Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MNbjy4l3wUN9wy4mlx5qRHu-Kjk.roa
File: MNbjy4l3wUN9wy4mlx5qRHu-Kjk.roa (raw, json)
Hash identifier: zX8Uu5wcJKqtN1eh0cdEHtbqcLHmXEpTplGB5SterA8=
Subject key identifier: 30:D6:E3:CB:89:77:C1:43:7D:C3:2E:26:97:1E:6A:44:7B:BE:2A:39
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018604082698D9EF72F61DB72C23A974FC90
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MNbjy4l3wUN9wy4mlx5qRHu-Kjk.roa
Signing time: Mon 30 Jan 2023 18:54:48 +0000
ROA not before: Mon 30 Jan 2023 18:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 2a0e:5800::/29 maxlen: 29
2a13:1940::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:04:08:26:98:d9:ef:72:f6:1d:b7:2c:23:a9:74:fc:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 30 18:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30d6e3cb8977c1437dc32e26971e6a447bbe2a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:16:1a:13:6c:b3:fa:d2:da:52:39:93:ce:f7:
71:e8:5c:c5:43:bd:d3:c2:60:18:52:ca:c8:3d:91:
85:ff:05:98:2c:fc:2b:d7:87:43:eb:70:bb:50:07:
31:16:0f:12:04:e1:55:b4:5e:f7:50:24:17:33:f1:
57:29:1a:b5:85:47:9a:d7:9a:5a:fd:f8:ed:30:68:
c6:5e:a3:c9:61:b0:bc:3f:42:93:5b:d5:fa:e1:f2:
dc:bc:f5:db:c2:fb:94:37:f9:bf:03:f0:6f:7b:cb:
0e:aa:1d:c1:ae:c6:0c:8d:32:10:0f:12:58:4f:cd:
36:09:fc:99:ac:88:be:60:2f:a7:ce:dc:05:82:ca:
e2:d9:b5:8e:2e:81:a4:ff:55:de:b6:56:93:3f:4b:
a8:31:9b:53:ff:48:d1:ba:9c:9f:34:49:8a:65:b1:
ec:15:37:87:69:9c:fe:8a:f3:a8:a0:99:0f:d9:ac:
e7:3d:55:94:a8:45:18:4b:5b:37:3b:5e:bd:37:e5:
be:2f:ca:2d:15:30:12:34:f3:dc:7a:6e:72:8b:7c:
53:9d:51:6c:fe:b0:7c:0f:97:66:b8:3d:1f:2c:86:
ac:73:0a:2e:83:48:b6:a5:ca:61:16:2f:60:6d:2e:
2b:cd:38:8d:2a:f6:87:7f:b2:72:53:28:ed:c7:28:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D6:E3:CB:89:77:C1:43:7D:C3:2E:26:97:1E:6A:44:7B:BE:2A:39
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MNbjy4l3wUN9wy4mlx5qRHu-Kjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a13:1940::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
90:20:7d:8e:84:61:a3:87:ca:d3:39:b9:e8:0a:cd:2d:30:90:
e0:22:5b:f4:51:30:ce:99:06:30:c2:f9:b7:aa:ea:c2:30:60:
fb:10:c5:77:54:83:d6:ed:b7:17:3c:a2:44:56:9f:89:6d:d1:
78:3a:cc:6c:d7:ef:bb:53:b5:7c:4f:ba:02:30:fc:be:9c:e9:
06:79:a8:fc:65:e3:63:d5:c3:9a:69:80:7f:e3:a5:2a:d2:a9:
0e:1e:24:aa:aa:eb:c8:58:a8:3b:d2:f6:48:c1:56:4a:29:da:
6d:be:13:ba:e7:dc:a9:db:05:d5:3b:c2:41:49:93:10:eb:9d:
e5:d2:7f:11:d4:f3:78:0a:da:34:73:78:28:bb:af:e2:4b:97:
87:73:e0:f9:2d:70:4c:92:58:a0:20:07:cf:ae:00:06:9a:6f:
b1:aa:56:73:7e:92:eb:7e:2b:73:16:f8:06:d1:e1:16:78:00:
3d:40:77:de:6b:68:8c:3e:6a:31:88:82:0f:4c:fc:a8:df:de:
95:8a:e9:87:43:14:50:f9:fc:42:c8:5e:6e:0e:94:5b:68:2c:
7f:65:66:29:c9:d8:49:f6:83:fc:c8:86:89:01:5c:0c:99:75:
9a:0c:85:09:5b:a1:4a:a5:00:b8:ad:f8:ca:4c:d1:cc:fd:ac:
62:7a:52:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYECCaY2e9y9h23LCOpdPyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTMwMTg1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ2ZTNjYjg5NzdjMTQzN2RjMzJlMjY5NzFlNmE0NDdiYmUyYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshYaE2yz+tLaUjmTzvdx6FzFQ73T
wmAYUsrIPZGF/wWYLPwr14dD63C7UAcxFg8SBOFVtF73UCQXM/FXKRq1hUea15pa
/fjtMGjGXqPJYbC8P0KTW9X64fLcvPXbwvuUN/m/A/Bve8sOqh3BrsYMjTIQDxJY
T802CfyZrIi+YC+nztwFgsri2bWOLoGk/1XetlaTP0uoMZtT/0jRupyfNEmKZbHs
FTeHaZz+ivOooJkP2aznPVWUqEUYS1s3O169N+W+L8otFTASNPPcem5yi3xTnVFs
/rB8D5dmuD0fLIascwoug0i2pcphFi9gbS4rzTiNKvaHf7JyUyjtxyjwMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDDW48uJd8FDfcMuJpceakR7vio5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTU5iank0bDN3VU45d3k0bWx4NXFSSHUtS2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5YAAMF
AyoTGUADBQMqE0kAMA0GCSqGSIb3DQEBCwUAA4IBAQCQIH2OhGGjh8rTObnoCs0t
MJDgIlv0UTDOmQYwwvm3qurCMGD7EMV3VIPW7bcXPKJEVp+JbdF4Osxs1++7U7V8
T7oCMPy+nOkGeaj8ZeNj1cOaaYB/46Uq0qkOHiSqquvIWKg70vZIwVZKKdptvhO6
59yp2wXVO8JBSZMQ653l0n8R1PN4Cto0c3gou6/iS5eHc+D5LXBMkligIAfPrgAG
mm+xqlZzfpLrfitzFvgG0eEWeAA9QHfea2iMPmoxiIIPTPyo396ViumHQxRQ+fxC
yF5uDpRbaCx/ZWYpydhJ9oP8yIaJAVwMmXWaDIUJW6FKpQC4rfjKTNHM/axielKn
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:01:56 2025 by rpki-client