Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MGzSCsvewO4YGp7X6PWWd7DJTXg.roa
File: MGzSCsvewO4YGp7X6PWWd7DJTXg.roa (raw, json)
Hash identifier: gM5HEWRLwMRjJwPgD4MCDA1QWMcbieiJKCqbpSmHxSY=
Subject key identifier: 30:6C:D2:0A:CB:DE:C0:EE:18:1A:9E:D7:E8:F5:96:77:B0:C9:4D:78
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571031691797093659899246BEB423673
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MGzSCsvewO4YGp7X6PWWd7DJTXg.roa
Signing time: Mon 02 Jan 2023 05:45:05 +0000
ROA not before: Mon 02 Jan 2023 05:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205397
IP address blocks: 45.141.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:16:91:79:70:93:65:98:99:24:6b:eb:42:36:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=306cd20acbdec0ee181a9ed7e8f59677b0c94d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8d:64:6a:9d:0e:a2:4e:6e:63:f5:46:6d:85:
a0:ba:e3:b2:bd:43:55:c2:49:a3:5a:52:26:18:f6:
9e:3a:a1:77:fa:fb:cf:1e:f2:bf:f6:25:b3:ac:11:
cc:01:5b:d6:e8:df:43:4a:15:35:6e:05:34:f5:c3:
fa:e8:fc:77:df:7b:98:13:e7:3e:ed:a1:7f:8b:01:
cd:d8:84:ff:33:9b:8b:63:98:bd:0d:46:03:b8:ea:
6f:f8:e1:1f:7d:22:6a:1c:7a:df:4b:ce:a8:69:76:
fe:f0:80:2a:22:c8:a1:c8:9b:51:a8:e8:6a:25:14:
9e:fa:4b:01:62:a7:9a:d4:09:e5:bc:b4:e2:07:80:
46:44:91:e9:5e:c0:d6:66:1b:f8:3e:67:be:34:4d:
6c:ef:51:3f:d8:9c:72:97:3f:94:e9:34:73:5e:6b:
3a:64:d7:6f:d4:ba:28:cb:19:ce:95:af:92:cf:e5:
a3:03:ac:fe:2e:23:b2:0c:39:4b:ae:2f:35:88:09:
eb:c1:94:bc:1d:6e:74:0b:1b:b7:84:13:27:df:c0:
1c:a0:f8:22:f2:5d:4b:42:ba:8e:cf:4f:15:3c:8a:
85:7f:32:83:53:ca:10:c4:4e:74:03:db:4d:d8:4f:
8e:8d:f9:2b:9f:ed:9d:e2:5b:95:78:8e:59:2b:4a:
e9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6C:D2:0A:CB:DE:C0:EE:18:1A:9E:D7:E8:F5:96:77:B0:C9:4D:78
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MGzSCsvewO4YGp7X6PWWd7DJTXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.203.0/24
Signature Algorithm: sha256WithRSAEncryption
50:3e:67:28:fd:98:bf:3a:38:95:56:7b:a3:3f:6e:e4:95:c0:
33:8b:16:b2:84:80:7c:59:a0:7d:94:d8:75:48:b9:ad:4b:bb:
7a:92:6e:2a:19:85:68:ed:1d:64:5b:70:07:c0:43:5d:48:f9:
ac:2f:c3:1e:9c:7e:93:ec:cc:21:99:09:71:99:2b:32:6d:b2:
22:4a:9f:65:7f:8d:43:2e:56:30:82:36:71:82:ab:23:94:4c:
9e:bb:2c:0b:36:05:84:42:a3:45:1f:a6:0f:44:8e:2f:9f:b6:
8d:15:c5:14:94:1b:1d:a5:0d:0c:4b:10:bc:fa:4f:0d:4b:26:
fc:9e:cb:e4:5c:ce:d2:6d:4f:10:ff:bf:9a:c3:2a:34:b3:f9:
75:84:5a:47:d6:97:bb:c8:a8:f7:44:c0:23:6e:f8:05:4b:6b:
5e:e4:ff:89:91:61:79:95:b1:18:48:3a:f6:cf:e3:b3:8c:f0:
d4:87:c5:78:1b:29:b7:22:3e:1d:f5:9d:54:ab:54:77:da:21:
7c:f7:37:ee:f5:93:8b:83:f6:07:a3:87:da:d1:eb:d7:2b:30:
a8:37:32:36:02:07:35:b4:4e:5c:c4:6f:c9:2e:d8:ab:83:4f:
7a:55:a1:2f:6d:13:dc:ce:e3:29:f7:af:da:80:d3:a8:54:fb:
29:d0:1c:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAxaReXCTZZiZJGvrQjZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZjZDIwYWNiZGVjMGVlMTgxYTllZDdlOGY1OTY3N2IwYzk0ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI1kap0Ook5uY/VGbYWguuOyvUNV
wkmjWlImGPaeOqF3+vvPHvK/9iWzrBHMAVvW6N9DShU1bgU09cP66Px333uYE+c+
7aF/iwHN2IT/M5uLY5i9DUYDuOpv+OEffSJqHHrfS86oaXb+8IAqIsihyJtRqOhq
JRSe+ksBYqea1AnlvLTiB4BGRJHpXsDWZhv4Pme+NE1s71E/2Jxylz+U6TRzXms6
ZNdv1LooyxnOla+Sz+WjA6z+LiOyDDlLri81iAnrwZS8HW50Cxu3hBMn38AcoPgi
8l1LQrqOz08VPIqFfzKDU8oQxE50A9tN2E+Ojfkrn+2d4luVeI5ZK0rpFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBs0grL3sDuGBqe1+j1lnewyU14MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTUd6U0NzdmV3TzRZR3A3WDZQV1dkN0RKVFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY3LMA0G
CSqGSIb3DQEBCwUAA4IBAQBQPmco/Zi/OjiVVnujP27klcAzixayhIB8WaB9lNh1
SLmtS7t6km4qGYVo7R1kW3AHwENdSPmsL8MenH6T7MwhmQlxmSsybbIiSp9lf41D
LlYwgjZxgqsjlEyeuywLNgWEQqNFH6YPRI4vn7aNFcUUlBsdpQ0MSxC8+k8NSyb8
nsvkXM7SbU8Q/7+awyo0s/l1hFpH1pe7yKj3RMAjbvgFS2te5P+JkWF5lbEYSDr2
z+OzjPDUh8V4Gym3Ij4d9Z1Uq1R32iF89zfu9ZOLg/YHo4fa0evXKzCoNzI2Agc1
tE5cxG/JLtirg096VaEvbRPczuMp96/agNOoVPsp0ByY
-----END CERTIFICATE-----
Generated at Wed Apr 16 20:45:42 2025 by rpki-client