Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/965580-8736-4173-bde3-2c3028fcece9/1/mcF-zVywye4euSqNC3bQi5d5gBc.roa
File: mcF-zVywye4euSqNC3bQi5d5gBc.roa (raw, json)
Hash identifier: hmpFBnicVHXopQHlCR8O+rw/3GzVFbYANV2H0RUh3T4=
Subject key identifier: 99:C1:7E:CD:5C:B0:C9:EE:1E:B9:2A:8D:0B:76:D0:8B:97:79:80:17
Certificate issuer: /CN=93ecccde85c40b154f919baf64ef032ec70d751e
Certificate serial: 01856F9DC0DB4D1EA4BDF2AED508D2FCC7C8
Authority key identifier: 93:EC:CC:DE:85:C4:0B:15:4F:91:9B:AF:64:EF:03:2E:C7:0D:75:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-zM3oXECxVPkZuvZO8DLscNdR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/965580-8736-4173-bde3-2c3028fcece9/1/mcF-zVywye4euSqNC3bQi5d5gBc.roa
Signing time: Sun 01 Jan 2023 23:14:47 +0000
ROA not before: Sun 01 Jan 2023 23:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50324
IP address blocks: 2001:67c:138::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c0:db:4d:1e:a4:bd:f2:ae:d5:08:d2:fc:c7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ecccde85c40b154f919baf64ef032ec70d751e
Validity
Not Before: Jan 1 23:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99c17ecd5cb0c9ee1eb92a8d0b76d08b97798017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:47:2b:e0:1a:f7:7b:07:e3:e9:47:81:a3:52:
a7:91:86:f7:50:c0:88:c3:a3:a5:63:69:7b:20:20:
91:54:5f:c4:fe:5a:f1:62:ab:40:eb:4c:ab:5a:47:
cf:63:6f:cc:92:e2:99:9d:ba:3f:a7:25:27:40:06:
91:ef:cb:af:90:bc:90:41:02:fa:c5:2e:f6:f6:14:
70:32:3a:a5:12:51:80:2e:e2:70:4b:0e:2c:c1:3b:
39:c2:71:ed:e1:7c:b4:4d:91:85:4a:28:a8:61:3b:
a7:7a:70:ab:e1:66:b0:aa:9b:71:39:43:d0:bf:5c:
89:68:df:33:31:ab:7d:ea:b6:9c:89:b4:0a:2c:9d:
38:a9:fa:8b:bd:4e:75:66:58:f7:31:15:0f:d1:fe:
89:25:1d:62:f2:f4:39:1c:7e:94:d8:f9:eb:6e:58:
26:4d:0a:6b:4e:16:c7:be:89:ec:cc:a5:c9:d0:0c:
f0:4c:c3:25:14:79:1b:00:5d:b5:9e:d6:6e:54:e8:
a4:9f:34:d3:6a:57:61:e1:e1:3e:44:5d:f9:fe:aa:
ca:f6:47:89:13:91:56:74:7c:f3:d2:40:7f:bb:32:
a8:02:b0:eb:f6:ed:be:cf:2e:77:b9:00:ac:eb:5e:
c0:05:47:38:dc:c8:68:63:b5:95:15:95:de:c0:6c:
af:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C1:7E:CD:5C:B0:C9:EE:1E:B9:2A:8D:0B:76:D0:8B:97:79:80:17
X509v3 Authority Key Identifier:
keyid:93:EC:CC:DE:85:C4:0B:15:4F:91:9B:AF:64:EF:03:2E:C7:0D:75:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-zM3oXECxVPkZuvZO8DLscNdR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/965580-8736-4173-bde3-2c3028fcece9/1/mcF-zVywye4euSqNC3bQi5d5gBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/965580-8736-4173-bde3-2c3028fcece9/1/k-zM3oXECxVPkZuvZO8DLscNdR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:138::/48
Signature Algorithm: sha256WithRSAEncryption
5c:b5:1e:74:f5:af:44:6a:bb:cc:ad:a3:7c:da:f9:89:86:a7:
09:29:2c:c8:c6:2c:f5:95:6c:41:34:a7:72:14:2f:6d:aa:12:
76:5b:9a:82:36:92:25:2d:17:a6:93:61:bd:ed:b4:81:d6:d1:
85:d6:dd:26:0c:e0:38:2c:79:be:6f:e0:2d:ee:57:87:52:81:
7e:df:a1:1f:ee:28:05:7e:26:e0:c6:12:51:8b:fa:5f:91:f0:
3f:d9:ef:a1:8a:3a:2b:d7:6e:0c:dd:55:94:bf:3b:74:4b:4c:
7d:73:83:e8:3e:ec:38:ea:1c:8d:19:0d:b3:83:f4:4f:39:27:
68:43:1d:dc:67:80:ef:9b:1a:48:76:3f:ac:ad:25:55:4f:b3:
bd:b3:5f:1d:a7:f4:ef:55:5d:da:40:aa:89:66:94:d6:24:ac:
4b:8d:08:3e:84:d6:2f:e0:74:2e:c5:57:eb:f7:0e:7b:ef:07:
45:a6:96:84:b6:9d:e2:4a:a5:fe:7c:ab:6d:d1:9e:35:0b:3d:
8e:51:d6:7f:7e:26:8d:d2:c4:9c:91:e3:8d:7a:74:db:cc:9c:
07:67:5e:c2:3c:a2:df:58:11:71:ed:d7:07:96:6b:9f:78:f5:
28:dc:83:a8:99:c0:62:58:8b:d1:34:e4:62:ab:e1:78:6f:93:
a8:17:40:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvncDbTR6kvfKu1QjS/MfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWNjY2RlODVjNDBiMTU0ZjkxOWJhZjY0ZWYwMzJlYzcw
ZDc1MWUwHhcNMjMwMTAxMjMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWMxN2VjZDVjYjBjOWVlMWViOTJhOGQwYjc2ZDA4Yjk3Nzk4MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEcr4Br3ewfj6UeBo1KnkYb3UMCI
w6OlY2l7ICCRVF/E/lrxYqtA60yrWkfPY2/MkuKZnbo/pyUnQAaR78uvkLyQQQL6
xS729hRwMjqlElGALuJwSw4swTs5wnHt4Xy0TZGFSiioYTunenCr4WawqptxOUPQ
v1yJaN8zMat96racibQKLJ04qfqLvU51Zlj3MRUP0f6JJR1i8vQ5HH6U2Pnrblgm
TQprThbHvonszKXJ0AzwTMMlFHkbAF21ntZuVOiknzTTaldh4eE+RF35/qrK9keJ
E5FWdHzz0kB/uzKoArDr9u2+zy53uQCs617ABUc43MhoY7WVFZXewGyvUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJnBfs1csMnuHrkqjQt20IuXeYAXMB8GA1UdIwQY
MBaAFJPszN6FxAsVT5Gbr2TvAy7HDXUeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay16TTNvWEVDeFZQa1p1dlpPOERMc2NOZFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU1ODAtODczNi00MTczLWJkZTMt
MmMzMDI4ZmNlY2U5LzEvbWNGLXpWeXd5ZTRldVNxTkMzYlFpNWQ1Z0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU1ODAtODczNi00MTczLWJkZTMtMmMzMDI4ZmNlY2U5
LzEvay16TTNvWEVDeFZQa1p1dlpPOERMc2NOZFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAE4
MA0GCSqGSIb3DQEBCwUAA4IBAQBctR509a9EarvMraN82vmJhqcJKSzIxiz1lWxB
NKdyFC9tqhJ2W5qCNpIlLRemk2G97bSB1tGF1t0mDOA4LHm+b+At7leHUoF+36Ef
7igFfibgxhJRi/pfkfA/2e+hijor124M3VWUvzt0S0x9c4PoPuw46hyNGQ2zg/RP
OSdoQx3cZ4DvmxpIdj+srSVVT7O9s18dp/TvVV3aQKqJZpTWJKxLjQg+hNYv4HQu
xVfr9w577wdFppaEtp3iSqX+fKtt0Z41Cz2OUdZ/fiaN0sSckeONenTbzJwHZ17C
PKLfWBFx7dcHlmufePUo3IOomcBiWIvRNORiq+F4b5OoF0Cu
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:26 2025 by rpki-client