Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MufSw85F8jY3YBhOYo3R23Qew84.roa
File: MufSw85F8jY3YBhOYo3R23Qew84.roa (raw, json)
Hash identifier: za5OgbkF3CHMf/VzhYPqk1dd1dwt8yDwkpm7YQQoOzw=
Subject key identifier: 32:E7:D2:C3:CE:45:F2:36:37:60:18:4E:62:8D:D1:DB:74:1E:C3:CE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0155E3A1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MufSw85F8jY3YBhOYo3R23Qew84.roa
Signing time: Sat 01 Jan 2022 05:55:08 +0000
ROA not before: Sat 01 Jan 2022 05:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206938
IP address blocks: 2a0f:ac00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22406049 (0x155e3a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 05:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32e7d2c3ce45f2363760184e628dd1db741ec3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:5e:21:e7:85:2a:db:21:b8:73:68:5c:d2:
ee:a9:26:5c:59:20:ea:a8:d7:a9:57:41:c1:6a:3e:
8f:c1:d3:cd:a9:c2:f8:9c:cc:f2:08:f4:7b:43:d4:
08:73:22:65:34:07:3e:f9:a1:2a:8b:86:5a:28:9c:
df:96:c9:fc:99:67:00:19:ac:1c:a7:38:ba:6c:46:
76:f8:d1:d6:93:67:c1:2f:8b:98:f4:18:68:47:64:
22:1c:64:b5:85:5a:16:42:7e:8f:61:3b:14:6d:05:
1a:49:cf:0b:45:ef:b9:8b:bf:0b:e4:be:3e:3d:91:
53:cc:bf:10:a1:0c:3b:58:d0:65:1a:17:88:15:24:
d6:ae:4d:cd:c8:12:53:d3:05:2b:6d:6d:ca:3f:f3:
8a:36:5c:bc:d5:b2:80:fd:31:35:1f:e5:71:ef:9b:
e6:e4:d3:dd:64:34:b8:3c:f8:8e:e0:2e:9e:1a:40:
ae:12:76:fc:de:e5:db:e6:cf:b3:35:f8:ff:53:ea:
de:70:31:e3:6f:83:6e:25:55:6f:be:e7:52:cd:96:
c1:3d:33:cd:3e:47:a0:cb:92:86:dc:21:d6:19:23:
c0:4a:b1:e5:64:a7:d2:ca:88:4b:7b:3c:5c:ee:3d:
b6:d2:93:c6:aa:fd:fe:16:5e:8d:0f:a3:34:46:8a:
51:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E7:D2:C3:CE:45:F2:36:37:60:18:4E:62:8D:D1:DB:74:1E:C3:CE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MufSw85F8jY3YBhOYo3R23Qew84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
07:49:f0:b1:a1:56:3c:3c:f0:1f:32:4c:22:80:0e:09:1e:54:
79:2d:08:94:73:ae:9c:10:23:39:c0:ed:02:21:44:8b:55:ec:
51:c5:21:c3:a9:26:be:ea:b7:e1:f4:d9:ec:58:ca:f0:4a:a4:
4e:ce:06:34:24:4d:f3:5d:70:7d:18:71:df:d1:54:17:37:b9:
71:82:63:df:66:e1:91:60:53:74:40:df:69:b4:92:3b:38:30:
39:85:70:3c:d5:a9:71:86:ca:3a:7f:02:2a:0b:c5:bc:d8:a7:
41:bf:ac:99:4d:f8:f3:ab:dd:84:4b:32:6a:ed:db:70:b8:b3:
35:e6:c6:c2:15:d0:7b:ce:b2:0a:77:86:56:9c:d8:5b:7f:56:
b1:2d:af:37:dd:3b:c3:9e:68:9f:38:fa:a4:38:31:2f:7c:46:
f2:44:8f:54:77:61:10:5d:dd:70:4a:64:10:9b:a9:8b:b2:c3:
9b:5e:13:94:e0:08:0b:d8:8f:f7:e2:fb:77:87:4b:cc:70:6f:
13:eb:c5:e6:de:6c:02:2b:e0:d3:f6:7d:36:11:11:6d:43:26:
b2:90:6d:d5:1d:7c:20:6f:84:fd:78:e5:32:94:ae:0e:aa:90:
67:53:72:c1:c2:1d:53:f2:b9:16:56:43:a4:bd:39:ff:8b:ce:
93:4f:85:84
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAVXjoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDEw
MTA1NTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJlN2QyYzNjZTQ1
ZjIzNjM3NjAxODRlNjI4ZGQxZGI3NDFlYzNjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3xXiHnhSrbIbhzaFzS7qkmXFkg6qjXqVdBwWo+j8HTzanC
+JzM8gj0e0PUCHMiZTQHPvmhKouGWiic35bJ/JlnABmsHKc4umxGdvjR1pNnwS+L
mPQYaEdkIhxktYVaFkJ+j2E7FG0FGknPC0XvuYu/C+S+Pj2RU8y/EKEMO1jQZRoX
iBUk1q5NzcgSU9MFK21tyj/zijZcvNWygP0xNR/lce+b5uTT3WQ0uDz4juAunhpA
rhJ2/N7l2+bPszX4/1Pq3nAx42+DbiVVb77nUs2WwT0zzT5HoMuShtwh1hkjwEqx
5WSn0sqIS3s8XO49ttKTxqr9/hZejQ+jNEaKUVsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQy59LDzkXyNjdgGE5ijdHbdB7DzjAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L011ZlN3ODVGOGpZM1lCaE9ZbzNSMjNRZXc4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoPrAAwDQYJKoZIhvcNAQELBQAD
ggEBAAdJ8LGhVjw88B8yTCKADgkeVHktCJRzrpwQIznA7QIhRItV7FHFIcOpJr7q
t+H02exYyvBKpE7OBjQkTfNdcH0Ycd/RVBc3uXGCY99m4ZFgU3RA32m0kjs4MDmF
cDzVqXGGyjp/AioLxbzYp0G/rJlN+POr3YRLMmrt23C4szXmxsIV0HvOsgp3hlac
2Ft/VrEtrzfdO8OeaJ84+qQ4MS98RvJEj1R3YRBd3XBKZBCbqYuyw5teE5TgCAvY
j/fi+3eHS8xwbxPrxebebAIr4NP2fTYREW1DJrKQbdUdfCBvhP145TKUrg6qkGdT
csHCHVPyuRZWQ6S9Of+LzpNPhYQ=
-----END CERTIFICATE-----
Generated at Thu May 8 22:16:24 2025 by rpki-client