Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/p4C2em_JsuLdJL_N3XbJOhtTlLY.roa
File: p4C2em_JsuLdJL_N3XbJOhtTlLY.roa (raw, json)
Hash identifier: /ZAAEgv3gEbvk+qnVAHfYlAy5EqaCQWWrb3v4O1nIh0=
Subject key identifier: A7:80:B6:7A:6F:C9:B2:E2:DD:24:BF:CD:DD:76:C9:3A:1B:53:94:B6
Certificate issuer: /CN=0d23064e3c27ec92b7eab667649d204e5673838e
Certificate serial: 02215E18
Authority key identifier: 0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/p4C2em_JsuLdJL_N3XbJOhtTlLY.roa
Signing time: Sat 01 Jan 2022 10:54:06 +0000
ROA not before: Sat 01 Jan 2022 10:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20811
IP address blocks: 147.189.208.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35741208 (0x2215e18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d23064e3c27ec92b7eab667649d204e5673838e
Validity
Not Before: Jan 1 10:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a780b67a6fc9b2e2dd24bfcddd76c93a1b5394b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:68:e2:be:a1:1c:94:35:60:7b:ee:b9:c5:2c:
0e:0d:e1:53:6b:65:96:c7:2e:d0:93:26:77:92:ab:
32:59:03:7e:39:48:6f:27:65:6f:8e:d1:8b:f3:6e:
c8:9d:ef:67:b6:cd:99:7c:f3:be:d3:82:d3:c0:b4:
ee:87:b7:9b:75:b3:24:ca:26:d2:88:61:df:18:3f:
a3:b0:6d:e7:f3:f5:6f:4c:e5:2d:29:82:c8:91:57:
53:b6:40:98:24:48:d1:72:95:83:19:2e:11:de:81:
c6:f0:10:7c:6b:92:39:b3:77:cb:01:b7:10:7e:4c:
f9:cf:3c:0a:a2:ee:ff:82:17:b6:ed:25:fb:f2:58:
5f:64:ab:ef:29:e6:07:7f:b3:40:cc:b4:67:19:f6:
1a:a2:4f:ba:dd:dc:11:31:26:9e:51:49:24:9d:de:
c4:30:f5:f7:d3:a3:3a:25:eb:63:ab:ee:39:5c:0f:
7a:65:f6:03:93:92:54:96:bd:0c:7e:40:97:80:d2:
a9:25:c2:c0:ea:4e:2a:da:92:39:de:1b:21:2d:50:
c4:4d:01:18:26:88:5e:79:5a:02:67:ed:0b:ad:3b:
17:f6:29:ea:9d:16:00:8b:9b:7d:ac:4a:03:e0:ba:
e2:00:38:e5:07:71:60:dc:9d:23:00:49:70:ab:8f:
27:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:80:B6:7A:6F:C9:B2:E2:DD:24:BF:CD:DD:76:C9:3A:1B:53:94:B6
X509v3 Authority Key Identifier:
keyid:0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/p4C2em_JsuLdJL_N3XbJOhtTlLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.208.0/22
Signature Algorithm: sha256WithRSAEncryption
61:bf:37:98:5c:9c:56:e6:ae:8e:d4:5c:db:f0:d0:d5:2c:19:
17:ed:c9:dd:2f:7e:40:18:ff:d4:99:f1:6c:89:f7:51:f3:5b:
33:dd:d0:0f:9e:68:5a:26:bb:20:60:3a:ba:ea:40:85:8e:97:
c5:4f:3a:7a:91:6e:df:d5:34:53:37:a7:7d:e4:e1:a6:1d:ef:
46:93:a5:ef:23:63:c3:04:18:fd:12:6b:26:c3:e9:5d:b6:be:
18:35:4c:17:d0:4c:27:d0:ed:9b:8f:64:a0:e1:36:10:40:42:
5d:5c:b1:a2:97:bf:5f:30:23:40:e2:d8:08:b1:9a:82:ae:eb:
ff:c4:0b:5d:60:29:54:3d:92:01:50:68:a9:f0:f1:70:1d:2e:
ee:1c:26:5c:d8:bb:bd:ff:19:c6:ea:80:5a:cc:7b:5f:50:72:
fd:f0:b5:f1:43:35:5d:32:18:6e:0f:b7:4f:4f:59:d3:de:99:
1f:45:d3:6b:f1:04:dd:45:41:2c:40:25:3a:92:d7:34:97:63:
d6:10:25:d2:ef:68:c2:09:99:18:35:0a:42:6f:e2:81:ab:5a:
0f:d1:e5:a1:a2:dc:4e:7f:46:52:85:6a:e6:6f:75:9a:73:09:
58:e6:6b:c8:52:d5:08:a4:28:94:c6:cf:50:50:26:f1:20:9a:
6c:f9:ed:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiFeGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDIzMDY0ZTNjMjdlYzkyYjdlYWI2Njc2NDlkMjA0ZTU2NzM4MzhlMB4XDTIyMDEw
MTEwNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc4MGI2N2E2ZmM5
YjJlMmRkMjRiZmNkZGQ3NmM5M2ExYjUzOTRiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFo4r6hHJQ1YHvuucUsDg3hU2tllscu0JMmd5KrMlkDfjlI
bydlb47Ri/NuyJ3vZ7bNmXzzvtOC08C07oe3m3WzJMom0ohh3xg/o7Bt5/P1b0zl
LSmCyJFXU7ZAmCRI0XKVgxkuEd6BxvAQfGuSObN3ywG3EH5M+c88CqLu/4IXtu0l
+/JYX2Sr7ynmB3+zQMy0Zxn2GqJPut3cETEmnlFJJJ3exDD199OjOiXrY6vuOVwP
emX2A5OSVJa9DH5Al4DSqSXCwOpOKtqSOd4bIS1QxE0BGCaIXnlaAmftC607F/Yp
6p0WAIubfaxKA+C64gA45QdxYNydIwBJcKuPJ9UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSngLZ6b8my4t0kv83ddsk6G1OUtjAfBgNVHSMEGDAWgBQNIwZOPCfskrfq
tmdknSBOVnODjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RTTUdUanduN0pLMzZyWm5aSjBnVGxaemc0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvNzJmYWVkLWE4ZjgtNGEzMy04ZGRjLTVjZWYwNGI3OTczNy8x
L3A0QzJlbV9Kc3VMZEpMX04zWGJKT2h0VGxMWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
NzJmYWVkLWE4ZjgtNGEzMy04ZGRjLTVjZWYwNGI3OTczNy8xL0RTTUdUanduN0pL
MzZyWm5aSjBnVGxaemc0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApO90DANBgkqhkiG9w0BAQsFAAOC
AQEAYb83mFycVuaujtRc2/DQ1SwZF+3J3S9+QBj/1JnxbIn3UfNbM93QD55oWia7
IGA6uupAhY6XxU86epFu39U0UzenfeThph3vRpOl7yNjwwQY/RJrJsPpXba+GDVM
F9BMJ9Dtm49koOE2EEBCXVyxope/XzAjQOLYCLGagq7r/8QLXWApVD2SAVBoqfDx
cB0u7hwmXNi7vf8ZxuqAWsx7X1By/fC18UM1XTIYbg+3T09Z096ZH0XTa/EE3UVB
LEAlOpLXNJdj1hAl0u9owgmZGDUKQm/igataD9HloaLcTn9GUoVq5m91mnMJWOZr
yFLVCKQolMbPUFAm8SCabPntBA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:55 2025 by rpki-client