Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/JgcFJ2fqY6xdJaiiUotoCcyl6ZE.roa
File: JgcFJ2fqY6xdJaiiUotoCcyl6ZE.roa (raw, json)
Hash identifier: DPRxoMmlG9/0L8kET0fidZMn9U0/A7jbEErzO9I/xSk=
Subject key identifier: 26:07:05:27:67:EA:63:AC:5D:25:A8:A2:52:8B:68:09:CC:A5:E9:91
Certificate issuer: /CN=4812ff485ffd794a6948078afe4e076afe617635
Certificate serial: 01856FE727E98D72C80C1671050A181B3F86
Authority key identifier: 48:12:FF:48:5F:FD:79:4A:69:48:07:8A:FE:4E:07:6A:FE:61:76:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBL_SF_9eUppSAeK_k4Hav5hdjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/JgcFJ2fqY6xdJaiiUotoCcyl6ZE.roa
Signing time: Mon 02 Jan 2023 00:34:58 +0000
ROA not before: Mon 02 Jan 2023 00:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56559
IP address blocks: 147.78.96.0/24 maxlen: 24
147.78.98.0/24 maxlen: 24
147.78.97.0/24 maxlen: 24
147.78.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:27:e9:8d:72:c8:0c:16:71:05:0a:18:1b:3f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4812ff485ffd794a6948078afe4e076afe617635
Validity
Not Before: Jan 2 00:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2607052767ea63ac5d25a8a2528b6809cca5e991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7d:be:39:cb:fc:08:68:13:0e:d9:a7:fd:ba:
d9:50:a6:16:33:1b:61:7b:7c:3a:2b:39:0f:d7:db:
33:8f:2d:f1:97:32:94:70:30:98:87:de:75:33:15:
33:9a:92:6f:90:18:d5:bf:74:f9:5a:d6:d8:2c:40:
08:4f:a7:67:03:09:93:30:da:89:1a:ec:91:e8:0a:
26:e6:b8:60:d5:50:ba:21:bb:82:93:3f:b4:16:6f:
8d:31:d6:70:95:21:b5:e9:4a:f0:4c:5c:1f:6c:a7:
01:d0:46:52:a6:03:ac:7a:0b:48:2c:23:3a:91:2c:
74:9f:77:86:97:cb:85:15:6d:50:d7:f4:0b:ca:a8:
22:b3:67:ab:09:b8:5a:56:f6:c4:21:09:ce:0d:f4:
27:42:81:3b:5b:04:d5:17:6b:6b:27:e4:e1:23:0b:
6e:2f:6b:d6:35:25:fe:fe:f4:f5:e3:cc:da:8e:1a:
ed:85:e7:a8:1b:a2:d7:b8:37:82:ad:86:1b:97:e6:
73:9b:7f:7d:4e:26:5d:8c:4d:20:55:1e:42:6f:28:
f4:ad:09:86:b0:12:45:b2:ce:5f:87:41:33:eb:b3:
42:c0:3b:ea:4b:4e:f0:67:33:82:42:2b:41:92:ed:
c0:6c:86:d6:11:fc:32:98:3d:09:f0:20:68:fe:6a:
60:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:07:05:27:67:EA:63:AC:5D:25:A8:A2:52:8B:68:09:CC:A5:E9:91
X509v3 Authority Key Identifier:
keyid:48:12:FF:48:5F:FD:79:4A:69:48:07:8A:FE:4E:07:6A:FE:61:76:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBL_SF_9eUppSAeK_k4Hav5hdjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/JgcFJ2fqY6xdJaiiUotoCcyl6ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/SBL_SF_9eUppSAeK_k4Hav5hdjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.96.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:ec:fe:d8:66:15:85:a9:e1:b9:b0:00:b1:b8:46:fc:ad:f1:
f9:d8:53:a9:20:b6:79:ea:d6:a3:cc:82:7a:43:fc:93:65:bd:
ff:3a:53:de:21:b2:1d:c6:fc:e6:7b:41:38:db:82:81:e6:dc:
ab:03:20:ef:cc:d0:fe:35:ea:30:53:c3:eb:48:f0:6f:ab:e7:
64:c0:d3:70:8d:4c:45:9f:04:59:98:66:16:6b:fd:e2:7f:cb:
ef:10:69:d8:dd:5f:7d:cc:6d:46:01:6f:43:46:85:8d:0f:6a:
d4:dd:cd:2a:8e:a7:d5:4c:66:35:fd:03:b7:b8:c8:fb:45:2c:
d9:60:f7:0b:59:dd:73:63:a3:00:2b:f9:7e:ac:24:bb:30:28:
ef:6a:fa:0d:2b:2f:6f:12:1c:96:1a:56:af:e6:7e:c6:8a:93:
aa:f9:51:39:71:5e:8c:0d:44:b4:31:12:6b:ad:e3:62:96:29:
b0:8a:1b:3b:53:98:72:d4:0f:1b:73:ac:28:b7:e4:4d:bd:8a:
38:40:4c:33:6f:3a:93:67:62:7f:3b:32:0b:8b:f4:87:97:86:
ac:8b:be:69:15:60:d9:ce:22:a0:a6:13:bd:de:f8:95:bf:67:
10:73:00:bf:31:4d:b1:af:db:64:44:9b:6c:17:3c:21:66:69:
60:74:0c:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5yfpjXLIDBZxBQoYGz+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTJmZjQ4NWZmZDc5NGE2OTQ4MDc4YWZlNGUwNzZhZmU2
MTc2MzUwHhcNMjMwMTAyMDAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA3MDUyNzY3ZWE2M2FjNWQyNWE4YTI1MjhiNjgwOWNjYTVlOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX2+Ocv8CGgTDtmn/brZUKYWMxth
e3w6KzkP19szjy3xlzKUcDCYh951MxUzmpJvkBjVv3T5WtbYLEAIT6dnAwmTMNqJ
GuyR6Aom5rhg1VC6IbuCkz+0Fm+NMdZwlSG16UrwTFwfbKcB0EZSpgOsegtILCM6
kSx0n3eGl8uFFW1Q1/QLyqgis2erCbhaVvbEIQnODfQnQoE7WwTVF2trJ+ThIwtu
L2vWNSX+/vT148zajhrtheeoG6LXuDeCrYYbl+Zzm399TiZdjE0gVR5Cbyj0rQmG
sBJFss5fh0Ez67NCwDvqS07wZzOCQitBku3AbIbWEfwymD0J8CBo/mpgeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCYHBSdn6mOsXSWoolKLaAnMpemRMB8GA1UdIwQY
MBaAFEgS/0hf/XlKaUgHiv5OB2r+YXY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JMX1NGXzllVXBwU0FlS19rNEhhdjVoZGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85YzEzNjItNDZmZC00ODlhLWJiOTUt
NjY5YThmZWI3MTQ3LzEvSmdjRkoyZnFZNnhkSmFpaVVvdG9DY3lsNlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85YzEzNjItNDZmZC00ODlhLWJiOTUtNjY5YThmZWI3MTQ3
LzEvU0JMX1NGXzllVXBwU0FlS19rNEhhdjVoZGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk05gMA0G
CSqGSIb3DQEBCwUAA4IBAQAb7P7YZhWFqeG5sACxuEb8rfH52FOpILZ56tajzIJ6
Q/yTZb3/OlPeIbIdxvzme0E424KB5tyrAyDvzND+NeowU8PrSPBvq+dkwNNwjUxF
nwRZmGYWa/3if8vvEGnY3V99zG1GAW9DRoWND2rU3c0qjqfVTGY1/QO3uMj7RSzZ
YPcLWd1zY6MAK/l+rCS7MCjvavoNKy9vEhyWGlav5n7GipOq+VE5cV6MDUS0MRJr
reNilimwihs7U5hy1A8bc6wot+RNvYo4QEwzbzqTZ2J/OzILi/SHl4asi75pFWDZ
ziKgphO93viVv2cQcwC/MU2xr9tkRJtsFzwhZmlgdAzY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:39 2025 by rpki-client