Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/ufg7tHTQXEFeF3K9W0V7TM_s3s8.roa
File: ufg7tHTQXEFeF3K9W0V7TM_s3s8.roa (raw, json)
Hash identifier: IcFKLSaAWgX2PV7+vqF1NQzIoBrarBDwt75S3eJSh6w=
Subject key identifier: B9:F8:3B:B4:74:D0:5C:41:5E:17:72:BD:5B:45:7B:4C:CF:EC:DE:CF
Certificate issuer: /CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Certificate serial: 08A97621
Authority key identifier: A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/ufg7tHTQXEFeF3K9W0V7TM_s3s8.roa
Signing time: Sat 01 Jan 2022 15:05:57 +0000
ROA not before: Sat 01 Jan 2022 15:05:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203201
IP address blocks: 147.78.184.0/22 maxlen: 22
2a09:840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145323553 (0x8a97621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Validity
Not Before: Jan 1 15:05:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9f83bb474d05c415e1772bd5b457b4ccfecdecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2f:35:c3:36:a9:a9:e7:2a:f5:ec:9f:2c:40:
14:fe:95:38:22:ba:94:02:f5:5f:94:c1:04:0c:5f:
8a:19:f9:8a:b2:fa:c5:3e:1e:5a:61:2a:6c:5d:ba:
66:cb:19:25:3e:76:10:6a:78:e1:c4:e6:76:1b:cd:
95:dd:be:9b:8e:aa:89:2d:0c:36:61:45:60:6c:c0:
40:9b:b3:a5:80:b9:9b:a8:ab:3c:14:c6:c1:a5:e6:
72:cf:6d:8e:33:2d:29:a1:2d:ed:44:02:cb:42:57:
dc:f4:1d:b6:36:e4:1f:dd:4a:d5:77:39:63:32:ee:
22:bc:58:b4:e9:48:a8:21:9c:5b:c6:22:ed:f4:0f:
23:94:bc:f1:53:8d:b9:95:7a:56:79:38:64:8d:91:
52:31:9e:67:a3:f4:02:da:9d:01:8d:d7:10:b6:2d:
2f:7f:7c:f4:4e:bb:00:11:b8:d7:7a:c5:91:70:5b:
b4:ee:26:ef:5e:2f:6c:2b:00:d7:c4:ee:b4:78:35:
ad:20:90:b2:87:08:3a:58:a7:fd:65:ef:ea:f4:35:
e0:91:01:a4:e1:ea:20:5b:cb:02:2e:f9:db:c2:d8:
bf:ac:7d:04:49:20:6f:76:ba:87:12:28:ad:4f:c0:
4a:45:76:9b:49:d8:7f:67:0f:5f:8a:8c:2f:b4:5f:
0d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F8:3B:B4:74:D0:5C:41:5E:17:72:BD:5B:45:7B:4C:CF:EC:DE:CF
X509v3 Authority Key Identifier:
keyid:A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/ufg7tHTQXEFeF3K9W0V7TM_s3s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/pCzz6j9GGa3XsfheXbx2jNPRdC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.184.0/22
IPv6:
2a09:840::/32
Signature Algorithm: sha256WithRSAEncryption
b8:d1:2d:72:75:d1:1a:51:b5:06:9b:9b:3d:73:cb:3e:f5:99:
93:d9:d0:46:0b:a3:fa:7e:71:4c:e4:ed:c8:8c:d8:f5:9e:97:
f2:cf:c0:d4:10:ee:04:bc:88:37:39:e1:35:f9:71:c3:88:4c:
3a:84:92:79:6a:5a:51:e2:90:27:16:dd:b8:41:69:9a:84:6a:
3c:f7:2e:90:5b:b7:d3:b2:74:ec:b6:de:c4:1a:0e:7e:1f:61:
d2:42:2b:9e:28:35:9c:a9:9d:6e:94:d0:8f:64:4a:8b:b9:91:
e4:53:8c:7d:65:74:4e:d0:49:6e:2f:30:28:c9:c7:a6:c2:58:
00:3a:5e:87:c8:89:e5:fc:44:a9:f1:a6:f2:ab:45:27:9d:d4:
23:70:5c:25:af:52:fe:29:f5:a9:f6:6b:78:38:ac:e6:4b:ba:
0d:bd:c5:82:ad:98:48:77:5b:1b:38:d7:98:84:96:77:e5:7e:
0e:dd:01:52:e1:88:43:2d:56:e9:1a:dc:f9:6c:7f:59:8a:02:
a9:c1:fa:40:97:aa:8b:ca:63:3c:90:02:b1:6a:62:36:d6:e5:
1f:43:30:af:6f:5c:9b:74:36:de:d0:a9:75:a1:d8:19:82:31:
c1:8e:ac:58:72:5a:b6:3a:7b:98:69:45:d5:d9:38:5c:88:44:
30:39:57:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECKl2ITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDJjZjNlYTNmNDYxOWFkZDdiMWY4NWU1ZGJjNzY4Y2QzZDE3NDJkMB4XDTIyMDEw
MTE1MDU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjlmODNiYjQ3NGQw
NWM0MTVlMTc3MmJkNWI0NTdiNGNjZmVjZGVjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUvNcM2qannKvXsnyxAFP6VOCK6lAL1X5TBBAxfihn5irL6
xT4eWmEqbF26ZssZJT52EGp44cTmdhvNld2+m46qiS0MNmFFYGzAQJuzpYC5m6ir
PBTGwaXmcs9tjjMtKaEt7UQCy0JX3PQdtjbkH91K1Xc5YzLuIrxYtOlIqCGcW8Yi
7fQPI5S88VONuZV6Vnk4ZI2RUjGeZ6P0AtqdAY3XELYtL3989E67ABG413rFkXBb
tO4m714vbCsA18TutHg1rSCQsocIOlin/WXv6vQ14JEBpOHqIFvLAi7528LYv6x9
BEkgb3a6hxIorU/ASkV2m0nYf2cPX4qML7RfDeMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS5+Du0dNBcQV4Xcr1bRXtMz+zezzAfBgNVHSMEGDAWgBSkLPPqP0YZrdex
+F5dvHaM09F0LTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BDeno2ajlHR2EzWHNmaGVYYngyak5QUmRDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNTcyNjliLTBmNzAtNDZjZi1iY2UyLWM3Nzc1MTU5ZmM4Mi8x
L3VmZzd0SFRRWEVGZUYzSzlXMFY3VE1fczNzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NTcyNjliLTBmNzAtNDZjZi1iY2UyLWM3Nzc1MTU5ZmM4Mi8xL3BDeno2ajlHR2Ez
WHNmaGVYYngyak5QUmRDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEApNOuDANBAIAAjAHAwUAKgkIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAuNEtcnXRGlG1BpubPXPLPvWZk9nQRguj+n5xTOTt
yIzY9Z6X8s/A1BDuBLyINznhNflxw4hMOoSSeWpaUeKQJxbduEFpmoRqPPcukFu3
07J07LbexBoOfh9h0kIrnig1nKmdbpTQj2RKi7mR5FOMfWV0TtBJbi8wKMnHpsJY
ADpeh8iJ5fxEqfGm8qtFJ53UI3BcJa9S/in1qfZreDis5ku6Db3Fgq2YSHdbGzjX
mISWd+V+Dt0BUuGIQy1W6Rrc+Wx/WYoCqcH6QJeqi8pjPJACsWpiNtblH0Mwr29c
m3Q23tCpdaHYGYIxwY6sWHJatjp7mGlF1dk4XIhEMDlXbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:06 2024 by rpki-client on console-fra.rpki-client.org