Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/bd431a-9706-4f38-800b-2a685f78b29d/1/mpv-6RIn1yUOgCLL24-GJn1iBA4.roa
File: mpv-6RIn1yUOgCLL24-GJn1iBA4.roa (raw, json)
Hash identifier: N6xFY7l5zeDF4XfY9qJGRVWEBzDnW9NkUzGty9cJo1Q=
Subject key identifier: 9A:9B:FE:E9:12:27:D7:25:0E:80:22:CB:DB:8F:86:26:7D:62:04:0E
Certificate issuer: /CN=d02013f3548be3dcb3dca18d4fc93789f44f03bf
Certificate serial: 12CE05EF
Authority key identifier: D0:20:13:F3:54:8B:E3:DC:B3:DC:A1:8D:4F:C9:37:89:F4:4F:03:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0CAT81SL49yz3KGNT8k3ifRPA78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/bd431a-9706-4f38-800b-2a685f78b29d/1/mpv-6RIn1yUOgCLL24-GJn1iBA4.roa
Signing time: Sat 01 Jan 2022 02:54:54 +0000
ROA not before: Sat 01 Jan 2022 02:54:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47896
IP address blocks: 185.143.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315491823 (0x12ce05ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d02013f3548be3dcb3dca18d4fc93789f44f03bf
Validity
Not Before: Jan 1 02:54:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a9bfee91227d7250e8022cbdb8f86267d62040e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:92:e6:56:82:a8:bf:bf:ea:7b:5e:e3:f6:
f6:d8:70:6d:86:8b:9f:70:5a:5e:41:47:78:94:56:
cd:3f:fc:dd:4c:4f:b0:77:df:00:53:02:90:50:64:
82:ca:d0:56:48:46:c6:e7:e3:6c:12:54:0c:93:c8:
0d:c4:ee:3c:d1:62:c1:d0:c8:d4:20:dc:99:2b:f2:
8e:15:56:d1:6c:b5:af:ba:c7:de:4c:47:f8:30:56:
74:80:51:e0:54:d8:3a:5b:46:84:93:71:7e:9a:87:
bf:f7:21:d1:78:83:59:26:18:54:12:0d:a6:87:9e:
a1:a8:19:db:a6:fb:29:74:20:50:84:d4:fb:67:91:
cf:08:c5:c1:81:bc:1a:57:e1:ae:5f:12:eb:b3:9b:
af:80:a2:54:f3:29:33:5e:b7:68:ae:eb:3a:30:0c:
7e:ff:75:1c:1c:dc:a7:96:10:3c:af:55:0d:10:59:
93:8b:40:14:1e:f5:be:32:8a:b9:70:74:d7:0b:dd:
42:fe:bd:e7:fe:75:b8:3c:b3:ea:6c:36:39:ec:f5:
88:1c:d1:ca:e0:6f:26:f7:24:9d:00:c4:53:13:01:
65:63:91:01:b1:bc:b4:a0:8e:9d:9f:a0:62:da:6b:
c8:e3:15:3c:cf:36:44:3f:26:44:85:0a:d5:ff:c2:
2e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9B:FE:E9:12:27:D7:25:0E:80:22:CB:DB:8F:86:26:7D:62:04:0E
X509v3 Authority Key Identifier:
keyid:D0:20:13:F3:54:8B:E3:DC:B3:DC:A1:8D:4F:C9:37:89:F4:4F:03:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0CAT81SL49yz3KGNT8k3ifRPA78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/bd431a-9706-4f38-800b-2a685f78b29d/1/mpv-6RIn1yUOgCLL24-GJn1iBA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/bd431a-9706-4f38-800b-2a685f78b29d/1/0CAT81SL49yz3KGNT8k3ifRPA78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.116.0/22
Signature Algorithm: sha256WithRSAEncryption
16:9f:21:ef:1e:20:6f:d4:c4:1d:8c:f5:fa:f7:fe:05:29:8c:
6f:5f:40:62:33:c1:03:7e:87:e7:51:e9:fd:9a:a7:9e:89:c8:
a6:b7:c4:c1:eb:c9:a5:50:8d:99:f2:8c:cc:3c:a0:73:5e:99:
18:9b:11:91:eb:e6:96:cd:10:c3:ce:ff:27:bb:93:52:20:42:
c9:b4:aa:ac:0b:97:9e:49:50:eb:34:80:3d:20:01:76:51:8d:
1e:5d:0a:f6:97:0e:9c:2c:2b:06:67:83:a0:7c:58:ce:d1:00:
48:41:b6:f0:a3:a7:17:38:60:bf:63:f6:8e:16:dc:32:77:bf:
b2:54:6b:91:ae:bb:3b:fb:4b:32:d3:5f:49:95:2b:24:9a:72:
3a:26:1d:1b:52:ad:d6:7a:34:56:3d:9b:c8:27:d7:13:ff:b2:
6e:45:e9:dc:c3:ab:d5:92:b3:14:b7:dd:92:9d:f0:5d:c3:d5:
25:2b:85:5d:14:95:a5:7f:4f:9d:8e:01:84:7a:4a:dc:75:e8:
68:37:15:8f:e3:df:d1:6b:83:55:8a:24:3e:a3:dc:d0:1a:ff:
0f:69:9e:a1:8f:8b:51:a7:1c:0a:be:e4:90:f8:cc:8d:57:b6:
41:44:ed:22:d7:d8:04:9b:16:32:12:ab:64:29:ec:68:65:64:
3e:34:47:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEs4F7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDIwMTNmMzU0OGJlM2RjYjNkY2ExOGQ0ZmM5Mzc4OWY0NGYwM2JmMB4XDTIyMDEw
MTAyNTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE5YmZlZTkxMjI3
ZDcyNTBlODAyMmNiZGI4Zjg2MjY3ZDYyMDQwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALY3kuZWgqi/v+p7XuP29thwbYaLn3BaXkFHeJRWzT/83UxP
sHffAFMCkFBkgsrQVkhGxufjbBJUDJPIDcTuPNFiwdDI1CDcmSvyjhVW0Wy1r7rH
3kxH+DBWdIBR4FTYOltGhJNxfpqHv/ch0XiDWSYYVBINpoeeoagZ26b7KXQgUITU
+2eRzwjFwYG8Glfhrl8S67Obr4CiVPMpM163aK7rOjAMfv91HBzcp5YQPK9VDRBZ
k4tAFB71vjKKuXB01wvdQv695/51uDyz6mw2Oez1iBzRyuBvJvcknQDEUxMBZWOR
AbG8tKCOnZ+gYtpryOMVPM82RD8mRIUK1f/CLhcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSam/7pEifXJQ6AIsvbj4YmfWIEDjAfBgNVHSMEGDAWgBTQIBPzVIvj3LPc
oY1PyTeJ9E8DvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBDQVQ4MVNMNDl5ejNLR05UOGszaWZSUEE3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvYmQ0MzFhLTk3MDYtNGYzOC04MDBiLTJhNjg1Zjc4YjI5ZC8x
L21wdi02UkluMXlVT2dDTEwyNC1HSm4xaUJBNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
YmQ0MzFhLTk3MDYtNGYzOC04MDBiLTJhNjg1Zjc4YjI5ZC8xLzBDQVQ4MVNMNDl5
ejNLR05UOGszaWZSUEE3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPdDANBgkqhkiG9w0BAQsFAAOC
AQEAFp8h7x4gb9TEHYz1+vf+BSmMb19AYjPBA36H51Hp/ZqnnonIprfEwevJpVCN
mfKMzDygc16ZGJsRkevmls0Qw87/J7uTUiBCybSqrAuXnklQ6zSAPSABdlGNHl0K
9pcOnCwrBmeDoHxYztEASEG28KOnFzhgv2P2jhbcMne/slRrka67O/tLMtNfSZUr
JJpyOiYdG1Kt1no0Vj2byCfXE/+ybkXp3MOr1ZKzFLfdkp3wXcPVJSuFXRSVpX9P
nY4BhHpK3HXoaDcVj+Pf0WuDVYokPqPc0Br/D2meoY+LUaccCr7kkPjMjVe2QUTt
ItfYBJsWMhKrZCnsaGVkPjRHJw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:54 2025 by rpki-client