Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/Tbdd8GlLbAdQ2KYTKPJBZfRFuLw.roa
File: Tbdd8GlLbAdQ2KYTKPJBZfRFuLw.roa (raw, json)
Hash identifier: 15iOUH4VgwU2lGOXaCkHKNQYDBCyODtLbDaM90qg54Q=
Subject key identifier: 4D:B7:5D:F0:69:4B:6C:07:50:D8:A6:13:28:F2:41:65:F4:45:B8:BC
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01CC42BC333C44DB13A5617DC1DBD2
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/Tbdd8GlLbAdQ2KYTKPJBZfRFuLw.roa
Signing time: Sun 01 Jan 2023 11:05:12 +0000
ROA not before: Sun 01 Jan 2023 11:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201719
IP address blocks: 147.78.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:cc:42:bc:33:3c:44:db:13:a5:61:7d:c1:db:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4db75df0694b6c0750d8a61328f24165f445b8bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:94:28:78:3b:81:cd:ed:96:83:0e:6a:93:
85:c6:c5:88:6f:38:c6:86:ea:80:2f:0f:9b:a3:f1:
62:04:9b:ec:9d:c8:45:04:5c:b2:4e:b0:e1:e5:1d:
d7:ff:da:bc:fd:20:81:c7:a4:92:42:0a:58:f8:20:
16:62:22:f1:1f:31:07:3a:4a:ab:9d:0e:e5:e2:3c:
7f:8b:dd:a5:8f:ef:43:49:40:0d:74:e9:5b:1f:26:
f8:9b:07:d2:85:05:61:e7:aa:23:bb:65:d5:d7:57:
fe:15:74:e1:fb:72:56:76:59:11:06:9e:9f:1b:e0:
af:e3:fa:57:5d:e8:11:01:0d:e2:03:6d:84:37:4e:
f3:d8:ed:9a:4a:29:5a:54:fa:b7:9c:08:ae:4e:dd:
73:4e:fd:79:6f:2f:28:92:cd:21:e0:b7:c3:b5:e9:
7e:44:44:bc:9c:e6:93:68:59:6e:c7:54:a9:a4:cb:
c4:fd:09:8e:a7:53:c9:18:50:ff:36:33:b8:7c:07:
98:46:c7:b8:3b:38:c3:5e:1c:17:d4:f5:40:a5:67:
69:e6:14:62:68:25:9e:1d:03:e0:12:82:9f:31:ca:
2e:e6:98:7d:d6:7c:0e:37:05:a1:8c:47:d8:36:e6:
36:13:b3:1f:c7:3b:d8:a9:2b:67:ac:3f:71:87:05:
1d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B7:5D:F0:69:4B:6C:07:50:D8:A6:13:28:F2:41:65:F4:45:B8:BC
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/Tbdd8GlLbAdQ2KYTKPJBZfRFuLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.217.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:af:01:a6:7d:96:dd:ce:5f:2e:35:de:58:36:b0:92:74:b1:
7d:09:8f:ed:d2:53:45:eb:bf:7c:bb:e5:2e:e4:9e:fe:99:90:
53:44:a5:9a:06:20:65:bd:52:9b:7f:11:74:09:99:04:a4:97:
75:49:d3:b2:5f:6a:84:73:1b:74:f0:4a:03:52:84:a7:ca:c7:
16:b3:a7:a4:b2:0b:75:43:f6:56:2f:56:6f:ec:10:3d:87:60:
51:ec:d3:f2:27:98:03:5f:3b:2b:9c:df:7b:bd:9e:2a:b8:72:
b2:ea:43:92:52:84:6b:fd:09:cc:03:84:a4:1a:b9:c7:91:e1:
f7:31:19:0b:38:79:11:83:1e:0e:e8:85:e1:4e:c3:8b:25:52:
69:7c:ed:65:1d:14:a1:80:4d:d1:2a:e2:84:89:b2:e6:19:88:
8a:97:ec:51:67:67:cb:47:a8:18:46:52:60:88:ec:52:46:eb:
6e:4f:e5:d3:5a:63:51:66:0b:a8:84:fd:40:15:47:68:50:26:
c8:27:17:4b:8c:5b:4d:7d:95:b4:d9:f2:aa:72:9a:79:dc:00:
a5:49:c9:2b:9e:8a:68:73:47:6f:c8:bf:57:bd:83:42:7f:c3:
77:c5:25:20:e3:ab:a0:c3:86:1e:b2:79:81:8e:2e:cc:bf:df:
39:27:6d:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAcxCvDM8RNsTpWF9wdvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI3NWRmMDY5NGI2YzA3NTBkOGE2MTMyOGYyNDE2NWY0NDViOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BqUKHg7gc3tloMOapOFxsWIbzjG
huqALw+bo/FiBJvsnchFBFyyTrDh5R3X/9q8/SCBx6SSQgpY+CAWYiLxHzEHOkqr
nQ7l4jx/i92lj+9DSUANdOlbHyb4mwfShQVh56oju2XV11f+FXTh+3JWdlkRBp6f
G+Cv4/pXXegRAQ3iA22EN07z2O2aSilaVPq3nAiuTt1zTv15by8oks0h4LfDtel+
RES8nOaTaFlux1SppMvE/QmOp1PJGFD/NjO4fAeYRse4OzjDXhwX1PVApWdp5hRi
aCWeHQPgEoKfMcou5ph91nwONwWhjEfYNuY2E7MfxzvYqStnrD9xhwUd+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE23XfBpS2wHUNimEyjyQWX0Rbi8MB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvVGJkZDhHbExiQWRRMktZVEtQSkJaZlJGdUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk07ZMA0G
CSqGSIb3DQEBCwUAA4IBAQC3rwGmfZbdzl8uNd5YNrCSdLF9CY/t0lNF6798u+Uu
5J7+mZBTRKWaBiBlvVKbfxF0CZkEpJd1SdOyX2qEcxt08EoDUoSnyscWs6eksgt1
Q/ZWL1Zv7BA9h2BR7NPyJ5gDXzsrnN97vZ4quHKy6kOSUoRr/QnMA4SkGrnHkeH3
MRkLOHkRgx4O6IXhTsOLJVJpfO1lHRShgE3RKuKEibLmGYiKl+xRZ2fLR6gYRlJg
iOxSRutuT+XTWmNRZguohP1AFUdoUCbIJxdLjFtNfZW02fKqcpp53AClSckrnopo
c0dvyL9XvYNCf8N3xSUg46ugw4YesnmBji7Mv985J22F
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:28:31 2025 by rpki-client