Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/MnI1xU1szIod63lPKcopdfLpraU.roa
File: MnI1xU1szIod63lPKcopdfLpraU.roa (raw, json)
Hash identifier: 4VC0YJgu0SGQNJfQ71BDYb2E1+Pd4i0UMfYNZsDiKwg=
Subject key identifier: 32:72:35:C5:4D:6C:CC:8A:1D:EB:79:4F:29:CA:29:75:F2:E9:AD:A5
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 018573039EDD590D724C0C5029622945F9D1
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/MnI1xU1szIod63lPKcopdfLpraU.roa
Signing time: Mon 02 Jan 2023 15:04:55 +0000
ROA not before: Mon 02 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203902
IP address blocks: 198.52.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:9e:dd:59:0d:72:4c:0c:50:29:62:29:45:f9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 2 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=327235c54d6ccc8a1deb794f29ca2975f2e9ada5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:76:c1:b2:5c:d4:97:ce:33:95:1f:cc:98:6d:
4f:45:04:97:0c:42:df:1c:9f:95:ba:21:b0:b2:63:
11:9b:15:30:64:ec:9c:85:2d:67:e0:b2:f6:1a:d5:
82:fc:34:83:17:a7:b6:15:36:8c:98:ef:16:5c:83:
09:fb:3e:2a:96:98:85:48:1b:67:6d:41:69:54:d7:
46:1b:53:d1:de:6a:3f:8e:8d:54:bb:0b:80:98:c4:
4c:8e:64:56:2e:79:e8:0e:cc:05:d7:a9:dc:a2:2b:
8a:2e:e7:fe:a9:29:93:ef:be:87:17:a0:08:40:11:
20:a3:74:bf:be:11:7f:11:84:eb:20:64:28:e0:b6:
03:da:e7:5d:f0:a7:88:a2:48:4d:c4:01:40:82:c4:
62:66:d5:7c:b4:37:09:38:37:ce:ce:2f:45:4f:db:
7b:c5:99:6c:34:69:75:61:53:85:76:53:12:23:e0:
d6:bf:2b:cf:37:3f:f0:0c:49:20:5a:b4:fb:2e:6a:
0a:ce:58:b2:22:88:f6:d4:e6:9e:8f:03:4b:43:28:
13:c1:2b:d6:a6:e2:c0:5b:d8:48:a0:35:40:93:47:
8c:f2:f8:fb:84:b1:97:ab:b0:f0:cc:44:de:bc:68:
97:91:d9:f2:d2:5f:50:00:7d:ed:70:b8:4f:ec:3f:
ad:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:72:35:C5:4D:6C:CC:8A:1D:EB:79:4F:29:CA:29:75:F2:E9:AD:A5
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/MnI1xU1szIod63lPKcopdfLpraU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.52.44.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ff:46:12:12:5f:2e:a7:ef:69:2c:4f:46:6b:95:99:c5:6a:
3c:16:6f:4f:cf:fe:67:4d:d2:ad:6f:f8:80:5b:32:b0:04:72:
1d:02:cf:09:39:64:98:1d:a8:db:c3:45:94:55:fa:59:bf:54:
84:b3:12:90:12:3b:70:41:1b:dc:a9:b5:be:3c:51:fa:9d:a2:
f0:54:2d:a2:19:51:9d:f1:38:d3:dd:e7:53:b1:9d:6e:30:cf:
20:d8:46:3a:92:ca:7e:1f:80:c4:e5:da:35:6f:ac:ef:67:b1:
ea:d2:0f:84:2e:1b:91:e6:98:f7:e5:41:41:67:c4:66:ad:8f:
56:1a:56:84:b0:8b:1a:66:7a:85:5d:ee:3e:ac:0a:9e:50:bc:
f8:fa:43:bd:59:9b:a0:c1:92:d7:84:61:e2:b6:4b:e5:c8:ff:
40:2f:4d:c7:db:ad:7a:b5:a8:21:40:59:15:48:9f:fb:a9:e3:
ae:73:63:c5:c2:5d:89:57:c9:41:c4:c6:96:93:1a:b3:ac:67:
3f:4f:1e:97:ea:93:27:93:57:4d:35:30:da:ee:8b:17:4a:a2:
d9:c4:89:7c:9e:b7:7c:71:ca:3e:cb:2c:45:05:2a:d0:e5:93:
1b:bb:8b:24:f1:17:06:3d:7a:e3:4a:65:7d:0e:d2:f7:16:13:
c9:b0:f1:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA57dWQ1yTAxQKWIpRfnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWYwYjczZTY3ZDYzYzVhNGM5MDQ2ODE0MTY2YTllMjE2
MjVmMjgwHhcNMjMwMTAyMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjcyMzVjNTRkNmNjYzhhMWRlYjc5NGYyOWNhMjk3NWYyZTlhZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinbBslzUl84zlR/MmG1PRQSXDELf
HJ+VuiGwsmMRmxUwZOychS1n4LL2GtWC/DSDF6e2FTaMmO8WXIMJ+z4qlpiFSBtn
bUFpVNdGG1PR3mo/jo1UuwuAmMRMjmRWLnnoDswF16ncoiuKLuf+qSmT776HF6AI
QBEgo3S/vhF/EYTrIGQo4LYD2udd8KeIokhNxAFAgsRiZtV8tDcJODfOzi9FT9t7
xZlsNGl1YVOFdlMSI+DWvyvPNz/wDEkgWrT7LmoKzliyIoj21OaejwNLQygTwSvW
puLAW9hIoDVAk0eM8vj7hLGXq7DwzETevGiXkdny0l9QAH3tcLhP7D+twwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJyNcVNbMyKHet5TynKKXXy6a2lMB8GA1UdIwQY
MBaAFCkfC3PmfWPFpMkEaBQWap4hYl8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQt
MzhlZThmZDY0ZTdkLzEvTW5JMXhVMXN6SW9kNjNsUEtjb3BkZkxwcmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQtMzhlZThmZDY0ZTdk
LzEvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxjQsMA0G
CSqGSIb3DQEBCwUAA4IBAQBW/0YSEl8up+9pLE9Ga5WZxWo8Fm9Pz/5nTdKtb/iA
WzKwBHIdAs8JOWSYHajbw0WUVfpZv1SEsxKQEjtwQRvcqbW+PFH6naLwVC2iGVGd
8TjT3edTsZ1uMM8g2EY6ksp+H4DE5do1b6zvZ7Hq0g+ELhuR5pj35UFBZ8RmrY9W
GlaEsIsaZnqFXe4+rAqeULz4+kO9WZugwZLXhGHitkvlyP9AL03H2616taghQFkV
SJ/7qeOuc2PFwl2JV8lBxMaWkxqzrGc/Tx6X6pMnk1dNNTDa7osXSqLZxIl8nrd8
cco+yyxFBSrQ5ZMbu4sk8RcGPXrjSmV9DtL3FhPJsPEt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:05 2025 by rpki-client