Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/MoA7Dfy8ATzq0IrA0y_-_neAIrI.roa
File: MoA7Dfy8ATzq0IrA0y_-_neAIrI.roa (raw, json)
Hash identifier: DHiDv+0qujcWIREGYrV+cijilttzaRvvXsGJdgcv1lc=
Subject key identifier: 32:80:3B:0D:FC:BC:01:3C:EA:D0:8A:C0:D3:2F:FE:FE:77:80:22:B2
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 01888A7EE5A20E99CC989FB77B3785E6F33E
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/MoA7Dfy8ATzq0IrA0y_-_neAIrI.roa
Signing time: Mon 05 Jun 2023 07:39:11 +0000
ROA not before: Mon 05 Jun 2023 07:39:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 46.28.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:7e:e5:a2:0e:99:cc:98:9f:b7:7b:37:85:e6:f3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jun 5 07:39:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32803b0dfcbc013cead08ac0d32ffefe778022b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:8a:71:1e:46:bc:ea:bd:45:99:da:e8:17:
1e:d0:8e:c6:5d:30:5a:5a:bd:0c:c5:f9:e2:2a:9e:
22:81:4b:49:a0:aa:8f:df:eb:35:b0:8f:d5:77:f1:
76:d4:ec:f8:6b:eb:ce:d4:29:6b:a0:2b:1e:7f:b6:
10:ae:9a:fe:ec:d3:f6:95:58:62:04:49:c5:02:53:
59:4c:c2:86:28:5a:21:88:de:4c:57:73:a0:bd:f4:
e7:88:1d:31:ea:c8:a2:b5:b1:02:53:ee:02:e9:77:
2f:39:91:78:34:0a:7e:5f:e5:eb:bc:3d:f4:47:85:
4b:e3:44:75:b8:2f:86:3c:ee:0a:2a:64:63:7f:14:
8c:1e:dc:f7:74:dc:37:b5:b7:da:23:f7:4d:37:b3:
22:02:4e:82:94:c6:6f:24:96:f2:d2:cc:29:ac:96:
f0:b4:2c:76:7d:3d:6c:41:cc:03:d1:30:0e:3f:ed:
d3:4c:c9:cb:fc:a6:68:43:1f:82:79:27:de:38:52:
9f:a5:f3:7b:77:bd:84:19:91:20:2f:9b:ff:ff:77:
a2:cd:58:8c:21:e2:93:28:54:7c:13:65:e6:b5:dd:
35:84:05:86:42:c2:ad:e9:84:01:da:e1:a3:66:12:
c7:db:fd:51:bd:96:22:5d:87:08:e2:fc:cd:0a:a7:
3e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:80:3B:0D:FC:BC:01:3C:EA:D0:8A:C0:D3:2F:FE:FE:77:80:22:B2
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/MoA7Dfy8ATzq0IrA0y_-_neAIrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.40.0/22
Signature Algorithm: sha256WithRSAEncryption
70:9e:5b:32:25:8d:cb:c3:22:a6:bc:85:d9:fe:7c:cb:25:b5:
48:0b:84:33:d8:2f:a4:59:53:42:63:46:0a:22:c0:ca:9c:62:
46:53:f1:ee:a8:e1:2d:1c:e5:1f:aa:81:60:a2:53:04:56:33:
18:fc:9e:ed:f8:72:c3:17:da:1a:40:43:00:ed:77:83:e9:ac:
7a:7b:9d:3c:04:b7:a3:a1:cb:cf:24:9b:11:5d:82:58:f6:19:
d3:57:1e:e9:f9:71:94:01:c8:4e:71:22:16:b1:27:b8:0d:63:
1b:35:66:ed:ce:b1:65:df:31:53:f5:eb:5f:42:0d:f2:72:ae:
e4:ff:52:a3:74:9d:4f:7e:5e:fc:3d:8f:99:ea:00:5b:cf:c2:
82:e7:a9:c5:4c:ea:e7:2b:db:4b:d9:9e:dd:78:7d:26:d2:33:
c0:a3:02:08:6d:d5:18:a4:d3:d2:73:19:2b:33:6c:50:95:49:
50:4b:0e:c8:19:81:4d:ce:1e:87:e5:51:2a:5f:d6:ce:ee:28:
bc:8a:dc:e1:8c:3f:98:e6:03:bc:0f:ea:ed:4a:4b:d9:71:df:
91:ca:c1:a4:bd:c2:52:f2:20:0e:a7:54:7f:c4:6f:e0:5d:71:
65:a2:ef:ac:73:dc:10:a9:3a:7a:55:03:0c:0e:fc:5d:ae:c6:
c6:21:b2:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiKfuWiDpnMmJ+3ezeF5vM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjMwNjA1MDczOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjgwM2IwZGZjYmMwMTNjZWFkMDhhYzBkMzJmZmVmZTc3ODAyMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGaKcR5GvOq9RZna6Bce0I7GXTBa
Wr0MxfniKp4igUtJoKqP3+s1sI/Vd/F21Oz4a+vO1ClroCsef7YQrpr+7NP2lVhi
BEnFAlNZTMKGKFohiN5MV3OgvfTniB0x6siitbECU+4C6XcvOZF4NAp+X+XrvD30
R4VL40R1uC+GPO4KKmRjfxSMHtz3dNw3tbfaI/dNN7MiAk6ClMZvJJby0swprJbw
tCx2fT1sQcwD0TAOP+3TTMnL/KZoQx+CeSfeOFKfpfN7d72EGZEgL5v//3eizViM
IeKTKFR8E2Xmtd01hAWGQsKt6YQB2uGjZhLH2/1RvZYiXYcI4vzNCqc+ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKAOw38vAE86tCKwNMv/v53gCKyMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvTW9BN0RmeThBVHpxMElyQTB5Xy1fbmVBSXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLhwoMA0G
CSqGSIb3DQEBCwUAA4IBAQBwnlsyJY3LwyKmvIXZ/nzLJbVIC4Qz2C+kWVNCY0YK
IsDKnGJGU/HuqOEtHOUfqoFgolMEVjMY/J7t+HLDF9oaQEMA7XeD6ax6e508BLej
ocvPJJsRXYJY9hnTVx7p+XGUAchOcSIWsSe4DWMbNWbtzrFl3zFT9etfQg3ycq7k
/1KjdJ1Pfl78PY+Z6gBbz8KC56nFTOrnK9tL2Z7deH0m0jPAowIIbdUYpNPScxkr
M2xQlUlQSw7IGYFNzh6H5VEqX9bO7ii8itzhjD+Y5gO8D+rtSkvZcd+RysGkvcJS
8iAOp1R/xG/gXXFlou+sc9wQqTp6VQMMDvxdrsbGIbKe
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:48:33 2025 by rpki-client