Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MjKVCjPaQdOuqC0RmYgxDmUOFWU.roa
File: MjKVCjPaQdOuqC0RmYgxDmUOFWU.roa (raw, json)
Hash identifier: +TFbGX3nT5fDMtM+LCmGsplTcyNgSHuwGOT6JEb3rS8=
Subject key identifier: 32:32:95:0A:33:DA:41:D3:AE:A8:2D:11:99:88:31:0E:65:0E:15:65
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAF91CDB8C1A2923E8AF89A7FE27F4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MjKVCjPaQdOuqC0RmYgxDmUOFWU.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393398
IP address blocks: 45.157.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f9:1c:db:8c:1a:29:23:e8:af:89:a7:fe:27:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3232950a33da41d3aea82d119988310e650e1565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:7b:c8:99:2a:11:58:2b:60:f3:2a:f0:fb:
be:de:83:61:95:d1:2c:5d:8a:65:ec:d7:7e:c5:e1:
3d:ea:b3:fa:2d:1e:52:29:a2:87:e0:50:35:a4:22:
cf:2a:56:eb:09:c4:9c:87:6b:ce:bf:dc:31:16:2c:
1c:00:73:72:ff:bd:7f:85:29:38:97:af:52:97:ba:
bb:83:2d:7b:52:a1:df:ff:3b:33:b1:2c:98:85:eb:
95:17:17:77:d1:19:c6:6c:2f:34:54:7a:ce:a5:db:
cb:9a:1c:d2:76:a8:f9:64:ca:d9:89:47:69:c1:57:
0f:75:6e:e2:ea:57:f7:b2:7a:4f:d0:c1:be:41:d0:
5b:dd:ed:c8:49:e0:74:91:b2:61:3a:86:29:5c:e6:
90:95:05:4e:a0:64:8d:e6:04:86:38:01:2f:1c:0e:
30:70:15:7b:c3:b7:89:72:9f:7d:75:8f:b3:b9:93:
43:93:83:8a:25:05:00:9e:14:2c:25:18:a1:a7:8d:
e6:bf:d4:be:47:01:79:ba:01:cd:f5:2a:a3:69:a5:
c6:1f:c5:cc:2e:52:9b:db:ec:47:f0:7e:0a:ee:87:
f2:5d:8a:8c:d8:e6:ab:dc:ef:ef:a2:b0:49:b6:b3:
df:89:1e:06:43:0a:57:03:32:9e:0b:96:a0:93:b6:
13:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:32:95:0A:33:DA:41:D3:AE:A8:2D:11:99:88:31:0E:65:0E:15:65
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MjKVCjPaQdOuqC0RmYgxDmUOFWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.38.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:b6:38:66:e1:54:31:2b:01:09:d2:00:38:0d:d9:a7:4d:fa:
a8:d7:c3:7b:4b:98:6f:d4:58:f3:5a:8f:3e:37:0d:42:7a:df:
73:9b:bc:32:2d:8d:73:86:72:7c:70:c4:40:a1:eb:de:41:a9:
ab:86:2e:c9:88:e9:de:01:99:9b:0c:12:84:6d:44:9a:5f:10:
e4:dd:46:2d:8e:f0:a7:a6:e8:80:80:0c:24:88:59:08:17:01:
b4:c2:3f:8d:8d:e4:88:0d:b9:85:98:5d:7b:91:8e:48:ba:83:
93:7f:d2:9e:6b:dc:9d:35:a5:bf:c4:d6:bb:6a:73:6a:72:16:
47:4d:2e:86:8e:e8:8e:9c:44:d8:84:0a:11:ee:26:b9:a7:c5:
05:46:f3:a8:d8:6d:97:bf:9d:ec:bd:1a:7d:a2:07:ed:d9:2c:
28:f4:1d:a1:1b:99:b8:3a:04:1c:5e:d4:0d:94:e0:4a:6d:c5:
ad:c1:0b:af:6c:47:4d:63:c2:a8:17:35:d7:8f:35:dd:78:fc:
03:40:2b:7f:b6:b0:0b:89:ae:82:7e:0b:28:41:ab:27:2a:e7:
0e:bb:8f:fd:85:c9:0e:47:0a:e8:56:60:09:84:5a:63:b5:68:
a8:c3:ff:90:e7:13:15:4a:52:ca:34:df:5a:9b:46:3e:a2:31:
7a:92:b6:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyvkc24waKSPor4mn/if0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjMyOTUwYTMzZGE0MWQzYWVhODJkMTE5OTg4MzEwZTY1MGUxNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraF7yJkqEVgrYPMq8Pu+3oNhldEs
XYpl7Nd+xeE96rP6LR5SKaKH4FA1pCLPKlbrCcSch2vOv9wxFiwcAHNy/71/hSk4
l69Sl7q7gy17UqHf/zszsSyYheuVFxd30RnGbC80VHrOpdvLmhzSdqj5ZMrZiUdp
wVcPdW7i6lf3snpP0MG+QdBb3e3ISeB0kbJhOoYpXOaQlQVOoGSN5gSGOAEvHA4w
cBV7w7eJcp99dY+zuZNDk4OKJQUAnhQsJRihp43mv9S+RwF5ugHN9SqjaaXGH8XM
LlKb2+xH8H4K7ofyXYqM2Oar3O/vorBJtrPfiR4GQwpXAzKeC5agk7YT1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIylQoz2kHTrqgtEZmIMQ5lDhVlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTWpLVkNqUGFRZE91cUMwUm1ZZ3hEbVVPRldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0mMA0G
CSqGSIb3DQEBCwUAA4IBAQCttjhm4VQxKwEJ0gA4DdmnTfqo18N7S5hv1FjzWo8+
Nw1Cet9zm7wyLY1zhnJ8cMRAoeveQamrhi7JiOneAZmbDBKEbUSaXxDk3UYtjvCn
puiAgAwkiFkIFwG0wj+NjeSIDbmFmF17kY5IuoOTf9Kea9ydNaW/xNa7anNqchZH
TS6GjuiOnETYhAoR7ia5p8UFRvOo2G2Xv53svRp9ogft2Swo9B2hG5m4OgQcXtQN
lOBKbcWtwQuvbEdNY8KoFzXXjzXdePwDQCt/trALia6CfgsoQasnKucOu4/9hckO
RwroVmAJhFpjtWiow/+Q5xMVSlLKNN9am0Y+ojF6krZw
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:56:29 2025 by rpki-client