Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/f2c8a5-3b43-4baa-8a0e-4ff90d378642/1/ig9tOOrDpz1HbVPwR_eRaujegZo.roa
File: ig9tOOrDpz1HbVPwR_eRaujegZo.roa (raw, json)
Hash identifier: OgVj8xE9oXIuMnBv1FyALDMPABn999CFjS7wnWvHiU8=
Subject key identifier: 8A:0F:6D:38:EA:C3:A7:3D:47:6D:53:F0:47:F7:91:6A:E8:DE:81:9A
Certificate issuer: /CN=533605742b7e122fcfb2aeba9fb10d6fca48e78e
Certificate serial: 01857295AD8F51B3ADFC35F510F1DD165EF8
Authority key identifier: 53:36:05:74:2B:7E:12:2F:CF:B2:AE:BA:9F:B1:0D:6F:CA:48:E7:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzYFdCt-Ei_Psq66n7ENb8pI544.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/f2c8a5-3b43-4baa-8a0e-4ff90d378642/1/ig9tOOrDpz1HbVPwR_eRaujegZo.roa
Signing time: Mon 02 Jan 2023 13:04:49 +0000
ROA not before: Mon 02 Jan 2023 13:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 147.122.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:ad:8f:51:b3:ad:fc:35:f5:10:f1:dd:16:5e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=533605742b7e122fcfb2aeba9fb10d6fca48e78e
Validity
Not Before: Jan 2 13:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a0f6d38eac3a73d476d53f047f7916ae8de819a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:fc:59:f3:3d:5d:66:2c:cd:51:64:31:e1:fc:
54:f9:03:f0:00:3b:0d:67:c6:63:95:03:77:aa:d6:
95:21:2d:9a:53:41:7f:50:b4:15:55:7e:ef:35:86:
f9:b5:ff:bd:96:96:40:4b:a5:21:31:99:8d:11:a2:
4d:29:d0:c9:57:dd:c6:27:53:58:73:21:e2:aa:36:
35:4f:19:17:1d:82:ed:f6:2b:dc:3e:1b:5c:04:f1:
06:4d:ca:76:69:1d:96:bd:e1:27:25:43:18:f1:af:
53:e0:12:63:97:d9:d6:2c:eb:ea:51:0a:89:d2:5f:
1b:0c:d2:e6:69:9e:f6:5d:8b:35:b0:0f:4c:a9:6f:
a7:f2:2e:96:30:91:5f:03:bc:93:5e:1f:d6:eb:8f:
dc:f9:ea:6e:a7:42:36:de:5c:7e:6b:ba:1b:65:16:
7a:2c:bc:61:78:69:b8:7a:28:9f:8f:13:5b:7a:6b:
67:08:b2:7f:c0:44:c0:23:81:25:da:3a:31:52:b4:
a6:f8:99:97:44:17:11:be:2a:ef:89:d7:46:cf:63:
ab:25:71:8b:b8:66:80:ce:91:a2:10:3c:29:aa:63:
a5:c4:a9:ea:5d:eb:eb:5e:1d:f8:4e:cf:9a:15:e1:
48:ce:8c:07:6b:60:a3:12:5f:58:a3:c9:15:01:64:
65:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0F:6D:38:EA:C3:A7:3D:47:6D:53:F0:47:F7:91:6A:E8:DE:81:9A
X509v3 Authority Key Identifier:
keyid:53:36:05:74:2B:7E:12:2F:CF:B2:AE:BA:9F:B1:0D:6F:CA:48:E7:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzYFdCt-Ei_Psq66n7ENb8pI544.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f2c8a5-3b43-4baa-8a0e-4ff90d378642/1/ig9tOOrDpz1HbVPwR_eRaujegZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f2c8a5-3b43-4baa-8a0e-4ff90d378642/1/UzYFdCt-Ei_Psq66n7ENb8pI544.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.122.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:d3:be:ca:24:dd:aa:60:3a:41:5d:ff:51:62:ec:98:7a:ce:
c7:14:9e:4c:be:7d:d0:70:e6:4b:99:a7:6e:de:e0:da:ce:3c:
52:85:f0:f4:b8:e8:52:c2:7a:8f:1a:ca:73:d8:2c:1d:3b:c2:
44:82:14:4d:9e:ba:e3:92:cc:6e:20:5f:40:2e:7f:8e:aa:9a:
63:ae:74:8d:cd:a3:52:04:c8:3a:ec:1e:21:0f:fa:5d:46:81:
2d:99:47:84:24:e7:1b:12:d1:f0:1b:ab:0f:45:2e:ea:60:e4:
31:1b:7a:0c:0f:d3:a0:dd:ad:0d:26:4f:c9:18:22:d7:ed:6c:
1f:db:79:9d:98:85:32:9f:0d:d7:c4:6b:5d:eb:b9:6a:42:d3:
1e:85:fe:e9:66:7c:72:f3:78:8d:f6:9e:1c:a1:e1:c2:43:44:
6f:91:e9:d3:2e:27:8e:69:d6:2b:9b:c8:28:8f:b4:50:42:91:
2e:fb:6d:eb:d2:c6:31:08:5b:2f:90:42:03:a1:bf:f7:ec:92:
c1:3e:0b:6a:e4:41:19:50:58:3a:33:05:70:e8:f6:81:7f:e8:
66:ce:11:28:c8:de:81:10:62:1b:b6:c9:37:d3:cc:cc:54:eb:
35:b1:5d:8a:9e:05:55:49:7c:90:c0:77:b6:38:c5:61:ea:56:
03:1f:1d:5b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVyla2PUbOt/DX1EPHdFl74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzYwNTc0MmI3ZTEyMmZjZmIyYWViYTlmYjEwZDZmY2E0
OGU3OGUwHhcNMjMwMTAyMTMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTBmNmQzOGVhYzNhNzNkNDc2ZDUzZjA0N2Y3OTE2YWU4ZGU4MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9/xZ8z1dZizNUWQx4fxU+QPwADsN
Z8ZjlQN3qtaVIS2aU0F/ULQVVX7vNYb5tf+9lpZAS6UhMZmNEaJNKdDJV93GJ1NY
cyHiqjY1TxkXHYLt9ivcPhtcBPEGTcp2aR2WveEnJUMY8a9T4BJjl9nWLOvqUQqJ
0l8bDNLmaZ72XYs1sA9MqW+n8i6WMJFfA7yTXh/W64/c+epup0I23lx+a7obZRZ6
LLxheGm4eiifjxNbemtnCLJ/wETAI4El2joxUrSm+JmXRBcRvirviddGz2OrJXGL
uGaAzpGiEDwpqmOlxKnqXevrXh34Ts+aFeFIzowHa2CjEl9Yo8kVAWRlLwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIoPbTjqw6c9R21T8Ef3kWro3oGaMB8GA1UdIwQY
MBaAFFM2BXQrfhIvz7Kuup+xDW/KSOeOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpZRmRDdC1FaV9Qc3E2Nm43RU5iOHBJNTQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mMmM4YTUtM2I0My00YmFhLThhMGUt
NGZmOTBkMzc4NjQyLzEvaWc5dE9PckRwejFIYlZQd1JfZVJhdWplZ1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mMmM4YTUtM2I0My00YmFhLThhMGUtNGZmOTBkMzc4NjQy
LzEvVXpZRmRDdC1FaV9Qc3E2Nm43RU5iOHBJNTQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk3owDQYJ
KoZIhvcNAQELBQADggEBAFrTvsok3apgOkFd/1Fi7Jh6zscUnky+fdBw5kuZp27e
4NrOPFKF8PS46FLCeo8aynPYLB07wkSCFE2euuOSzG4gX0Auf46qmmOudI3No1IE
yDrsHiEP+l1GgS2ZR4Qk5xsS0fAbqw9FLupg5DEbegwP06DdrQ0mT8kYItftbB/b
eZ2YhTKfDdfEa13ruWpC0x6F/ulmfHLzeI32nhyh4cJDRG+R6dMuJ45p1iubyCiP
tFBCkS77bevSxjEIWy+QQgOhv/fsksE+C2rkQRlQWDozBXDo9oF/6GbOESjI3oEQ
Yhu2yTfTzMxU6zWxXYqeBVVJfJDAd7Y4xWHqVgMfHVs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:15 2025 by rpki-client