Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/MM4iV6WLBmgXnJeqQ2M0fKQM3E0.roa
File: MM4iV6WLBmgXnJeqQ2M0fKQM3E0.roa (raw, json)
Hash identifier: 3Z20V69shw0ZZt9Sf7ZtQU0MZ7z23b2SekZfwMo+TEw=
Subject key identifier: 30:CE:22:57:A5:8B:06:68:17:9C:97:AA:43:63:34:7C:A4:0C:DC:4D
Certificate issuer: /CN=4dcbef06ad05fd6e6e7e7b1084cb1d7d65e6426f
Certificate serial: 016AA065
Authority key identifier: 4D:CB:EF:06:AD:05:FD:6E:6E:7E:7B:10:84:CB:1D:7D:65:E6:42:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TcvvBq0F_W5ufnsQhMsdfWXmQm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/MM4iV6WLBmgXnJeqQ2M0fKQM3E0.roa
Signing time: Sat 01 Jan 2022 10:06:04 +0000
ROA not before: Sat 01 Jan 2022 10:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202208
IP address blocks: 45.154.224.0/23 maxlen: 23
45.154.224.0/22 maxlen: 22
45.154.226.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23765093 (0x16aa065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dcbef06ad05fd6e6e7e7b1084cb1d7d65e6426f
Validity
Not Before: Jan 1 10:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30ce2257a58b0668179c97aa4363347ca40cdc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8c:4f:00:14:d5:b6:cb:02:56:ac:ce:3a:a0:
be:9b:72:6a:16:93:95:51:7c:49:9b:18:b6:f4:75:
a3:07:61:fd:72:b5:37:6b:24:85:94:09:0b:d4:b0:
1d:dc:b0:e8:93:0d:fa:a7:4a:f0:3d:0e:fc:50:9b:
53:c6:af:9d:77:b2:fe:a3:49:db:bd:62:4b:d0:23:
a1:1b:47:b1:06:15:56:28:e0:76:52:3a:a3:ad:70:
7d:90:fa:2a:ee:8d:42:9c:e0:58:3d:aa:2c:f5:54:
ea:a7:a0:7b:19:db:e8:3a:4c:87:2a:b7:c4:4a:7e:
01:f8:66:94:88:b5:73:2a:68:49:5e:a9:6a:94:97:
67:c3:01:7d:c6:6e:d6:e2:33:8f:d6:f1:02:aa:0c:
6a:34:66:ac:9a:88:a2:57:a4:c4:bc:97:2d:98:d4:
96:0a:99:38:9c:39:a6:6a:d9:d2:6b:79:ce:de:1f:
a0:66:8c:b7:a6:f0:f2:be:f5:7a:8f:99:a6:cb:33:
c4:80:8f:00:97:24:26:8a:58:64:47:03:a6:7b:e9:
04:a6:8c:38:76:36:e6:63:a1:3e:f0:9b:f5:41:3f:
da:5f:b8:3c:52:b6:20:97:ed:5e:0c:78:27:57:7e:
15:56:63:85:73:d9:13:65:ff:c5:8f:5e:67:82:b7:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CE:22:57:A5:8B:06:68:17:9C:97:AA:43:63:34:7C:A4:0C:DC:4D
X509v3 Authority Key Identifier:
keyid:4D:CB:EF:06:AD:05:FD:6E:6E:7E:7B:10:84:CB:1D:7D:65:E6:42:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TcvvBq0F_W5ufnsQhMsdfWXmQm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/MM4iV6WLBmgXnJeqQ2M0fKQM3E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/TcvvBq0F_W5ufnsQhMsdfWXmQm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.224.0/22
Signature Algorithm: sha256WithRSAEncryption
88:81:c6:68:a0:9d:64:fa:ae:d4:9f:12:3d:59:9a:a8:7f:7e:
82:cc:8b:32:c6:d1:c4:71:6f:8c:ca:c7:52:29:3c:0a:1c:17:
9c:6a:db:01:5a:a1:88:56:b9:60:4c:ba:fd:e3:b4:34:e0:be:
dd:c7:93:58:24:c0:a7:8d:7c:2a:a8:39:90:b7:6e:c0:ae:2e:
77:1f:e1:a1:81:31:ce:e2:7d:ba:01:15:a4:c1:03:6f:f5:53:
17:a6:5c:da:81:a1:d4:3e:c3:20:76:a8:36:fc:53:ce:de:d6:
92:80:3c:13:8c:04:15:96:ac:25:a2:91:ae:76:a3:64:0e:2d:
a1:bf:16:c6:0b:c6:54:9c:66:23:f2:73:02:83:de:a7:03:bf:
fe:3a:07:42:d0:ca:03:4c:dd:c6:d6:34:b6:41:e1:e6:09:67:
aa:47:31:aa:52:e0:78:b5:f9:4b:cd:7b:08:ae:7d:25:3b:0c:
bd:d1:ca:3c:74:b7:77:e6:09:2f:35:c8:43:50:12:2b:1d:b7:
df:54:bd:21:43:21:41:a2:c9:1a:85:d1:c8:b2:3c:3c:78:ad:
6a:2d:4b:68:3f:96:07:c4:d2:a5:df:14:e4:10:9a:7d:c4:cc:
e5:66:87:10:cd:d7:18:69:cc:1e:6e:22:f6:2b:7d:4c:6d:65:
ab:0c:44:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWqgZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGNiZWYwNmFkMDVmZDZlNmU3ZTdiMTA4NGNiMWQ3ZDY1ZTY0MjZmMB4XDTIyMDEw
MTEwMDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBjZTIyNTdhNThi
MDY2ODE3OWM5N2FhNDM2MzM0N2NhNDBjZGM0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2MTwAU1bbLAlaszjqgvptyahaTlVF8SZsYtvR1owdh/XK1
N2skhZQJC9SwHdyw6JMN+qdK8D0O/FCbU8avnXey/qNJ271iS9AjoRtHsQYVVijg
dlI6o61wfZD6Ku6NQpzgWD2qLPVU6qegexnb6DpMhyq3xEp+AfhmlIi1cypoSV6p
apSXZ8MBfcZu1uIzj9bxAqoMajRmrJqIolekxLyXLZjUlgqZOJw5pmrZ0mt5zt4f
oGaMt6bw8r71eo+ZpsszxICPAJckJopYZEcDpnvpBKaMOHY25mOhPvCb9UE/2l+4
PFK2IJftXgx4J1d+FVZjhXPZE2X/xY9eZ4K3qK8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwziJXpYsGaBecl6pDYzR8pAzcTTAfBgNVHSMEGDAWgBRNy+8GrQX9bm5+
exCEyx19ZeZCbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RjdnZCcTBGX1c1dWZuc1FoTXNkZldYbVFtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMmE2ZWFhLWU0MzctNDNiYy05NzJlLTNlM2JmYWExOTBkZi8x
L01NNGlWNldMQm1nWG5KZXFRMk0wZktRTTNFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MmE2ZWFhLWU0MzctNDNiYy05NzJlLTNlM2JmYWExOTBkZi8xL1RjdnZCcTBGX1c1
dWZuc1FoTXNkZldYbVFtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2a4DANBgkqhkiG9w0BAQsFAAOC
AQEAiIHGaKCdZPqu1J8SPVmaqH9+gsyLMsbRxHFvjMrHUik8ChwXnGrbAVqhiFa5
YEy6/eO0NOC+3ceTWCTAp418Kqg5kLduwK4udx/hoYExzuJ9ugEVpMEDb/VTF6Zc
2oGh1D7DIHaoNvxTzt7WkoA8E4wEFZasJaKRrnajZA4tob8WxgvGVJxmI/JzAoPe
pwO//joHQtDKA0zdxtY0tkHh5glnqkcxqlLgeLX5S817CK59JTsMvdHKPHS3d+YJ
LzXIQ1ASKx2331S9IUMhQaLJGoXRyLI8PHitai1LaD+WB8TSpd8U5BCafcTM5WaH
EM3XGGnMHm4i9it9TG1lqwxEVw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:42 2025 by rpki-client