Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/mPMZp823XJGk5jvVMUnfscUuf4M.roa
File: mPMZp823XJGk5jvVMUnfscUuf4M.roa (raw, json)
Hash identifier: YZnbnCRkj0Q/zhvbARSCHylE0fTM++wdsPlUDLV7PKI=
Subject key identifier: 98:F3:19:A7:CD:B7:5C:91:A4:E6:3B:D5:31:49:DF:B1:C5:2E:7F:83
Certificate issuer: /CN=ddb71471373bb0603c356eeded4b918292b5beee
Certificate serial: 018570F0ADA5EF1D6AA1976E23DD4A9D978F
Authority key identifier: DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/mPMZp823XJGk5jvVMUnfscUuf4M.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 145.8.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ad:a5:ef:1d:6a:a1:97:6e:23:dd:4a:9d:97:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddb71471373bb0603c356eeded4b918292b5beee
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98f319a7cdb75c91a4e63bd53149dfb1c52e7f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d1:19:7f:64:3c:11:d0:e1:30:5a:81:8d:c2:
9f:02:65:20:2d:42:ca:9e:51:5c:e6:aa:bb:c1:c5:
8f:7e:a8:39:96:60:3b:c7:6c:65:15:a7:4b:04:8a:
c5:f4:f4:0c:cf:84:57:da:80:73:14:1d:05:64:34:
62:06:e0:e7:aa:f5:06:24:97:a1:b2:aa:3f:38:af:
68:63:a1:2c:fb:87:fd:a7:51:4d:78:fb:03:c9:5a:
1c:2b:ad:43:85:9b:7f:6d:51:7c:7f:37:d0:04:df:
3c:9e:27:38:4d:17:6b:e9:be:25:13:54:3e:df:ce:
41:c0:4e:28:2a:f4:1d:29:a3:ca:b3:36:89:86:2f:
5b:1f:bb:fa:df:a4:8a:ca:b8:76:9e:b4:66:e8:03:
2e:8a:96:96:7b:89:04:91:55:95:7a:0f:c5:be:89:
86:88:98:af:d8:ed:c9:d1:36:ab:c1:26:67:ab:71:
a2:70:1e:5f:45:99:59:6c:3a:b4:64:ee:0c:6b:91:
d4:20:e5:a6:93:c2:29:8e:f8:be:60:d8:3d:55:1f:
1f:27:02:6a:d9:0a:6e:ec:57:78:b5:80:8c:9d:15:
19:c5:c2:d0:f3:5c:64:42:b8:59:62:eb:ed:c0:43:
a8:1e:0e:3a:69:5d:e0:c1:b6:f7:10:18:15:bc:b1:
7c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F3:19:A7:CD:B7:5C:91:A4:E6:3B:D5:31:49:DF:B1:C5:2E:7F:83
X509v3 Authority Key Identifier:
keyid:DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/mPMZp823XJGk5jvVMUnfscUuf4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.8.180.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:32:76:22:87:9c:5b:fa:a7:17:29:1d:ce:c2:5a:a9:cf:af:
cd:09:6c:64:07:8c:02:da:36:29:4c:c5:ac:e4:78:34:cf:2a:
9c:b8:01:45:af:4c:50:33:fd:97:c9:8d:bf:72:4d:d9:7e:8d:
3e:9d:12:01:4d:57:1a:65:ae:e5:bf:a8:61:52:88:a8:09:c7:
39:d4:43:f5:de:f7:79:8f:57:b0:74:ad:86:6d:1e:39:bb:71:
47:9c:bb:66:ce:41:44:9c:d1:66:1d:16:fa:38:bd:e2:c8:22:
70:3d:bd:1a:10:36:3b:f3:08:d1:c9:a5:b3:82:6d:bf:6c:19:
7b:b1:c4:0e:f6:5d:39:ac:cc:af:c8:e9:8d:87:aa:08:f5:b2:
0c:b7:eb:d7:63:c0:eb:51:6e:16:b4:c4:9b:c7:39:ca:ea:0e:
49:ce:fb:ae:71:5a:4d:12:7d:ac:1a:6e:b8:92:98:51:f3:f2:
49:0c:c0:e5:51:11:9e:16:05:a2:5f:99:5d:e2:e6:eb:bf:e9:
a0:5a:79:25:ea:9f:32:bb:90:6c:8d:f7:2f:e5:c9:9e:51:e6:
25:db:40:58:c7:ef:32:11:ba:3a:06:09:38:d1:09:4f:36:72:
7f:b7:b1:e6:35:61:69:11:82:28:3e:1c:a4:f4:9c:09:38:58:
93:ea:f9:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8K2l7x1qoZduI91KnZePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjcxNDcxMzczYmIwNjAzYzM1NmVlZGVkNGI5MTgyOTJi
NWJlZWUwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGYzMTlhN2NkYjc1YzkxYTRlNjNiZDUzMTQ5ZGZiMWM1MmU3ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59EZf2Q8EdDhMFqBjcKfAmUgLULK
nlFc5qq7wcWPfqg5lmA7x2xlFadLBIrF9PQMz4RX2oBzFB0FZDRiBuDnqvUGJJeh
sqo/OK9oY6Es+4f9p1FNePsDyVocK61DhZt/bVF8fzfQBN88nic4TRdr6b4lE1Q+
385BwE4oKvQdKaPKszaJhi9bH7v636SKyrh2nrRm6AMuipaWe4kEkVWVeg/FvomG
iJiv2O3J0TarwSZnq3GicB5fRZlZbDq0ZO4Ma5HUIOWmk8Ipjvi+YNg9VR8fJwJq
2Qpu7Fd4tYCMnRUZxcLQ81xkQrhZYuvtwEOoHg46aV3gwbb3EBgVvLF8zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjzGafNt1yRpOY71TFJ37HFLn+DMB8GA1UdIwQY
MBaAFN23FHE3O7BgPDVu7e1LkYKStb7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgt
NjIxMmFjNDljYTNiLzEvbVBNWnA4MjNYSkdrNWp2Vk1VbmZzY1V1ZjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgtNjIxMmFjNDljYTNi
LzEvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkQi0MA0G
CSqGSIb3DQEBCwUAA4IBAQB7MnYih5xb+qcXKR3Owlqpz6/NCWxkB4wC2jYpTMWs
5Hg0zyqcuAFFr0xQM/2XyY2/ck3Zfo0+nRIBTVcaZa7lv6hhUoioCcc51EP13vd5
j1ewdK2GbR45u3FHnLtmzkFEnNFmHRb6OL3iyCJwPb0aEDY78wjRyaWzgm2/bBl7
scQO9l05rMyvyOmNh6oI9bIMt+vXY8DrUW4WtMSbxznK6g5JzvuucVpNEn2sGm64
kphR8/JJDMDlURGeFgWiX5ld4ubrv+mgWnkl6p8yu5Bsjfcv5cmeUeYl20BYx+8y
Ebo6Bgk40QlPNnJ/t7HmNWFpEYIoPhyk9JwJOFiT6vki
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:01 2025 by rpki-client