Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/a23348-62cf-4afa-94fc-9dd8561caede/1/pMT3QjEGKyXp0LSgTmzRb5nsh4g.roa
File: pMT3QjEGKyXp0LSgTmzRb5nsh4g.roa (raw, json)
Hash identifier: RpVVSmr+mMV9eknGqu7sIMrM7EuGwbtYdhFgmN1b7UM=
Subject key identifier: A4:C4:F7:42:31:06:2B:25:E9:D0:B4:A0:4E:6C:D1:6F:99:EC:87:88
Certificate issuer: /CN=000a6718d539155c27300401f2c4667513eec5b1
Certificate serial: 01856DA65A614ADA30A231DD124C24A1E0CD
Authority key identifier: 00:0A:67:18:D5:39:15:5C:27:30:04:01:F2:C4:66:75:13:EE:C5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AApnGNU5FVwnMAQB8sRmdRPuxbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/a23348-62cf-4afa-94fc-9dd8561caede/1/pMT3QjEGKyXp0LSgTmzRb5nsh4g.roa
Signing time: Sun 01 Jan 2023 14:04:56 +0000
ROA not before: Sun 01 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49478
IP address blocks: 194.150.254.0/23 maxlen: 23
91.234.164.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:5a:61:4a:da:30:a2:31:dd:12:4c:24:a1:e0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=000a6718d539155c27300401f2c4667513eec5b1
Validity
Not Before: Jan 1 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4c4f74231062b25e9d0b4a04e6cd16f99ec8788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d4:93:a6:ab:22:dc:5e:54:e5:8d:c6:b0:ec:
41:3e:f7:a8:03:a6:c7:ee:3a:f5:c2:9e:10:31:81:
6a:2a:6b:40:3a:9e:10:f4:c3:20:6a:6a:07:e1:e6:
2a:13:96:79:50:5c:b2:ef:30:ea:8e:12:a7:a0:43:
fd:fc:7e:00:81:ac:87:71:06:2a:1d:b7:9e:bf:ac:
03:b1:1e:cd:bd:63:db:6d:b7:ba:63:f8:27:5d:e1:
d4:ea:3d:71:5d:1b:a7:68:28:3f:bc:1a:06:9b:33:
14:06:65:a2:2d:cf:16:dc:98:4f:02:b8:e7:c8:01:
52:82:c7:ca:fa:11:0d:c6:92:0b:bb:28:0e:46:a9:
6a:40:2f:1a:ee:a8:b9:b9:0c:34:a7:f2:da:b3:f9:
31:b1:64:47:56:d0:f3:9d:c1:c9:6f:b8:31:90:80:
ab:63:86:b9:f8:bd:0c:d6:44:fa:da:f1:e3:06:22:
57:a3:d2:5e:53:4b:71:d5:d8:9c:57:8b:e1:e2:23:
fd:a4:f7:b6:14:fe:5f:fa:32:55:33:30:75:f9:d3:
9b:7b:73:74:cc:37:b4:76:5d:20:b6:84:0e:de:5b:
df:1f:5a:50:c5:43:e2:62:4f:38:d3:d6:1c:91:69:
33:e8:89:4b:4c:81:fc:e9:ab:90:1c:c0:70:62:fd:
5a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C4:F7:42:31:06:2B:25:E9:D0:B4:A0:4E:6C:D1:6F:99:EC:87:88
X509v3 Authority Key Identifier:
keyid:00:0A:67:18:D5:39:15:5C:27:30:04:01:F2:C4:66:75:13:EE:C5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AApnGNU5FVwnMAQB8sRmdRPuxbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a23348-62cf-4afa-94fc-9dd8561caede/1/pMT3QjEGKyXp0LSgTmzRb5nsh4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a23348-62cf-4afa-94fc-9dd8561caede/1/AApnGNU5FVwnMAQB8sRmdRPuxbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.164.0/22
194.150.254.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:06:fd:17:25:b8:9d:20:02:48:0d:62:2f:64:a0:d8:8b:29:
e8:d7:1a:94:4f:40:70:ec:d7:e7:43:91:88:72:27:09:d9:63:
e9:4c:31:ef:ad:e9:ac:93:d2:b6:aa:75:1a:24:15:12:7c:ba:
ea:0f:8e:b2:a0:09:21:65:b9:0f:4b:7e:fa:a7:29:45:a7:f9:
34:d1:b7:5a:98:33:d0:f7:b6:7b:f7:5f:f6:cd:49:62:2a:1c:
9f:ca:ee:0b:8f:c0:af:ae:a8:dd:4b:ef:4d:73:35:01:35:ac:
d7:15:3a:42:62:63:42:ad:06:83:ed:89:36:4b:a6:41:1d:4c:
a1:c1:26:da:89:af:5a:22:1f:9e:67:29:fa:8b:e6:8c:fe:8f:
2f:8f:f8:dd:b8:4b:c5:4d:12:b4:ba:7c:15:55:b1:80:45:f9:
64:6d:bd:5c:75:70:fa:97:d3:12:84:79:e8:fc:41:00:60:12:
28:21:e2:8a:ff:92:fa:62:20:d3:09:42:b6:e8:36:7d:1e:14:
f2:8f:05:f8:22:27:2c:d2:6c:3b:b5:df:52:46:fd:c1:67:5c:
b8:d1:e7:81:e7:3f:95:47:28:3a:60:10:3f:09:72:f0:61:69:
88:e6:60:7f:64:fd:2d:1d:02:d6:07:dd:e6:dd:a9:d5:59:68:
ce:98:d3:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtplphStowojHdEkwkoeDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMGE2NzE4ZDUzOTE1NWMyNzMwMDQwMWYyYzQ2Njc1MTNl
ZWM1YjEwHhcNMjMwMTAxMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM0Zjc0MjMxMDYyYjI1ZTlkMGI0YTA0ZTZjZDE2Zjk5ZWM4Nzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dSTpqsi3F5U5Y3GsOxBPveoA6bH
7jr1wp4QMYFqKmtAOp4Q9MMgamoH4eYqE5Z5UFyy7zDqjhKnoEP9/H4AgayHcQYq
Hbeev6wDsR7NvWPbbbe6Y/gnXeHU6j1xXRunaCg/vBoGmzMUBmWiLc8W3JhPArjn
yAFSgsfK+hENxpILuygORqlqQC8a7qi5uQw0p/Las/kxsWRHVtDzncHJb7gxkICr
Y4a5+L0M1kT62vHjBiJXo9JeU0tx1dicV4vh4iP9pPe2FP5f+jJVMzB1+dObe3N0
zDe0dl0gtoQO3lvfH1pQxUPiYk8409YckWkz6IlLTIH86auQHMBwYv1a9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTE90IxBisl6dC0oE5s0W+Z7IeIMB8GA1UdIwQY
MBaAFAAKZxjVORVcJzAEAfLEZnUT7sWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFwbkdOVTVGVnduTUFRQjhzUm1kUlB1eGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hMjMzNDgtNjJjZi00YWZhLTk0ZmMt
OWRkODU2MWNhZWRlLzEvcE1UM1FqRUdLeVhwMExTZ1RtelJiNW5zaDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hMjMzNDgtNjJjZi00YWZhLTk0ZmMtOWRkODU2MWNhZWRl
LzEvQUFwbkdOVTVGVnduTUFRQjhzUm1kUlB1eGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+qkAwQB
wpb+MA0GCSqGSIb3DQEBCwUAA4IBAQCwBv0XJbidIAJIDWIvZKDYiyno1xqUT0Bw
7NfnQ5GIcicJ2WPpTDHvremsk9K2qnUaJBUSfLrqD46yoAkhZbkPS376pylFp/k0
0bdamDPQ97Z791/2zUliKhyfyu4Lj8CvrqjdS+9NczUBNazXFTpCYmNCrQaD7Yk2
S6ZBHUyhwSbaia9aIh+eZyn6i+aM/o8vj/jduEvFTRK0unwVVbGARflkbb1cdXD6
l9MShHno/EEAYBIoIeKK/5L6YiDTCUK26DZ9HhTyjwX4Iics0mw7td9SRv3BZ1y4
0eeB5z+VRyg6YBA/CXLwYWmI5mB/ZP0tHQLWB93m3anVWWjOmNMI
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:32 2025 by rpki-client