Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/MAMf5qHMI2XHgrb6HCUORVgazw0.roa
File: MAMf5qHMI2XHgrb6HCUORVgazw0.roa (raw, json)
Hash identifier: GzDtWoTm8SJ9EyKjDDSEEH7J9/K48DnP6uHfit7Hta8=
Subject key identifier: 30:03:1F:E6:A1:CC:23:65:C7:82:B6:FA:1C:25:0E:45:58:1A:CF:0D
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 01851D85A1CD1EDBC34EC57BF081335C188B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/MAMf5qHMI2XHgrb6HCUORVgazw0.roa
Signing time: Sat 17 Dec 2022 00:39:35 +0000
ROA not before: Sat 17 Dec 2022 00:39:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 178.251.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1d:85:a1:cd:1e:db:c3:4e:c5:7b:f0:81:33:5c:18:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Dec 17 00:39:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30031fe6a1cc2365c782b6fa1c250e45581acf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1b:78:4b:60:f3:15:cd:72:3a:ac:c8:ac:29:
51:ed:e8:9b:f9:53:63:e5:23:b3:19:f3:d4:9e:ea:
eb:9a:62:14:b2:57:95:c6:9e:56:35:9a:72:df:ca:
9a:eb:df:4a:03:5e:b5:63:c7:b5:e0:45:31:4c:23:
fe:39:71:3e:99:3d:94:cc:a1:37:de:24:60:e4:b7:
67:d3:1c:7b:f2:c5:e5:c0:4d:06:32:a9:12:fe:0f:
57:f0:f3:fe:84:5c:ec:c7:71:14:e4:95:1e:3e:55:
aa:b5:e7:e1:52:48:14:5b:87:8c:90:8d:a1:3b:b6:
9e:c5:d2:d4:13:00:0c:23:7b:29:75:b4:29:cd:ff:
16:4c:f8:86:2a:03:48:aa:8d:de:ef:35:22:66:2d:
63:40:31:e0:92:78:cb:99:72:eb:f5:b4:ef:a2:c4:
f6:23:bb:32:f4:d6:d6:eb:aa:53:6a:f4:12:d2:fb:
13:fd:c3:64:fe:45:a4:41:4f:ce:42:ca:ea:63:8d:
38:27:41:eb:bc:3f:af:c1:4f:6c:22:12:61:88:e7:
4d:b3:bf:d6:d2:d5:d0:df:c3:1e:b3:ea:38:2b:7b:
8b:f4:14:32:87:cb:d4:20:6d:41:c0:15:fb:1a:04:
96:6b:48:5e:1c:d0:83:2f:3f:7b:e4:3a:f1:44:a3:
ed:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:03:1F:E6:A1:CC:23:65:C7:82:B6:FA:1C:25:0E:45:58:1A:CF:0D
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/MAMf5qHMI2XHgrb6HCUORVgazw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.228.0/24
Signature Algorithm: sha256WithRSAEncryption
07:b0:12:04:20:7c:77:56:08:4d:a5:ca:ee:4f:e8:cc:d1:98:
31:48:f3:29:fd:39:14:9a:f1:31:68:bf:1e:db:60:4f:c3:0c:
da:cf:43:c9:bb:84:2d:a3:e8:36:04:94:3e:49:f9:67:11:5d:
ed:09:25:c1:47:82:e9:2f:31:01:cb:e5:e0:d3:70:91:88:56:
31:8a:c9:d1:c4:e4:df:d9:19:a4:d0:62:e3:f2:bc:13:44:b3:
a4:eb:20:fe:78:a9:a7:c0:37:7f:23:db:b9:e6:93:a1:de:16:
a7:c0:17:f0:b6:37:22:14:c0:ff:73:c3:55:43:d5:f8:d6:e8:
f9:7a:fa:d5:04:2a:11:30:33:d6:3c:7e:4a:37:15:64:8f:32:
78:c2:88:7d:9e:c8:77:a0:d5:21:dc:3b:06:87:6d:90:3b:3e:
35:9e:56:53:fb:11:54:fe:1f:cd:1c:d1:2b:55:91:62:04:c5:
1b:37:b7:b1:23:81:08:41:b6:97:d8:05:9e:d8:8d:d3:be:5a:
d5:d6:ad:dd:b0:c7:7f:a2:7a:3a:ab:7e:b8:41:fa:fe:50:6c:
a0:fd:80:7a:fc:72:fd:c2:18:51:20:31:dd:0a:ca:e3:83:a4:
b1:21:0e:70:75:b8:7e:c7:e9:07:46:81:c4:90:d2:93:f1:75:
37:04:dc:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUdhaHNHtvDTsV78IEzXBiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIxMjE3MDAzOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDAzMWZlNmExY2MyMzY1Yzc4MmI2ZmExYzI1MGU0NTU4MWFjZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAght4S2DzFc1yOqzIrClR7eib+VNj
5SOzGfPUnurrmmIUsleVxp5WNZpy38qa699KA161Y8e14EUxTCP+OXE+mT2UzKE3
3iRg5Ldn0xx78sXlwE0GMqkS/g9X8PP+hFzsx3EU5JUePlWqtefhUkgUW4eMkI2h
O7aexdLUEwAMI3spdbQpzf8WTPiGKgNIqo3e7zUiZi1jQDHgknjLmXLr9bTvosT2
I7sy9NbW66pTavQS0vsT/cNk/kWkQU/OQsrqY404J0HrvD+vwU9sIhJhiOdNs7/W
0tXQ38Mes+o4K3uL9BQyh8vUIG1BwBX7GgSWa0heHNCDLz975DrxRKPt7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDADH+ahzCNlx4K2+hwlDkVYGs8NMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTUFNZjVxSE1JMlhIZ3JiNkhDVU9SVmdhencwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvvkMA0G
CSqGSIb3DQEBCwUAA4IBAQAHsBIEIHx3VghNpcruT+jM0ZgxSPMp/TkUmvExaL8e
22BPwwzaz0PJu4Qto+g2BJQ+SflnEV3tCSXBR4LpLzEBy+Xg03CRiFYxisnRxOTf
2Rmk0GLj8rwTRLOk6yD+eKmnwDd/I9u55pOh3hanwBfwtjciFMD/c8NVQ9X41uj5
evrVBCoRMDPWPH5KNxVkjzJ4woh9nsh3oNUh3DsGh22QOz41nlZT+xFU/h/NHNEr
VZFiBMUbN7exI4EIQbaX2AWe2I3TvlrV1q3dsMd/ono6q364Qfr+UGyg/YB6/HL9
whhRIDHdCsrjg6SxIQ5wdbh+x+kHRoHEkNKT8XU3BNzV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org