Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/MNzfHxU5dLxsgIkPUY27FyNJ6Co.roa
File: MNzfHxU5dLxsgIkPUY27FyNJ6Co.roa (raw, json)
Hash identifier: Ydt2LFMDf2BDUtJwH0IigX3yeYUahW++JTC5AmJcQaU=
Subject key identifier: 30:DC:DF:1F:15:39:74:BC:6C:80:89:0F:51:8D:BB:17:23:49:E8:2A
Certificate issuer: /CN=80b0638b876f3978ca7bd28d7de370996b396a3f
Certificate serial: 018A8857CCF27D086696E0572A3881F51D45
Authority key identifier: 80:B0:63:8B:87:6F:39:78:CA:7B:D2:8D:7D:E3:70:99:6B:39:6A:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gLBji4dvOXjKe9KNfeNwmWs5aj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/MNzfHxU5dLxsgIkPUY27FyNJ6Co.roa
Signing time: Tue 12 Sep 2023 07:42:50 +0000
ROA not before: Tue 12 Sep 2023 07:42:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216346
IP address blocks: 2a13:4e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:57:cc:f2:7d:08:66:96:e0:57:2a:38:81:f5:1d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80b0638b876f3978ca7bd28d7de370996b396a3f
Validity
Not Before: Sep 12 07:42:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30dcdf1f153974bc6c80890f518dbb172349e82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:62:9b:55:31:81:a7:6c:c6:92:91:60:29:2c:
c9:58:4e:81:de:70:5e:aa:50:36:36:82:b0:f7:b0:
a2:76:d8:a9:94:21:87:8d:e0:83:08:83:4a:49:f9:
5a:f9:9b:f1:42:0f:57:75:66:75:2e:a9:74:e5:f0:
5b:cb:1e:b1:48:37:19:ba:42:ee:47:5f:d5:d2:3e:
ef:fd:39:a9:79:59:bc:57:93:e2:f4:0b:bd:bf:a9:
c7:76:2a:df:88:71:87:f7:ff:c3:88:bd:d2:03:dc:
6c:4f:d0:a5:5e:14:83:f8:ae:8a:47:be:e2:8b:94:
e9:83:ad:e1:dc:e9:69:0c:4b:32:97:1b:c1:b6:8e:
83:6e:b9:6c:a7:6d:7d:8f:57:d3:9b:ed:7a:9d:9f:
11:25:51:14:3e:e5:ad:c6:a3:79:de:ac:61:9f:c9:
2a:e1:c7:95:90:0d:53:c7:b4:89:f8:80:e5:e1:58:
53:f1:da:ea:35:6a:e8:33:c6:9b:57:25:bf:62:02:
c6:c8:c8:f4:fc:b9:2e:55:c8:68:47:d5:ba:98:eb:
87:7c:63:08:b0:1c:9a:91:bd:16:3c:85:9c:5c:23:
8d:f7:23:76:45:8f:36:8e:ad:fd:2c:5b:93:4f:52:
5f:18:da:07:be:2a:6b:aa:1b:58:b8:7e:b5:0e:6c:
c7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DC:DF:1F:15:39:74:BC:6C:80:89:0F:51:8D:BB:17:23:49:E8:2A
X509v3 Authority Key Identifier:
keyid:80:B0:63:8B:87:6F:39:78:CA:7B:D2:8D:7D:E3:70:99:6B:39:6A:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gLBji4dvOXjKe9KNfeNwmWs5aj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/MNzfHxU5dLxsgIkPUY27FyNJ6Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/gLBji4dvOXjKe9KNfeNwmWs5aj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
16:78:39:f9:15:6c:a1:72:05:b3:9c:2f:d6:dc:43:69:5e:3e:
db:3e:ed:ea:14:c8:b3:75:67:2a:cb:ea:be:69:f6:a7:66:e9:
a1:20:89:4c:3a:c8:86:13:60:78:59:51:c6:b7:cf:0a:61:b1:
17:ed:49:94:da:d0:00:34:f4:4e:e3:f8:25:41:0e:d3:45:a8:
a5:24:fd:fc:27:cc:e9:11:01:e7:85:39:20:a8:78:8a:94:6d:
53:b1:0a:40:ae:c6:74:b7:a0:7b:f3:c9:f9:a3:a0:a9:f0:70:
41:2d:44:2f:ea:43:8e:fc:d2:36:19:93:5b:a2:60:0b:e9:29:
78:e8:01:5c:2e:4b:06:b7:a3:fa:98:97:11:10:47:6d:58:57:
bc:32:1d:6d:24:bb:db:3b:6c:97:9c:17:8e:0d:75:77:11:e3:
1c:7f:08:88:75:69:3f:91:5d:6a:40:6e:8f:5e:77:be:5a:b7:
9e:6a:2a:24:5b:11:9f:7a:5e:58:af:6e:70:04:8d:24:62:62:
ed:82:52:3c:de:a4:4d:72:89:d2:54:ed:22:0e:7b:91:31:1f:
be:ea:4b:eb:1c:8b:03:2f:93:bb:af:75:92:64:64:90:e5:fe:
53:11:01:71:6b:1a:09:25:36:d3:42:69:1f:9b:15:b3:f7:dd:
f9:5a:f1:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqIV8zyfQhmluBXKjiB9R1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYjA2MzhiODc2ZjM5NzhjYTdiZDI4ZDdkZTM3MDk5NmIz
OTZhM2YwHhcNMjMwOTEyMDc0MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGRjZGYxZjE1Mzk3NGJjNmM4MDg5MGY1MThkYmIxNzIzNDllODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWKbVTGBp2zGkpFgKSzJWE6B3nBe
qlA2NoKw97CidtiplCGHjeCDCINKSfla+ZvxQg9XdWZ1Lql05fBbyx6xSDcZukLu
R1/V0j7v/TmpeVm8V5Pi9Au9v6nHdirfiHGH9//DiL3SA9xsT9ClXhSD+K6KR77i
i5Tpg63h3OlpDEsylxvBto6Dbrlsp219j1fTm+16nZ8RJVEUPuWtxqN53qxhn8kq
4ceVkA1Tx7SJ+IDl4VhT8drqNWroM8abVyW/YgLGyMj0/LkuVchoR9W6mOuHfGMI
sByakb0WPIWcXCON9yN2RY82jq39LFuTT1JfGNoHviprqhtYuH61DmzHzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDDc3x8VOXS8bICJD1GNuxcjSegqMB8GA1UdIwQY
MBaAFICwY4uHbzl4ynvSjX3jcJlrOWo/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0xCamk0ZHZPWGpLZTlLTmZlTndtV3M1YWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNDY2M2YtNDg0ZS00MmRiLTg5YTAt
MTViMDlmNWY2ZWQ3LzEvTU56Zkh4VTVkTHhzZ0lrUFVZMjdGeU5KNkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNDY2M2YtNDg0ZS00MmRiLTg5YTAtMTViMDlmNWY2ZWQ3
LzEvZ0xCamk0ZHZPWGpLZTlLTmZlTndtV3M1YWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNOADAN
BgkqhkiG9w0BAQsFAAOCAQEAFng5+RVsoXIFs5wv1txDaV4+2z7t6hTIs3VnKsvq
vmn2p2bpoSCJTDrIhhNgeFlRxrfPCmGxF+1JlNrQADT0TuP4JUEO00WopST9/CfM
6REB54U5IKh4ipRtU7EKQK7GdLege/PJ+aOgqfBwQS1EL+pDjvzSNhmTW6JgC+kp
eOgBXC5LBrej+piXERBHbVhXvDIdbSS72ztsl5wXjg11dxHjHH8IiHVpP5FdakBu
j153vlq3nmoqJFsRn3peWK9ucASNJGJi7YJSPN6kTXKJ0lTtIg57kTEfvupL6xyL
Ay+Tu691kmRkkOX+UxEBcWsaCSU200JpH5sVs/fd+VrxCg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:57 2025 by rpki-client