Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/MOpZiPWCfUrdU_0y9ouf-XsXn4M.roa
File: MOpZiPWCfUrdU_0y9ouf-XsXn4M.roa (raw, json)
Hash identifier: sq1g99LJbdGdk8Prv1QySLpGgdPsGJOnVOFG1yKWMV0=
Subject key identifier: 30:EA:59:88:F5:82:7D:4A:DD:53:FD:32:F6:8B:9F:F9:7B:17:9F:83
Certificate issuer: /CN=dac633a14cac7c7a0922ffd980de5f278a3be267
Certificate serial: 018249CB1DDBE1B5EC86CA8F91E79E6D9EE3
Authority key identifier: DA:C6:33:A1:4C:AC:7C:7A:09:22:FF:D9:80:DE:5F:27:8A:3B:E2:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sYzoUysfHoJIv_ZgN5fJ4o74mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/MOpZiPWCfUrdU_0y9ouf-XsXn4M.roa
Signing time: Fri 29 Jul 2022 11:50:24 +0000
ROA not before: Fri 29 Jul 2022 11:50:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7979
IP address blocks: 213.5.226.0/24 maxlen: 24
91.233.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:49:cb:1d:db:e1:b5:ec:86:ca:8f:91:e7:9e:6d:9e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac633a14cac7c7a0922ffd980de5f278a3be267
Validity
Not Before: Jul 29 11:50:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30ea5988f5827d4add53fd32f68b9ff97b179f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:71:ae:c8:ac:38:d2:dd:51:0f:ed:7b:a2:9b:
14:0a:57:a7:b3:8c:5b:30:c1:94:88:26:35:3a:ce:
28:88:b6:4d:46:ab:ae:cd:66:e6:4f:a5:79:18:6a:
df:8c:dd:fb:dd:b8:c7:4e:43:11:26:7b:53:d6:a5:
9c:a7:bc:3d:2e:23:ef:98:3f:a3:53:b7:7d:3b:e4:
a8:74:d7:4f:c6:dd:80:bb:a9:e8:40:24:47:b3:8a:
1b:18:09:f4:74:4b:f7:0a:3b:76:a3:6d:9e:3a:74:
98:83:53:25:46:cb:3e:12:5b:09:f3:0f:1e:b3:a7:
06:f2:07:bb:26:e4:8c:4c:32:05:8f:1d:a4:56:c2:
29:46:88:96:7b:19:23:e3:07:ac:5b:0a:17:66:48:
60:54:b4:39:2d:0b:a7:09:33:b6:dd:07:03:25:77:
e8:e0:09:67:c9:e2:2d:5b:02:96:06:4c:1a:13:93:
20:d4:37:56:12:31:5f:18:65:fc:cf:fd:74:8c:a1:
ce:18:7a:6f:61:42:7a:c8:95:d2:08:23:68:d5:ee:
41:37:7a:8a:a8:48:09:8a:46:78:68:0c:01:aa:88:
41:b4:f4:9e:8c:09:37:45:f1:41:a9:5e:8b:d4:a2:
0b:02:56:f0:62:f7:43:09:b4:95:98:1e:68:83:e2:
76:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EA:59:88:F5:82:7D:4A:DD:53:FD:32:F6:8B:9F:F9:7B:17:9F:83
X509v3 Authority Key Identifier:
keyid:DA:C6:33:A1:4C:AC:7C:7A:09:22:FF:D9:80:DE:5F:27:8A:3B:E2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sYzoUysfHoJIv_ZgN5fJ4o74mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/MOpZiPWCfUrdU_0y9ouf-XsXn4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/2sYzoUysfHoJIv_ZgN5fJ4o74mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.61.0/24
213.5.226.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a6:e1:38:82:5c:51:0d:0c:ad:ad:f7:1e:bb:ac:20:90:7f:
9e:94:d0:fb:5d:44:8a:26:ac:a6:a7:2b:0d:2d:70:fe:df:32:
63:b6:47:2e:ff:d6:d7:39:7c:e8:aa:29:96:c0:b0:01:42:96:
8f:8d:12:26:ed:49:ae:56:b1:88:60:3f:e5:df:6a:b6:54:cb:
2f:67:bd:06:70:d9:15:0e:90:a8:48:02:5d:0c:fa:83:78:59:
7c:db:d6:8d:55:e8:4f:ea:97:e8:7f:aa:40:11:82:c6:99:67:
c0:00:2b:91:fc:f6:0f:a7:92:87:02:25:61:65:7a:34:60:a6:
66:22:1e:22:b0:3e:11:22:ed:bf:4d:99:c3:92:c5:89:a8:1d:
e3:0b:f8:4f:4f:d8:fb:41:fa:00:79:50:ed:cb:de:09:c5:a0:
05:9b:7a:d4:b2:9f:89:e5:24:18:8e:19:01:fe:a8:c9:b5:a1:
6d:c9:d3:d9:b9:87:c9:16:a0:96:29:d1:13:33:f0:4e:63:40:
51:e9:cc:00:ea:93:10:6a:29:9c:1b:5b:be:3d:c9:c6:22:3e:
13:cc:37:99:61:80:75:41:17:a0:c5:db:6e:9e:34:32:24:d1:
10:f5:96:af:22:d4:ec:29:01:d4:68:e7:ac:1d:f5:58:27:d2:
a9:da:21:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJJyx3b4bXshsqPkeeebZ7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzYzM2ExNGNhYzdjN2EwOTIyZmZkOTgwZGU1ZjI3OGEz
YmUyNjcwHhcNMjIwNzI5MTE1MDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVhNTk4OGY1ODI3ZDRhZGQ1M2ZkMzJmNjhiOWZmOTdiMTc5ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHGuyKw40t1RD+17opsUClens4xb
MMGUiCY1Os4oiLZNRquuzWbmT6V5GGrfjN373bjHTkMRJntT1qWcp7w9LiPvmD+j
U7d9O+SodNdPxt2Au6noQCRHs4obGAn0dEv3Cjt2o22eOnSYg1MlRss+ElsJ8w8e
s6cG8ge7JuSMTDIFjx2kVsIpRoiWexkj4wesWwoXZkhgVLQ5LQunCTO23QcDJXfo
4AlnyeItWwKWBkwaE5Mg1DdWEjFfGGX8z/10jKHOGHpvYUJ6yJXSCCNo1e5BN3qK
qEgJikZ4aAwBqohBtPSejAk3RfFBqV6L1KILAlbwYvdDCbSVmB5og+J2qQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDDqWYj1gn1K3VP9MvaLn/l7F5+DMB8GA1UdIwQY
MBaAFNrGM6FMrHx6CSL/2YDeXyeKO+JnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNZem9VeXNmSG9KSXZfWmdONWZKNG83NG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jODUyYjUtYWNjNC00ZDcwLWFlZWIt
MjQ1MTVhMTRjNDU2LzEvTU9wWmlQV0NmVXJkVV8weTlvdWYtWHNYbjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jODUyYjUtYWNjNC00ZDcwLWFlZWItMjQ1MTVhMTRjNDU2
LzEvMnNZem9VeXNmSG9KSXZfWmdONWZKNG83NG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+k9AwQA
1QXiMA0GCSqGSIb3DQEBCwUAA4IBAQBipuE4glxRDQytrfceu6wgkH+elND7XUSK
JqympysNLXD+3zJjtkcu/9bXOXzoqimWwLABQpaPjRIm7UmuVrGIYD/l32q2VMsv
Z70GcNkVDpCoSAJdDPqDeFl829aNVehP6pfof6pAEYLGmWfAACuR/PYPp5KHAiVh
ZXo0YKZmIh4isD4RIu2/TZnDksWJqB3jC/hPT9j7QfoAeVDty94JxaAFm3rUsp+J
5SQYjhkB/qjJtaFtydPZuYfJFqCWKdETM/BOY0BR6cwA6pMQaimcG1u+PcnGIj4T
zDeZYYB1QRegxdtunjQyJNEQ9ZavItTsKQHUaOesHfVYJ9Kp2iFw
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:11:17 2025 by rpki-client