Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/MdNhpCM_zjPW6r673q_8g-ajzr0.roa
File: MdNhpCM_zjPW6r673q_8g-ajzr0.roa (raw, json)
Hash identifier: DadSbS3ydPIncX18PQG71EJn5jm2tYy812bwbggz4/o=
Subject key identifier: 31:D3:61:A4:23:3F:CE:33:D6:EA:BE:BB:DE:AF:FC:83:E6:A3:CE:BD
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 6384
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/MdNhpCM_zjPW6r673q_8g-ajzr0.roa
Signing time: Thu 28 Apr 2022 12:35:59 +0000
ROA not before: Thu 28 Apr 2022 12:35:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 194.124.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25476 (0x6384)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Apr 28 12:35:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31d361a4233fce33d6eabebbdeaffc83e6a3cebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:eb:c4:23:d9:b4:e0:47:ce:c0:8a:a7:92:9c:
31:bb:e5:62:82:a0:a7:3b:20:ae:d4:5f:f5:b5:5f:
da:ae:de:fa:92:9f:40:bf:7c:67:a4:70:97:68:da:
36:c8:c5:11:57:d0:b6:71:d6:e3:ae:9e:9b:53:a0:
f9:e4:12:9f:69:42:d4:85:42:e8:75:20:bd:de:19:
e7:d6:9a:e0:d5:9d:bf:99:06:8a:57:0d:fc:bc:7c:
ad:34:c2:e3:23:b7:68:70:f2:c8:fb:2e:2f:cf:cb:
5a:88:56:41:f2:82:78:b4:d3:f3:c0:85:b6:b7:2d:
ca:83:5f:1c:b1:6b:9e:de:46:21:08:96:0c:6c:69:
ad:c8:a7:c8:e2:32:1d:4a:81:5d:44:6e:03:36:72:
4d:69:0a:67:57:ff:0d:b0:d6:34:c4:20:bb:d5:09:
33:16:8e:25:47:13:94:3f:21:ec:3f:dd:0e:3b:0f:
15:9e:fb:a1:c3:35:60:4c:81:63:6b:c0:ed:42:ab:
eb:9c:53:96:0c:96:1f:d7:54:d6:94:52:d2:03:7c:
b0:4f:3c:eb:d1:ac:f8:8c:61:5f:0d:43:4f:07:1b:
a4:b8:48:a3:92:aa:f3:07:fc:ba:83:ca:1e:e2:9a:
30:42:11:ae:e0:93:d7:3a:4c:fa:46:63:b1:f5:0f:
67:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D3:61:A4:23:3F:CE:33:D6:EA:BE:BB:DE:AF:FC:83:E6:A3:CE:BD
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/MdNhpCM_zjPW6r673q_8g-ajzr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.243.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e7:4c:84:0d:52:25:9c:d5:4b:9d:80:aa:af:5c:d8:eb:5e:
bf:5b:0e:74:5a:74:c8:c6:45:2c:d1:04:85:6d:15:4a:90:fc:
f2:a2:b9:a3:b0:35:e6:ea:9f:85:c1:38:94:fd:7a:90:91:c6:
6d:eb:81:04:8f:d5:11:a1:61:eb:96:e1:49:f7:ef:4b:df:62:
df:70:3c:9a:9b:d2:82:1d:ae:c8:57:72:a5:47:03:f7:d8:c3:
65:45:28:d4:06:e7:ef:53:c0:54:37:71:a0:92:8b:ca:cc:3c:
21:29:60:e2:b0:b4:03:9b:cf:ed:2f:8a:c8:c2:3c:ef:51:e1:
9e:fb:f3:47:2b:4f:23:48:70:ef:bc:95:02:c2:b6:cc:7c:d6:
9b:45:f6:e3:39:ee:75:2d:b4:c1:76:e8:15:cf:ca:1c:9f:de:
e0:11:69:99:01:31:ba:c3:a9:b7:d9:2c:e6:8f:fd:88:c3:ae:
be:25:d0:b0:bf:ad:e0:60:a5:47:14:3f:98:ff:54:4a:05:79:
07:28:05:b1:e2:d7:67:28:15:2e:4c:6b:cb:84:d2:09:ce:18:
56:8e:d2:82:b9:14:0e:02:27:1c:46:d7:08:20:42:87:bb:da:
78:d8:ee:cb:f8:ad:5a:2c:d0:b6:d1:f9:9a:a7:8d:f4:53:57:
85:db:08:96
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICY4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOWQz
MWMyMzNjYmQyNjZkYjAyNjIwYjlkZWI5MGQwOGU0MTY5MmU2NzAeFw0yMjA0Mjgx
MjM1NTlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDMxZDM2MWE0MjMzZmNl
MzNkNmVhYmViYmRlYWZmYzgzZTZhM2NlYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH68Qj2bTgR87AiqeSnDG75WKCoKc7IK7UX/W1X9qu3vqSn0C/
fGekcJdo2jbIxRFX0LZx1uOunptToPnkEp9pQtSFQuh1IL3eGefWmuDVnb+ZBopX
Dfy8fK00wuMjt2hw8sj7Li/Py1qIVkHygni00/PAhba3LcqDXxyxa57eRiEIlgxs
aa3Ip8jiMh1KgV1EbgM2ck1pCmdX/w2w1jTEILvVCTMWjiVHE5Q/Iew/3Q47DxWe
+6HDNWBMgWNrwO1Cq+ucU5YMlh/XVNaUUtIDfLBPPOvRrPiMYV8NQ08HG6S4SKOS
qvMH/LqDyh7imjBCEa7gk9c6TPpGY7H1D2eXAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUMdNhpCM/zjPW6r673q/8g+ajzr0wHwYDVR0jBBgwFoAUnTHCM8vSZtsCYgud
65DQjkFpLmcwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9u
VEhDTTh2U1p0c0NZZ3VkNjVEUWprRnBMbWMuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2RjLzM0MjIzYS1lNzdlLTQ1NDQtYTIwNy1mYTE3MjUwMzQ0OTEvMS9N
ZE5ocENNX3pqUFc2cjY3M3FfOGctYWp6cjAucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjLzM0
MjIzYS1lNzdlLTQ1NDQtYTIwNy1mYTE3MjUwMzQ0OTEvMS9uVEhDTTh2U1p0c0NZ
Z3VkNjVEUWprRnBMbWMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCfPMwDQYJKoZIhvcNAQELBQADggEB
AInnTIQNUiWc1UudgKqvXNjrXr9bDnRadMjGRSzRBIVtFUqQ/PKiuaOwNebqn4XB
OJT9epCRxm3rgQSP1RGhYeuW4Un370vfYt9wPJqb0oIdrshXcqVHA/fYw2VFKNQG
5+9TwFQ3caCSi8rMPCEpYOKwtAObz+0visjCPO9R4Z7780crTyNIcO+8lQLCtsx8
1ptF9uM57nUttMF26BXPyhyf3uARaZkBMbrDqbfZLOaP/YjDrr4l0LC/reBgpUcU
P5j/VEoFeQcoBbHi12coFS5Ma8uE0gnOGFaO0oK5FA4CJxxG1wggQoe72njY7sv4
rVos0LbR+ZqnjfRTV4XbCJY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:55 2025 by rpki-client