Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/MR3fRCss7t44aEq7rf7FecDaNG0.roa
File: MR3fRCss7t44aEq7rf7FecDaNG0.roa (raw, json)
Hash identifier: eAC1yS9n1II5nHDVvYlPt5u+28qmjsLmdjEGlTztn5I=
Subject key identifier: 31:1D:DF:44:2B:2C:EE:DE:38:68:4A:BB:AD:FE:C5:79:C0:DA:34:6D
Certificate issuer: /CN=6d5be666d804d0f8b387fc62209d13006c6644aa
Certificate serial: 0380CD63
Authority key identifier: 6D:5B:E6:66:D8:04:D0:F8:B3:87:FC:62:20:9D:13:00:6C:66:44:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/MR3fRCss7t44aEq7rf7FecDaNG0.roa
Signing time: Sat 01 Jan 2022 06:59:09 +0000
ROA not before: Sat 01 Jan 2022 06:59:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43442
IP address blocks: 185.224.188.0/22 maxlen: 22
2001:678:424::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58772835 (0x380cd63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d5be666d804d0f8b387fc62209d13006c6644aa
Validity
Not Before: Jan 1 06:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=311ddf442b2ceede38684abbadfec579c0da346d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:66:bb:92:ce:af:65:05:44:2c:74:a2:23:1d:
d8:d1:6c:83:5e:db:e1:4f:00:ec:30:ea:14:47:f8:
62:54:80:c8:ef:72:6d:0b:2f:df:1f:eb:3b:8d:fd:
ae:f9:90:1c:06:94:11:82:b5:6f:06:ca:06:1a:d1:
d8:06:0e:e3:c2:d0:fd:db:c5:06:fe:42:ea:40:b4:
1d:5f:d6:41:d9:57:f6:e0:a8:42:d6:20:12:c4:c6:
6f:e5:1f:b4:1e:c8:17:41:83:ac:4a:ca:d1:6b:d0:
da:c1:f4:a8:ee:30:63:0a:d0:96:4c:02:c2:eb:71:
a8:ea:e8:48:ef:07:09:a7:f0:4b:d8:ee:8a:85:a3:
8f:87:f9:08:af:55:49:08:12:6a:80:cf:5a:ab:06:
c8:5b:a4:f6:36:3e:5d:5b:a4:a7:3b:51:80:2d:62:
66:35:3d:15:0b:8d:82:a5:6d:93:1c:7f:87:1a:cd:
c2:5e:df:ac:f7:8b:27:26:95:e0:35:18:1c:9c:75:
bf:31:fd:55:68:82:40:19:79:a0:55:9a:bb:53:55:
fe:b1:f0:f2:74:3b:0c:f0:1f:90:dd:b2:d3:2a:98:
c0:3e:52:6d:94:d6:9f:db:d7:9c:20:22:b6:86:d1:
5e:0c:14:08:63:0e:45:03:a0:35:41:cb:29:d4:99:
f1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1D:DF:44:2B:2C:EE:DE:38:68:4A:BB:AD:FE:C5:79:C0:DA:34:6D
X509v3 Authority Key Identifier:
keyid:6D:5B:E6:66:D8:04:D0:F8:B3:87:FC:62:20:9D:13:00:6C:66:44:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/MR3fRCss7t44aEq7rf7FecDaNG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/523ef6-2743-413d-b41d-6af655a5494b/1/bVvmZtgE0Pizh_xiIJ0TAGxmRKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.188.0/22
IPv6:
2001:678:424::/48
Signature Algorithm: sha256WithRSAEncryption
45:1a:35:aa:85:2f:03:d9:25:ad:f1:d9:7d:9d:e1:4e:7e:bf:
d0:96:e4:69:f2:40:16:8f:76:04:d8:30:ea:03:2f:53:75:cb:
1c:65:de:d9:df:8d:3b:4e:e1:79:ff:a2:96:7c:f7:05:91:82:
f9:fa:2f:8e:6b:7f:98:1d:8f:03:2f:41:74:28:ec:14:51:f0:
bb:52:ba:c6:0d:e1:65:59:dd:53:a9:9f:7f:d1:f1:60:e8:57:
58:d9:6a:c3:30:14:78:15:a3:e7:c2:87:b8:f0:1e:de:c6:2b:
8f:a8:b0:6e:67:c2:49:0e:69:74:80:43:31:20:dc:85:36:43:
01:4f:f6:8d:d4:f0:aa:a6:2b:c9:dc:c4:45:f4:fd:ce:05:f5:
89:27:5f:88:5e:7e:6e:f7:69:49:9f:a7:07:a6:b4:90:c8:05:
19:54:23:47:f0:b4:79:33:77:e5:9e:35:2e:f7:01:e5:c7:f1:
0a:f6:58:0f:a1:09:47:ee:76:ad:11:f8:8e:ee:7b:5d:24:79:
fa:38:5d:ca:bf:ea:3d:8f:7e:21:4b:9b:a7:01:a1:f2:02:c7:
a8:5c:ac:ad:ea:7c:a0:44:5c:84:b8:fa:c8:06:b0:68:75:c4:
9d:0b:3f:b0:8e:28:8c:a4:e6:9d:00:20:0e:f1:af:5e:10:59:
85:c9:42:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA4DNYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDViZTY2NmQ4MDRkMGY4YjM4N2ZjNjIyMDlkMTMwMDZjNjY0NGFhMB4XDTIyMDEw
MTA2NTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzExZGRmNDQyYjJj
ZWVkZTM4Njg0YWJiYWRmZWM1NzljMGRhMzQ2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhmu5LOr2UFRCx0oiMd2NFsg17b4U8A7DDqFEf4YlSAyO9y
bQsv3x/rO439rvmQHAaUEYK1bwbKBhrR2AYO48LQ/dvFBv5C6kC0HV/WQdlX9uCo
QtYgEsTGb+UftB7IF0GDrErK0WvQ2sH0qO4wYwrQlkwCwutxqOroSO8HCafwS9ju
ioWjj4f5CK9VSQgSaoDPWqsGyFuk9jY+XVukpztRgC1iZjU9FQuNgqVtkxx/hxrN
wl7frPeLJyaV4DUYHJx1vzH9VWiCQBl5oFWau1NV/rHw8nQ7DPAfkN2y0yqYwD5S
bZTWn9vXnCAitobRXgwUCGMORQOgNUHLKdSZ8X8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQxHd9EKyzu3jhoSrut/sV5wNo0bTAfBgNVHSMEGDAWgBRtW+Zm2ATQ+LOH
/GIgnRMAbGZEqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JWdm1adGdFMFBpemhfeGlJSjBUQUd4bVJLby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvNTIzZWY2LTI3NDMtNDEzZC1iNDFkLTZhZjY1NWE1NDk0Yi8x
L01SM2ZSQ3NzN3Q0NGFFcTdyZjdGZWNEYU5HMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
NTIzZWY2LTI3NDMtNDEzZC1iNDFkLTZhZjY1NWE1NDk0Yi8xL2JWdm1adGdFMFBp
emhfeGlJSjBUQUd4bVJLby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArngvDAPBAIAAjAJAwcAIAEGeAQk
MA0GCSqGSIb3DQEBCwUAA4IBAQBFGjWqhS8D2SWt8dl9neFOfr/QluRp8kAWj3YE
2DDqAy9TdcscZd7Z3407TuF5/6KWfPcFkYL5+i+Oa3+YHY8DL0F0KOwUUfC7UrrG
DeFlWd1TqZ9/0fFg6FdY2WrDMBR4FaPnwoe48B7exiuPqLBuZ8JJDml0gEMxINyF
NkMBT/aN1PCqpivJ3MRF9P3OBfWJJ1+IXn5u92lJn6cHprSQyAUZVCNH8LR5M3fl
njUu9wHlx/EK9lgPoQlH7natEfiO7ntdJHn6OF3Kv+o9j34hS5unAaHyAseoXKyt
6nygRFyEuPrIBrBodcSdCz+wjiiMpOadACAO8a9eEFmFyUKW
-----END CERTIFICATE-----
Generated at Mon May 12 11:25:37 2025 by rpki-client