Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/mMqx_MresFzi8ltE8zNaYmzwV00.roa
File: mMqx_MresFzi8ltE8zNaYmzwV00.roa (raw, json)
Hash identifier: 0hX1HE9v+iqYyMR3pXa9p892P2EEQ6AFdtgDexcc3F0=
Subject key identifier: 98:CA:B1:FC:CA:DE:B0:5C:E2:F2:5B:44:F3:33:5A:62:6C:F0:57:4D
Certificate issuer: /CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Certificate serial: 04FCC1B1
Authority key identifier: D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/mMqx_MresFzi8ltE8zNaYmzwV00.roa
Signing time: Sat 01 Jan 2022 14:07:19 +0000
ROA not before: Sat 01 Jan 2022 14:07:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 192.118.70.0/24 maxlen: 24
192.118.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83673521 (0x4fcc1b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Validity
Not Before: Jan 1 14:07:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98cab1fccadeb05ce2f25b44f3335a626cf0574d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:27:c0:a1:e4:f1:cf:4a:a2:32:b6:c5:9a:93:
a2:e7:3d:b5:e7:e3:8a:22:ee:cf:70:0b:1a:8f:7e:
1b:51:da:f3:2b:6b:66:46:b3:0c:50:ed:2b:fc:70:
aa:ee:eb:22:d7:12:b3:62:11:3b:1e:26:4d:05:57:
68:00:89:b7:6e:4b:2a:7b:77:12:08:ba:1d:93:1a:
87:e6:97:3f:06:ec:d4:e8:a1:57:49:89:1b:5e:61:
46:58:57:5b:02:1c:9d:f0:d4:f0:99:be:68:d6:c9:
ee:95:67:f8:e6:67:73:14:84:82:2a:36:a4:cd:e1:
b3:26:3c:c1:71:17:c0:c9:be:e0:fa:1f:84:24:32:
1b:9f:e3:fe:f3:e2:9a:b8:9f:21:23:3b:89:76:99:
87:b4:05:e1:ce:65:38:c0:b6:fc:90:7c:c0:4a:d8:
cb:f4:cd:a2:c4:d0:34:fd:ef:f7:4a:7a:6a:fb:52:
36:4a:0b:5e:43:f3:a6:80:73:03:66:38:4b:ab:0c:
29:f2:b7:1e:b9:be:49:3d:49:c8:c8:10:4d:09:8f:
49:82:43:53:6b:fa:be:09:1f:c8:53:e3:52:86:d3:
9e:6f:a2:fd:8c:d9:49:bc:2f:cd:15:0a:60:ef:ae:
bf:b5:e6:80:bc:8b:aa:34:4b:2d:aa:32:55:6d:40:
a8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CA:B1:FC:CA:DE:B0:5C:E2:F2:5B:44:F3:33:5A:62:6C:F0:57:4D
X509v3 Authority Key Identifier:
keyid:D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/mMqx_MresFzi8ltE8zNaYmzwV00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/0sHV_U4greXxG2avsQpUyP_ksEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.118.70.0/23
Signature Algorithm: sha256WithRSAEncryption
30:79:fe:71:0c:0a:70:88:2c:dd:4a:04:e2:6a:f8:13:59:2f:
1c:5d:62:61:fc:89:53:66:d1:76:13:9f:97:71:d3:56:91:2e:
a3:f4:e8:79:ad:6f:a3:10:f3:b5:35:eb:89:75:ab:17:20:da:
7b:38:5a:b9:a2:48:f5:f1:5b:f4:1e:80:6d:dd:63:02:f7:fd:
a9:b1:07:84:ec:63:0b:a9:ec:de:aa:d8:b8:27:24:47:39:d9:
05:59:22:76:c0:97:96:01:a2:32:00:fb:19:06:c6:1c:fe:48:
9c:1d:0b:07:a3:b0:89:b1:ac:65:46:ca:82:80:6e:97:40:fb:
b8:04:58:e2:0d:04:9b:61:3f:c7:aa:80:69:5a:0a:1a:65:f6:
fc:e1:c5:0c:52:ec:2a:de:4a:82:5e:17:44:d5:35:5f:ce:f2:
1b:35:4c:58:16:c8:34:70:43:3b:07:e0:e9:c1:22:9d:f7:32:
69:d2:55:92:d8:e5:9f:17:9e:97:72:e8:0c:1f:41:54:3f:62:
b4:86:b5:1a:ac:f2:68:be:38:8a:e4:c6:52:9e:0c:4e:f6:af:
d8:22:eb:64:1e:5e:1d:69:24:2c:5e:08:d6:74:09:84:1d:8d:
6d:10:35:42:df:88:fc:e1:a0:fe:69:b7:c5:52:54:0a:c3:8f:
02:09:69:20
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPzBsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmMxZDVmZDRlMjBhZGU1ZjExYjY2YWZiMTBhNTRjOGZmZTRiMDQwMB4XDTIyMDEw
MTE0MDcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThjYWIxZmNjYWRl
YjA1Y2UyZjI1YjQ0ZjMzMzVhNjI2Y2YwNTc0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQnwKHk8c9KojK2xZqTouc9tefjiiLuz3ALGo9+G1Ha8ytr
ZkazDFDtK/xwqu7rItcSs2IROx4mTQVXaACJt25LKnt3Egi6HZMah+aXPwbs1Oih
V0mJG15hRlhXWwIcnfDU8Jm+aNbJ7pVn+OZncxSEgio2pM3hsyY8wXEXwMm+4Pof
hCQyG5/j/vPimrifISM7iXaZh7QF4c5lOMC2/JB8wErYy/TNosTQNP3v90p6avtS
NkoLXkPzpoBzA2Y4S6sMKfK3Hrm+ST1JyMgQTQmPSYJDU2v6vgkfyFPjUobTnm+i
/YzZSbwvzRUKYO+uv7XmgLyLqjRLLaoyVW1AqMsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYyrH8yt6wXOLyW0TzM1pibPBXTTAfBgNVHSMEGDAWgBTSwdX9TiCt5fEb
Zq+xClTI/+SwQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBzSFZfVTRncmVYeEcyYXZzUXBVeVBfa3NFQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvODYxM2FkLTRmNWYtNDVmZC04Nzk5LWEwOWE4NzVmNTkwMy8x
L21NcXhfTXJlc0Z6aThsdEU4ek5hWW16d1YwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ODYxM2FkLTRmNWYtNDVmZC04Nzk5LWEwOWE4NzVmNTkwMy8xLzBzSFZfVTRncmVY
eEcyYXZzUXBVeVBfa3NFQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcB2RjANBgkqhkiG9w0BAQsFAAOC
AQEAMHn+cQwKcIgs3UoE4mr4E1kvHF1iYfyJU2bRdhOfl3HTVpEuo/Toea1voxDz
tTXriXWrFyDaezhauaJI9fFb9B6Abd1jAvf9qbEHhOxjC6ns3qrYuCckRznZBVki
dsCXlgGiMgD7GQbGHP5InB0LB6OwibGsZUbKgoBul0D7uARY4g0Em2E/x6qAaVoK
GmX2/OHFDFLsKt5Kgl4XRNU1X87yGzVMWBbINHBDOwfg6cEinfcyadJVktjlnxee
l3LoDB9BVD9itIa1GqzyaL44iuTGUp4MTvav2CLrZB5eHWkkLF4I1nQJhB2NbRA1
Qt+I/OGg/mm3xVJUCsOPAglpIA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org