Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/mpVwyM-Sc39DAjbe7G7HXKSz4n8.roa
File: mpVwyM-Sc39DAjbe7G7HXKSz4n8.roa (raw, json)
Hash identifier: XhKh6S/5RaJmlc0LoAPuDZ3CyibnFywMt74RNdqoCMo=
Subject key identifier: 9A:95:70:C8:CF:92:73:7F:43:02:36:DE:EC:6E:C7:5C:A4:B3:E2:7F
Certificate issuer: /CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Certificate serial: 01848482545A7C39C69974B172EBC7A8CA23
Authority key identifier: 00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/mpVwyM-Sc39DAjbe7G7HXKSz4n8.roa
Signing time: Thu 17 Nov 2022 07:34:04 +0000
ROA not before: Thu 17 Nov 2022 07:34:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9007
IP address blocks: 192.166.160.0/19 maxlen: 19
192.166.160.0/20 maxlen: 20
2a04:7680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:82:54:5a:7c:39:c6:99:74:b1:72:eb:c7:a8:ca:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Validity
Not Before: Nov 17 07:34:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a9570c8cf92737f430236deec6ec75ca4b3e27f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c3:37:fe:d1:e8:91:6d:07:24:26:d6:aa:ee:
ff:b2:ff:ab:b4:e9:db:95:3f:fa:f2:1e:39:ad:05:
a5:9d:5c:2f:2b:97:81:2d:6f:53:a6:d4:51:ae:91:
45:52:a6:3b:a1:e4:77:c1:cd:c4:fa:10:f0:ce:e5:
62:de:a1:e7:eb:bb:a4:16:50:cb:11:28:79:e0:64:
95:3d:4a:68:d5:cf:75:82:be:51:4a:3b:67:54:06:
1c:6f:a6:b0:2a:34:b1:90:b8:7a:9f:3d:04:a1:2e:
07:e0:09:00:5f:0a:f3:3f:07:61:56:73:38:79:05:
a2:da:fb:c4:7a:99:6b:5d:32:ea:84:e9:89:0e:fa:
7c:c5:cf:a9:cb:90:62:38:51:5e:76:5f:a1:b5:8e:
91:b6:aa:d3:2a:2b:11:74:bc:8f:0f:71:c4:d8:1b:
6d:84:dc:16:71:f0:47:66:03:37:b9:8e:d7:c6:15:
29:ea:93:85:12:f6:aa:b4:c4:24:25:d7:68:fe:16:
2e:9f:9e:a5:4e:c8:53:85:3e:c9:2d:52:68:c4:fc:
65:e6:68:b0:3e:f3:23:a6:b5:fe:8d:09:bc:1a:98:
fe:59:05:34:21:14:8a:fb:07:f1:6d:ae:77:b6:6b:
25:47:8a:29:de:16:0f:98:ec:22:7e:55:0c:5c:2c:
af:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:95:70:C8:CF:92:73:7F:43:02:36:DE:EC:6E:C7:5C:A4:B3:E2:7F
X509v3 Authority Key Identifier:
keyid:00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/mpVwyM-Sc39DAjbe7G7HXKSz4n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/AK1tg8gINynXqdhXHWXOl-BYuCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.160.0/19
IPv6:
2a04:7680::/29
Signature Algorithm: sha256WithRSAEncryption
1e:d6:8e:0e:68:31:57:a2:47:2c:7b:27:59:3b:8c:27:6b:ca:
c5:b0:40:05:0f:48:8d:32:e1:d7:45:78:c1:6d:2a:c0:25:06:
c2:cd:42:4b:82:17:a3:2f:36:8a:6c:9a:0a:c4:36:e9:0c:33:
c9:f7:b4:14:62:70:18:f3:47:6d:dc:8f:ad:ef:a9:9d:2d:c3:
dd:ec:d5:a9:7d:e8:9c:ca:6d:8f:d0:35:e6:78:fe:bb:f9:92:
bf:3d:51:1f:9e:57:b0:57:f8:b8:84:4e:5d:f8:0a:c1:ad:41:
99:ba:6b:ae:54:86:73:26:1e:d0:15:b6:27:50:de:19:4f:ea:
d8:2d:e0:ec:be:49:90:23:03:30:02:3d:1a:37:bf:1c:1d:5f:
44:e9:97:d5:5f:f8:b9:90:3f:f8:b2:57:1e:f3:45:35:c9:16:
47:09:d9:d4:ae:61:e2:46:b8:cb:e4:1a:91:24:99:83:d1:3b:
10:60:90:38:e9:15:f2:2d:83:45:83:28:2e:39:bd:a0:57:c2:
e5:a1:e3:db:d2:eb:f6:3b:8c:1f:60:38:c3:d0:7a:b8:7a:a2:
bf:7c:b6:a3:fb:d3:e6:ac:e8:ed:6e:e9:ec:46:20:e8:63:f3:
da:cf:28:45:10:e7:24:64:4d:e8:50:06:d8:e4:4b:95:d7:26:
87:02:96:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSEglRafDnGmXSxcuvHqMojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWQ2ZDgzYzgwODM3MjlkN2E5ZDg1NzFkNjVjZTk3ZTA1
OGI4MjEwHhcNMjIxMTE3MDczNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk1NzBjOGNmOTI3MzdmNDMwMjM2ZGVlYzZlYzc1Y2E0YjNlMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcM3/tHokW0HJCbWqu7/sv+rtOnb
lT/68h45rQWlnVwvK5eBLW9TptRRrpFFUqY7oeR3wc3E+hDwzuVi3qHn67ukFlDL
ESh54GSVPUpo1c91gr5RSjtnVAYcb6awKjSxkLh6nz0EoS4H4AkAXwrzPwdhVnM4
eQWi2vvEeplrXTLqhOmJDvp8xc+py5BiOFFedl+htY6RtqrTKisRdLyPD3HE2Btt
hNwWcfBHZgM3uY7XxhUp6pOFEvaqtMQkJddo/hYun56lTshThT7JLVJoxPxl5miw
PvMjprX+jQm8Gpj+WQU0IRSK+wfxba53tmslR4op3hYPmOwiflUMXCyvhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJqVcMjPknN/QwI23uxux1yks+J/MB8GA1UdIwQY
MBaAFACtbYPICDcp16nYVx1lzpfgWLghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjkt
YTU1Zjc3YjgzZTZiLzEvbXBWd3lNLVNjMzlEQWpiZTdHN0hYS1N6NG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjktYTU1Zjc3YjgzZTZi
LzEvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwKagMA0E
AgACMAcDBQMqBHaAMA0GCSqGSIb3DQEBCwUAA4IBAQAe1o4OaDFXokcseydZO4wn
a8rFsEAFD0iNMuHXRXjBbSrAJQbCzUJLghejLzaKbJoKxDbpDDPJ97QUYnAY80dt
3I+t76mdLcPd7NWpfeicym2P0DXmeP67+ZK/PVEfnlewV/i4hE5d+ArBrUGZumuu
VIZzJh7QFbYnUN4ZT+rYLeDsvkmQIwMwAj0aN78cHV9E6ZfVX/i5kD/4slce80U1
yRZHCdnUrmHiRrjL5BqRJJmD0TsQYJA46RXyLYNFgyguOb2gV8LloePb0uv2O4wf
YDjD0Hq4eqK/fLaj+9PmrOjtbunsRiDoY/PazyhFEOckZE3oUAbY5EuV1yaHApYd
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:58 2023 by rpki-client on console.sobornost.net