce:d6:2e:10:71:c3:3e:67:b5:b9:9c:28:67:f6:9c:e9:ed:
f3:99:29:dd:0c:ce:83:37:ba:8b:a6:40:2a:25:4e:7e:8a:f9:
3a:70:9b:62:de:f5:1e:7e:70:98:fb:61:0a:7c:70:c9:ef:a2:
8b:bf:7b:3e:f9:dc:24:e5:a7:08:f6:cb:a0:ec:b8:ab:a2:a8:
f6:72:be:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM15MzKAevJq4NTjk8h3IqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwOTEzMDgwODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU0NmRjY2YwZDY4NDgxNGI0Y2RhMDYyNGFiMzRhMGUxNjFlNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArui+ggSLS+Qxx5tPPA8u/x2mXIAf
fNGc0KpwgIAyDU0mKkgww7sswfADpQOf3LbfZyGYrQtEZkvbB5pkcequuNx/TL6h
mPonoBeuEn1BUSKBg3HuQV3AX2qz55hyxaAFoki9o0/Oxn+xGx7XCz6j+8/ZPw7E
cNLObiZMKXSd979HbjdeCCQ6yZ7ckgmfc3RwjP4ad1g9h+0cdLhmgQnScfWC+tKG
esnDsza7UA21ASfQ2h2mb0IN5z9HATUTACgqVfKMKlB9E82T8rQ/+wwPFJ/6CxVS
uaZeG/xvGpI7NM4DtC3pQiqLOwE1P2dVt5t7wZ/tsTA9Dkt3f9T1cSQ7GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBUbczw1oSBS0zaBiSrNKDhYeVFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTUZSdHpQRFdoSUZMVE5vR0pLczBvT0ZoNVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnzMA0G
CSqGSIb3DQEBCwUAA4IBAQCmLsCUOriTFqJK7Zfddk3d1pW8lblmRs4UrewDKf0e
Xzi2AAtO1xNyTOkCQ69NgKu9ZF3yFNYryUKzoTRYFMifLoIOogkQgMaNYCYebfvj
EYg+DGhvd9+oBbHnDJS+Rdx4WoGtu4Xvcv8v8k8jY85PsrtG+14LRNaM3239YxeO
qXLaB4HJux8xFRPSlDsQW7p+Qqo/6HN7vzBmZ4FZhiddwAIuhM8gkuBDdeuCCOaz
sZuExKnuztYuEHHDPme1uZwoZ/ac6e3zmSndDM6DN7qLpkAqJU5+ivk6cJti3vUe
fnCY+2EKfHDJ76KLv3s++dwk5acI9sug7Liroqj2cr43
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:30 2025 by rpki-client