Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/MDy5gtHp-7Jvpo3qMSTXhbrFS6g.roa
File: MDy5gtHp-7Jvpo3qMSTXhbrFS6g.roa (raw, json)
Hash identifier: 9mL6+YoRV5V9bK1EVfVZQYiNiHlUhxzoIK9eukGIOzg=
Subject key identifier: 30:3C:B9:82:D1:E9:FB:B2:6F:A6:8D:EA:31:24:D7:85:BA:C5:4B:A8
Certificate issuer: /CN=9f891ff3477ed7fdaacfae2e3f0dfa64fd92ac0c
Certificate serial: 0185104B13434AFE5E1CC5F55A3D06A7D2A3
Authority key identifier: 9F:89:1F:F3:47:7E:D7:FD:AA:CF:AE:2E:3F:0D:FA:64:FD:92:AC:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4kf80d-1_2qz64uPw36ZP2SrAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/MDy5gtHp-7Jvpo3qMSTXhbrFS6g.roa
Signing time: Wed 14 Dec 2022 11:00:33 +0000
ROA not before: Wed 14 Dec 2022 11:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202720
IP address blocks: 185.1.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:4b:13:43:4a:fe:5e:1c:c5:f5:5a:3d:06:a7:d2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f891ff3477ed7fdaacfae2e3f0dfa64fd92ac0c
Validity
Not Before: Dec 14 11:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=303cb982d1e9fbb26fa68dea3124d785bac54ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ef:97:bd:23:7f:50:cf:31:d6:bf:5c:04:f8:
15:87:28:64:7f:48:1d:23:de:b9:dc:ec:4e:46:aa:
77:73:41:22:b3:16:7a:e7:41:5c:ab:b2:f0:25:88:
b6:71:96:71:66:d5:bd:5f:e8:6b:91:f1:cf:67:fe:
df:b9:c8:3a:a1:b9:6a:01:d1:73:20:03:62:ed:e8:
75:da:eb:ed:cf:fe:89:8c:23:d8:e5:fe:f3:63:33:
cf:25:f0:13:03:8b:c5:61:f5:c0:3e:fa:45:c5:47:
87:7f:0c:5f:1d:7d:9b:c5:e6:47:58:a5:cc:db:f2:
32:20:95:7e:e7:62:5b:da:2d:9b:e8:0d:57:15:5b:
e1:00:d5:7e:a5:b8:73:04:0a:93:92:d5:b7:5c:2c:
84:f1:4e:36:81:22:28:fb:fd:f2:7f:50:3b:c9:78:
12:1c:6f:c2:4e:59:50:55:d9:56:1c:6d:a0:e1:06:
f1:2d:5b:52:12:32:83:5b:59:9e:9c:bc:da:9b:ed:
5b:65:66:70:d7:f8:02:87:9b:af:d0:da:7e:82:65:
f1:39:e7:04:1e:4a:61:e1:e8:99:fb:12:8d:7d:5b:
3f:73:c0:3a:62:ad:34:f1:72:4d:2b:e6:ab:86:69:
c9:9e:fc:cb:61:0b:e3:be:0e:cd:7c:95:8f:f7:24:
8e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:3C:B9:82:D1:E9:FB:B2:6F:A6:8D:EA:31:24:D7:85:BA:C5:4B:A8
X509v3 Authority Key Identifier:
keyid:9F:89:1F:F3:47:7E:D7:FD:AA:CF:AE:2E:3F:0D:FA:64:FD:92:AC:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4kf80d-1_2qz64uPw36ZP2SrAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/MDy5gtHp-7Jvpo3qMSTXhbrFS6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/n4kf80d-1_2qz64uPw36ZP2SrAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.70.0/24
Signature Algorithm: sha256WithRSAEncryption
40:bc:47:ae:db:31:02:bd:f2:09:ae:97:bc:d0:f5:c7:98:1c:
bf:1f:94:33:bc:46:9c:d9:08:ab:ad:ee:65:db:d9:3e:42:49:
d4:33:4d:59:f3:91:bc:81:43:88:f9:cf:da:15:40:d2:8d:d7:
9e:80:fa:41:09:df:06:d2:f8:6f:d8:82:72:c1:1c:20:3b:f9:
a3:60:7f:ba:c8:9c:bc:1f:bc:55:eb:8d:60:1f:4a:da:2a:cb:
30:07:ac:76:65:3c:18:bf:c5:49:73:0e:19:b7:4e:7e:77:ff:
18:4e:6c:97:0d:a3:a4:eb:f9:6f:ed:de:a9:2b:95:11:48:ad:
d3:d1:43:fe:b3:32:a2:50:1e:9b:a6:76:04:a5:5f:13:f7:7b:
84:f0:27:1e:62:9c:3c:ad:74:86:6a:dc:e3:47:15:07:be:e0:
5f:29:50:11:29:53:da:e3:9c:93:36:a7:d3:aa:25:e0:99:97:
78:f4:e6:51:d1:9d:be:d5:1b:5d:cc:f3:6d:de:98:7f:a4:12:
d6:56:c2:f1:c2:f4:f3:28:4a:86:d6:da:c1:c4:2c:5e:f1:cc:
69:de:92:a7:0a:8d:0a:75:85:aa:e6:51:76:a8:eb:3b:c9:ab:
9a:cd:00:c8:be:1c:13:14:39:d7:64:2b:86:80:9a:d5:97:98:
15:1e:1e:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUQSxNDSv5eHMX1Wj0Gp9KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmODkxZmYzNDc3ZWQ3ZmRhYWNmYWUyZTNmMGRmYTY0ZmQ5
MmFjMGMwHhcNMjIxMjE0MTEwMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDNjYjk4MmQxZTlmYmIyNmZhNjhkZWEzMTI0ZDc4NWJhYzU0YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku+XvSN/UM8x1r9cBPgVhyhkf0gd
I9653OxORqp3c0EisxZ650Fcq7LwJYi2cZZxZtW9X+hrkfHPZ/7fucg6oblqAdFz
IANi7eh12uvtz/6JjCPY5f7zYzPPJfATA4vFYfXAPvpFxUeHfwxfHX2bxeZHWKXM
2/IyIJV+52Jb2i2b6A1XFVvhANV+pbhzBAqTktW3XCyE8U42gSIo+/3yf1A7yXgS
HG/CTllQVdlWHG2g4QbxLVtSEjKDW1menLzam+1bZWZw1/gCh5uv0Np+gmXxOecE
Hkph4eiZ+xKNfVs/c8A6Yq008XJNK+arhmnJnvzLYQvjvg7NfJWP9ySO9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDA8uYLR6fuyb6aN6jEk14W6xUuoMB8GA1UdIwQY
MBaAFJ+JH/NHftf9qs+uLj8N+mT9kqwMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRrZjgwZC0xXzJxejY0dVB3MzZaUDJTckF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jNzc4MzMtMzFhZS00NDEyLWIwNDkt
NzBhNGE4ZDdjNDNmLzEvTUR5NWd0SHAtN0p2cG8zcU1TVFhoYnJGUzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jNzc4MzMtMzFhZS00NDEyLWIwNDktNzBhNGE4ZDdjNDNm
LzEvbjRrZjgwZC0xXzJxejY0dVB3MzZaUDJTckF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQFGMA0G
CSqGSIb3DQEBCwUAA4IBAQBAvEeu2zECvfIJrpe80PXHmBy/H5QzvEac2Qirre5l
29k+QknUM01Z85G8gUOI+c/aFUDSjdeegPpBCd8G0vhv2IJywRwgO/mjYH+6yJy8
H7xV641gH0raKsswB6x2ZTwYv8VJcw4Zt05+d/8YTmyXDaOk6/lv7d6pK5URSK3T
0UP+szKiUB6bpnYEpV8T93uE8CceYpw8rXSGatzjRxUHvuBfKVARKVPa45yTNqfT
qiXgmZd49OZR0Z2+1RtdzPNt3ph/pBLWVsLxwvTzKEqG1trBxCxe8cxp3pKnCo0K
dYWq5lF2qOs7yauazQDIvhwTFDnXZCuGgJrVl5gVHh52
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:34 2025 by rpki-client