Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MSDX8mA7CIKodgTNJBjscqt1y9A.roa
File: MSDX8mA7CIKodgTNJBjscqt1y9A.roa (raw, json)
Hash identifier: w1+bI6jFTWBtoBJ7wII83O1yOQxTkw1xWfbbzXOnyNc=
Subject key identifier: 31:20:D7:F2:60:3B:08:82:A8:76:04:CD:24:18:EC:72:AB:75:CB:D0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C7BD6D658AC71D6513BEE48846E8D9569
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MSDX8mA7CIKodgTNJBjscqt1y9A.roa
Signing time: Mon 18 Dec 2023 07:32:06 +0000
ROA not before: Mon 18 Dec 2023 07:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a13:9580::/29 maxlen: 29
2a13:9080::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a13:8200::/29 maxlen: 29
2a13:9280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:d6:d6:58:ac:71:d6:51:3b:ee:48:84:6e:8d:95:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 07:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3120d7f2603b0882a87604cd2418ec72ab75cbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0f:47:7c:9c:22:70:1e:84:4a:68:8c:8e:d0:
71:27:da:c0:eb:27:52:84:33:d1:e0:c8:46:0a:92:
3e:22:73:33:1d:61:e3:d0:77:03:e5:62:9f:03:d7:
40:98:0e:15:58:d7:c5:12:02:82:ac:23:a3:c2:42:
34:38:75:45:ad:bf:a9:cf:19:39:aa:f1:da:37:2c:
30:10:b3:08:51:86:e2:b5:66:a3:69:65:d5:28:07:
07:53:b0:47:fb:4b:b4:04:b1:72:40:07:5f:a0:39:
28:2c:d5:c0:8b:ae:7c:af:77:88:aa:51:4e:cc:bc:
77:c9:b3:cb:cd:48:78:fb:c0:e9:ed:27:cb:67:22:
5a:c7:30:d0:83:65:e7:57:fe:83:e1:ff:a8:b8:fc:
c8:f2:7f:cb:be:8b:13:c5:3b:d8:a6:5e:0d:31:0a:
06:04:b0:cc:72:39:42:31:93:15:5c:a6:35:03:41:
18:32:87:7f:e1:fc:44:b3:0f:bf:8e:c4:c2:32:72:
4e:26:30:77:87:0b:a3:fa:d6:00:a5:68:74:5d:6d:
ce:c4:56:8a:4a:1a:74:96:a9:fb:18:cd:f2:41:6b:
13:43:1e:8e:fd:f3:f8:4d:36:64:be:55:d9:54:3f:
48:be:07:80:28:39:23:a2:fb:0c:ef:7d:ef:4e:aa:
be:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:20:D7:F2:60:3B:08:82:A8:76:04:CD:24:18:EC:72:AB:75:CB:D0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MSDX8mA7CIKodgTNJBjscqt1y9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:df40::/29
2a13:8200::/29
2a13:9080::/29
2a13:9280::/29
2a13:9580::/29
Signature Algorithm: sha256WithRSAEncryption
7c:de:57:d0:79:1d:70:49:1f:fc:83:f2:93:4d:f1:6d:50:e1:
49:69:5b:52:49:ba:c8:52:87:ed:19:48:a0:36:83:f5:35:af:
ee:df:6d:9b:34:58:8c:05:55:5a:3b:42:27:52:42:27:27:07:
81:eb:91:60:be:8d:a8:48:a7:67:40:fc:75:a5:ef:ad:83:7a:
64:f4:93:00:1b:58:44:11:2b:b1:f1:47:5b:d1:15:21:b7:18:
0e:b5:07:fb:07:a6:ee:b5:14:ad:6d:60:aa:ca:07:b3:aa:a0:
8e:e7:d1:2e:f1:98:db:02:c8:15:35:4e:dd:51:f8:86:1d:17:
e0:8e:04:5f:d7:31:89:ec:65:ee:27:1d:1c:a1:ba:37:fd:b8:
6e:b7:2c:e3:33:47:01:46:06:c3:18:5c:68:f8:5b:d1:77:95:
de:d1:69:82:3b:40:19:1b:e7:6a:9c:22:45:92:e1:4b:4a:12:
46:39:3b:22:f7:ae:20:d1:54:96:32:48:2a:a4:5c:2c:7b:91:
9d:34:3b:79:65:6c:cf:eb:ce:1d:f9:92:77:5e:b1:ef:2c:f7:
fa:7f:59:a0:15:b6:b7:f7:88:06:76:ca:bd:09:71:c7:5c:22:
4b:dd:a4:75:20:3b:6b:1c:16:49:e3:ad:9e:69:d1:54:6d:bc:
23:2a:7a:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYx71tZYrHHWUTvuSIRujZVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE4MDczMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIwZDdmMjYwM2IwODgyYTg3NjA0Y2QyNDE4ZWM3MmFiNzVjYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw9HfJwicB6ESmiMjtBxJ9rA6ydS
hDPR4MhGCpI+InMzHWHj0HcD5WKfA9dAmA4VWNfFEgKCrCOjwkI0OHVFrb+pzxk5
qvHaNywwELMIUYbitWajaWXVKAcHU7BH+0u0BLFyQAdfoDkoLNXAi658r3eIqlFO
zLx3ybPLzUh4+8Dp7SfLZyJaxzDQg2XnV/6D4f+ouPzI8n/LvosTxTvYpl4NMQoG
BLDMcjlCMZMVXKY1A0EYMod/4fxEsw+/jsTCMnJOJjB3hwuj+tYApWh0XW3OxFaK
Shp0lqn7GM3yQWsTQx6O/fP4TTZkvlXZVD9IvgeAKDkjovsM733vTqq+twIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDEg1/JgOwiCqHYEzSQY7HKrdcvQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTVNEWDhtQTdDSUtvZGdUTkpCanNjcXQxeTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgySQAMF
AyoP30ADBQMqE4IAAwUDKhOQgAMFAyoTkoADBQMqE5WAMA0GCSqGSIb3DQEBCwUA
A4IBAQB83lfQeR1wSR/8g/KTTfFtUOFJaVtSSbrIUoftGUigNoP1Na/u322bNFiM
BVVaO0InUkInJweB65Fgvo2oSKdnQPx1pe+tg3pk9JMAG1hEESux8Udb0RUhtxgO
tQf7B6butRStbWCqygezqqCO59Eu8ZjbAsgVNU7dUfiGHRfgjgRf1zGJ7GXuJx0c
obo3/bhutyzjM0cBRgbDGFxo+FvRd5Xe0WmCO0AZG+dqnCJFkuFLShJGOTsi964g
0VSWMkgqpFwse5GdNDt5ZWzP684d+ZJ3XrHvLPf6f1mgFba394gGdsq9CXHHXCJL
3aR1IDtrHBZJ462eadFUbbwjKnp+
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:37 2025 by rpki-client