Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MWPN1A9H59k_5SDSz-YQQ4CylEg.roa
File: MWPN1A9H59k_5SDSz-YQQ4CylEg.roa (raw, json)
Hash identifier: 4mlxMikI2kCY1zizxF+9PCTOQNuogWu8HTGs37tEYSI=
Subject key identifier: 31:63:CD:D4:0F:47:E7:D9:3F:E5:20:D2:CF:E6:10:43:80:B2:94:48
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CABCA1B3B7A15C69061D8E0182891BCCB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MWPN1A9H59k_5SDSz-YQQ4CylEg.roa
Signing time: Wed 27 Dec 2023 14:59:58 +0000
ROA not before: Wed 27 Dec 2023 14:59:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:ca:1b:3b:7a:15:c6:90:61:d8:e0:18:28:91:bc:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 27 14:59:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3163cdd40f47e7d93fe520d2cfe6104380b29448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:00:84:6b:49:00:da:e5:23:f3:19:78:34:a1:
62:90:59:fb:9d:17:c4:4c:79:44:83:b9:f1:f2:4b:
ed:63:90:fc:40:ae:bc:f8:d6:1a:18:bd:2f:4c:72:
e1:31:aa:21:5d:db:71:90:4c:c7:e0:6f:c7:d1:9a:
ee:f8:26:72:d1:88:53:91:a9:f9:61:12:37:7d:bb:
48:58:47:6c:99:19:99:4e:82:d7:8a:37:cf:71:ef:
9b:e3:5f:7e:44:6a:1e:fc:09:10:21:70:32:fa:b3:
d6:1b:79:b3:a1:e9:30:2f:71:ee:fb:3e:ee:78:e0:
b7:25:b9:24:02:cf:5d:9f:68:7c:11:a7:fa:db:ec:
d9:bf:43:8c:d7:1e:1e:86:73:c2:28:06:c3:db:7c:
a9:2b:29:b5:93:d8:21:fe:5f:cb:a6:c2:bf:f5:e6:
30:5a:f2:22:90:5a:0c:83:1d:24:3b:5e:82:a9:b6:
c4:3d:3b:fb:11:3b:c8:ef:bc:57:9b:11:c2:f1:3a:
b9:a0:94:6a:0d:45:27:09:0b:7f:ac:1d:a8:12:5b:
cb:10:80:cb:15:0b:b7:83:d7:17:48:7a:6c:3d:60:
52:29:79:70:ab:2d:34:16:a0:d3:e5:64:c3:8c:f7:
81:4c:85:64:33:62:7f:69:41:19:ad:21:3d:5a:5e:
77:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:63:CD:D4:0F:47:E7:D9:3F:E5:20:D2:CF:E6:10:43:80:B2:94:48
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MWPN1A9H59k_5SDSz-YQQ4CylEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3940::/29
2a0f:39c0::/29
2a0f:e740::/29
2a11:4e80::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:dd:f9:c5:95:b0:d7:56:94:8b:5c:a2:93:00:6f:13:41:25:
87:9f:d4:15:a6:14:f0:bf:a9:16:9d:f4:9f:29:76:53:b5:00:
bd:69:b3:9d:4a:fe:fb:92:8e:12:bb:af:00:96:02:99:55:b3:
68:77:7e:53:61:1e:94:d5:57:6e:31:d7:20:d4:ae:f4:f8:56:
9c:81:36:4e:16:08:cf:93:e6:9a:e0:a6:57:2f:62:1b:ab:f1:
2c:d8:a2:09:9c:66:8c:c4:6d:a4:ba:fd:95:0f:bb:1a:9b:ff:
51:44:ef:d2:1e:e6:48:51:1d:95:5f:62:1f:c6:80:e1:80:42:
4a:94:07:5f:bb:cd:04:e0:f0:65:71:41:20:85:08:4d:53:d2:
b7:23:4c:36:2b:ff:89:4d:08:f6:50:44:8e:b0:1c:3b:a8:6b:
31:d0:3b:87:4f:22:ba:8f:34:dc:a9:a9:f9:f9:ae:1d:56:8f:
76:5d:56:fb:69:28:f8:52:70:eb:41:3d:a7:f6:f2:eb:72:bd:
d1:d5:2a:00:0e:3d:ac:a4:0c:0f:dc:19:38:84:1e:ab:1a:54:
81:6a:5c:3d:d6:fc:56:39:2b:7d:4f:45:0a:5a:8e:31:78:4c:
7a:15:b3:52:1b:6d:99:9a:2c:b6:ea:d8:89:35:fc:3c:cd:45:
00:72:2d:bf
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYyryhs7ehXGkGHY4BgokbzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjI3MTQ1OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYzY2RkNDBmNDdlN2Q5M2ZlNTIwZDJjZmU2MTA0MzgwYjI5NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhACEa0kA2uUj8xl4NKFikFn7nRfE
THlEg7nx8kvtY5D8QK68+NYaGL0vTHLhMaohXdtxkEzH4G/H0Zru+CZy0YhTkan5
YRI3fbtIWEdsmRmZToLXijfPce+b419+RGoe/AkQIXAy+rPWG3mzoekwL3Hu+z7u
eOC3JbkkAs9dn2h8Eaf62+zZv0OM1x4ehnPCKAbD23ypKym1k9gh/l/LpsK/9eYw
WvIikFoMgx0kO16CqbbEPTv7ETvI77xXmxHC8Tq5oJRqDUUnCQt/rB2oElvLEIDL
FQu3g9cXSHpsPWBSKXlwqy00FqDT5WTDjPeBTIVkM2J/aUEZrSE9Wl537wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDFjzdQPR+fZP+Ug0s/mEEOAspRIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTVdQTjFBOUg1OWtfNVNEU3otWVFRNEN5bEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg85QAMF
AyoPOcADBQMqD+dAAwUDKhFOgAMFAyoS1cAwDQYJKoZIhvcNAQELBQADggEBAFDd
+cWVsNdWlItcopMAbxNBJYef1BWmFPC/qRad9J8pdlO1AL1ps51K/vuSjhK7rwCW
AplVs2h3flNhHpTVV24x1yDUrvT4VpyBNk4WCM+T5prgplcvYhur8SzYogmcZozE
baS6/ZUPuxqb/1FE79Ie5khRHZVfYh/GgOGAQkqUB1+7zQTg8GVxQSCFCE1T0rcj
TDYr/4lNCPZQRI6wHDuoazHQO4dPIrqPNNypqfn5rh1Wj3ZdVvtpKPhScOtBPaf2
8utyvdHVKgAOPaykDA/cGTiEHqsaVIFqXD3W/FY5K31PRQpajjF4THoVs1IbbZma
LLbq2Ik1/DzNRQByLb8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:18 2025 by rpki-client