Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MEBH-_0H44O8nqKZtmxsZI6Pwsk.roa
File: MEBH-_0H44O8nqKZtmxsZI6Pwsk.roa (raw, json)
Hash identifier: tQykf1fZ6R/Eo1A1ScdoK91w0LTYgPVNdpEeQRNM5Uw=
Subject key identifier: 30:40:47:FB:FD:07:E3:83:BC:9E:A2:99:B6:6C:6C:64:8E:8F:C2:C9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAF7F2F18C747C5B82216FAF2027B3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MEBH-_0H44O8nqKZtmxsZI6Pwsk.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211444
IP address blocks: 2a0f:e1c6::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f7:f2:f1:8c:74:7c:5b:82:21:6f:af:20:27:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=304047fbfd07e383bc9ea299b66c6c648e8fc2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:73:40:e9:37:b8:46:cb:90:b9:70:d9:46:d7:
5f:6b:27:bb:87:12:51:a4:3a:b9:5b:b5:c8:fd:e3:
9b:0c:2a:1f:e9:db:bd:94:bf:c3:a8:1b:2f:16:10:
ae:d9:b9:72:4c:79:ee:04:84:9b:9f:6e:7d:d0:8f:
7a:ba:d0:7d:b5:17:3b:47:12:8b:e0:b9:f1:62:f8:
a6:75:08:79:8e:c6:dd:06:03:09:2f:1d:ec:aa:6f:
2d:cb:01:16:09:8c:c0:d0:a6:08:a2:7c:04:76:fd:
d2:d4:07:46:46:5b:eb:ab:22:13:2a:29:b8:95:af:
df:c9:5b:47:64:1f:79:b9:1a:55:83:8a:9e:83:8c:
95:a8:32:e7:49:ca:84:10:64:0b:80:35:a1:96:44:
12:59:7b:b9:be:65:45:c2:f0:77:6d:e1:b2:11:cf:
d3:52:88:24:57:32:b3:48:03:35:09:25:81:6f:15:
3a:52:45:ab:5d:c5:1b:5c:dc:75:1c:19:5e:8c:c9:
c2:c9:3c:cf:7a:f1:0c:01:5b:93:15:fb:24:0f:7e:
09:b6:70:52:76:20:60:7e:90:98:b8:ee:cb:9d:dd:
14:2a:33:fe:78:54:7c:d2:21:d4:06:f1:78:f5:c0:
e9:8e:09:83:80:9c:6f:7c:e9:f8:8b:c1:2c:d5:81:
30:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:40:47:FB:FD:07:E3:83:BC:9E:A2:99:B6:6C:6C:64:8E:8F:C2:C9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MEBH-_0H44O8nqKZtmxsZI6Pwsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c6::/32
Signature Algorithm: sha256WithRSAEncryption
bd:74:b2:40:50:e0:90:a1:7a:08:5e:18:83:70:bd:22:80:9f:
e0:c4:2e:62:09:0d:7f:ca:18:b1:3b:70:ac:63:73:c3:75:11:
7e:6c:ce:7d:d5:af:9d:5d:10:f0:7c:b3:f5:2a:60:97:67:43:
ec:0e:82:c0:ef:04:ad:f2:3f:08:f3:45:43:1b:64:46:66:af:
d3:00:7c:32:79:67:c0:00:b6:94:89:f2:3d:0d:cf:74:9d:a1:
2f:02:51:cc:96:aa:0a:52:95:d9:e0:ff:4b:7c:7e:42:96:56:
f0:c6:c2:7d:11:b1:33:d3:a1:53:61:46:c4:86:3f:b4:b2:3d:
bd:02:86:7c:91:cf:62:78:be:33:de:c7:53:6c:03:66:2a:5a:
a2:ea:75:77:6b:69:6e:d8:3e:ca:b3:ac:d0:41:04:1f:f8:74:
b3:b1:72:d4:51:fe:5c:5c:4e:16:de:5a:95:59:92:b1:66:30:
c3:0b:79:97:08:53:a2:5b:67:96:3e:d2:e8:cc:88:6e:6b:73:
8a:e8:cc:6c:3f:b0:ca:bd:00:ea:36:19:4c:12:7d:c1:35:7a:
b1:a3:0a:8c:ac:2e:a5:dc:9f:93:64:e8:97:3e:5a:51:10:35:
6e:f5:a4:82:ab:ba:2e:e5:69:40:84:52:c5:89:34:9d:70:87:
14:e4:16:12
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtyvfy8Yx0fFuCIW+vICezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQwNDdmYmZkMDdlMzgzYmM5ZWEyOTliNjZjNmM2NDhlOGZjMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3NA6Te4RsuQuXDZRtdfaye7hxJR
pDq5W7XI/eObDCof6du9lL/DqBsvFhCu2blyTHnuBISbn2590I96utB9tRc7RxKL
4LnxYvimdQh5jsbdBgMJLx3sqm8tywEWCYzA0KYIonwEdv3S1AdGRlvrqyITKim4
la/fyVtHZB95uRpVg4qeg4yVqDLnScqEEGQLgDWhlkQSWXu5vmVFwvB3beGyEc/T
UogkVzKzSAM1CSWBbxU6UkWrXcUbXNx1HBlejMnCyTzPevEMAVuTFfskD34JtnBS
diBgfpCYuO7Lnd0UKjP+eFR80iHUBvF49cDpjgmDgJxvfOn4i8Es1YEwTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDBAR/v9B+ODvJ6imbZsbGSOj8LJMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTUVCSC1fMEg0NE84bnFLWnRteHNaSTZQd3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg/hxjAN
BgkqhkiG9w0BAQsFAAOCAQEAvXSyQFDgkKF6CF4Yg3C9IoCf4MQuYgkNf8oYsTtw
rGNzw3URfmzOfdWvnV0Q8Hyz9Spgl2dD7A6CwO8ErfI/CPNFQxtkRmav0wB8Mnln
wAC2lInyPQ3PdJ2hLwJRzJaqClKV2eD/S3x+QpZW8MbCfRGxM9OhU2FGxIY/tLI9
vQKGfJHPYni+M97HU2wDZipaoup1d2tpbtg+yrOs0EEEH/h0s7Fy1FH+XFxOFt5a
lVmSsWYwwwt5lwhToltnlj7S6MyIbmtziujMbD+wyr0A6jYZTBJ9wTV6saMKjKwu
pdyfk2Tolz5aURA1bvWkgqu6LuVpQIRSxYk0nXCHFOQWEg==
-----END CERTIFICATE-----
Generated at Sun May 11 09:12:22 2025 by rpki-client