Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/MN5MEaG6sFLeoUY7-mzOInspF3A.roa
File: MN5MEaG6sFLeoUY7-mzOInspF3A.roa (raw, json)
Hash identifier: fYwkNhSAqLkjB/FhY6am8ZSpmtXWc/g8mDfrm8Iidgs=
Subject key identifier: 30:DE:4C:11:A1:BA:B0:52:DE:A1:46:3B:FA:6C:CE:22:7B:29:17:70
Certificate issuer: /CN=4516eb0ee37a71076461ec6cba8b925ac5e28a04
Certificate serial: 01869765EFCEE74D9335E1FAB014DCFB7DC3
Authority key identifier: 45:16:EB:0E:E3:7A:71:07:64:61:EC:6C:BA:8B:92:5A:C5:E2:8A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRbrDuN6cQdkYexsuouSWsXiigQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/MN5MEaG6sFLeoUY7-mzOInspF3A.roa
Signing time: Tue 28 Feb 2023 09:41:25 +0000
ROA not before: Tue 28 Feb 2023 09:41:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201321
IP address blocks: 2a13:5a07:ff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:65:ef:ce:e7:4d:93:35:e1:fa:b0:14:dc:fb:7d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4516eb0ee37a71076461ec6cba8b925ac5e28a04
Validity
Not Before: Feb 28 09:41:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30de4c11a1bab052dea1463bfa6cce227b291770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:0f:77:48:ac:46:2d:43:d8:22:aa:00:dd:
51:0a:fe:08:f5:c3:33:8b:4d:e2:3d:a1:f9:2e:f6:
a4:99:66:93:5a:5f:13:92:4d:77:01:5c:75:b1:fc:
d3:81:40:f7:02:0c:46:9e:1d:a8:63:41:38:ee:19:
90:26:e5:4e:46:a7:21:7a:83:9b:16:ce:fd:c6:44:
62:04:96:68:82:a1:64:e1:56:2f:16:9c:88:87:3a:
19:7f:a8:0b:69:cd:0b:2c:0a:53:76:47:3a:9e:ad:
d7:8f:6d:39:55:c4:37:69:89:74:e9:93:71:03:78:
60:17:b1:e9:b7:f2:ea:b0:f5:55:15:d4:00:ed:ed:
34:b0:a0:d7:d2:93:41:cd:7b:aa:4d:77:75:70:e0:
7a:1c:10:16:2a:c7:fb:7f:4c:09:55:aa:ef:03:18:
7c:72:a6:65:da:15:35:9a:21:c5:36:6a:50:d4:5e:
1f:14:c2:c2:c2:48:76:5d:37:22:4b:e0:f9:82:2f:
3a:1d:69:ad:0d:9d:dd:02:b3:90:9d:4e:0a:0c:a6:
b8:69:fc:70:71:a0:2f:64:2f:16:af:32:c1:52:7d:
8a:b9:59:02:b0:e3:26:28:dc:09:b1:75:f2:a4:ad:
3c:6b:94:f9:9e:2f:42:ae:16:a3:3f:93:6f:b3:30:
49:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DE:4C:11:A1:BA:B0:52:DE:A1:46:3B:FA:6C:CE:22:7B:29:17:70
X509v3 Authority Key Identifier:
keyid:45:16:EB:0E:E3:7A:71:07:64:61:EC:6C:BA:8B:92:5A:C5:E2:8A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRbrDuN6cQdkYexsuouSWsXiigQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/MN5MEaG6sFLeoUY7-mzOInspF3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/RRbrDuN6cQdkYexsuouSWsXiigQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5a07:ff::/48
Signature Algorithm: sha256WithRSAEncryption
34:4b:a6:9f:67:4f:1b:d5:63:b5:b4:43:65:2e:8a:e8:0f:e6:
4c:53:a0:82:0e:bc:a5:4c:61:79:e5:19:82:c9:21:a3:4f:e1:
de:77:b6:79:71:09:5b:22:59:d9:dc:d1:f2:c3:45:f3:23:3e:
35:94:df:2c:b6:e1:f0:3b:00:5b:7f:cb:39:2f:96:0f:05:0e:
8f:ca:bb:ff:a3:8b:33:bc:26:d4:5d:4e:9e:3a:2e:35:9f:ed:
f0:39:76:9f:8e:04:48:3c:03:5a:be:82:e3:21:5b:a9:40:c4:
f3:59:70:74:73:63:f3:87:4c:4c:e4:aa:79:4c:60:2e:1d:75:
c4:38:59:e8:4d:8e:2e:fe:f5:83:4a:e6:6d:92:2c:40:54:8f:
f7:1c:d7:19:93:a4:be:31:43:ab:d9:9b:04:d5:0d:2b:45:0b:
62:18:b1:06:a8:a5:b9:c7:c1:9b:89:5f:91:6d:b8:f9:3a:25:
1b:2b:e0:56:5c:c6:a0:3b:b7:08:22:d3:2b:21:f1:35:16:ce:
58:21:17:50:26:ae:f7:99:8b:79:14:29:2f:cf:6e:a6:5b:ee:
a3:ff:da:79:9c:02:ae:f6:59:41:61:8f:2b:22:a2:23:83:e6:
9e:31:22:1d:ac:25:db:77:62:79:8e:50:9f:b6:17:d8:4a:1f:
f8:0d:f0:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaXZe/O502TNeH6sBTc+33DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MTZlYjBlZTM3YTcxMDc2NDYxZWM2Y2JhOGI5MjVhYzVl
MjhhMDQwHhcNMjMwMjI4MDk0MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGRlNGMxMWExYmFiMDUyZGVhMTQ2M2JmYTZjY2UyMjdiMjkxNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0APd0isRi1D2CKqAN1RCv4I9cMz
i03iPaH5LvakmWaTWl8Tkk13AVx1sfzTgUD3AgxGnh2oY0E47hmQJuVORqcheoOb
Fs79xkRiBJZogqFk4VYvFpyIhzoZf6gLac0LLApTdkc6nq3Xj205VcQ3aYl06ZNx
A3hgF7Hpt/LqsPVVFdQA7e00sKDX0pNBzXuqTXd1cOB6HBAWKsf7f0wJVarvAxh8
cqZl2hU1miHFNmpQ1F4fFMLCwkh2XTciS+D5gi86HWmtDZ3dArOQnU4KDKa4afxw
caAvZC8WrzLBUn2KuVkCsOMmKNwJsXXypK08a5T5ni9CrhajP5NvszBJ2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDDeTBGhurBS3qFGO/psziJ7KRdwMB8GA1UdIwQY
MBaAFEUW6w7jenEHZGHsbLqLklrF4ooEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlJickR1TjZjUWRrWWV4c3VvdVNXc1hpaWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yOTIzYWItM2ZmOC00YWE5LTkyMjAt
NWUyOTJhYTU0NGFmLzEvTU41TUVhRzZzRkxlb1VZNy1tek9JbnNwRjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yOTIzYWItM2ZmOC00YWE5LTkyMjAtNWUyOTJhYTU0NGFm
LzEvUlJickR1TjZjUWRrWWV4c3VvdVNXc1hpaWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhNaBwD/
MA0GCSqGSIb3DQEBCwUAA4IBAQA0S6afZ08b1WO1tENlLoroD+ZMU6CCDrylTGF5
5RmCySGjT+Hed7Z5cQlbIlnZ3NHyw0XzIz41lN8stuHwOwBbf8s5L5YPBQ6Pyrv/
o4szvCbUXU6eOi41n+3wOXafjgRIPANavoLjIVupQMTzWXB0c2Pzh0xM5Kp5TGAu
HXXEOFnoTY4u/vWDSuZtkixAVI/3HNcZk6S+MUOr2ZsE1Q0rRQtiGLEGqKW5x8Gb
iV+Rbbj5OiUbK+BWXMagO7cIItMrIfE1Fs5YIRdQJq73mYt5FCkvz26mW+6j/9p5
nAKu9llBYY8rIqIjg+aeMSIdrCXbd2J5jlCfthfYSh/4DfDX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:16 2025 by rpki-client