Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5befa7-87fd-44a2-b1f4-3e8f575eddff/1/cB4ETfTDbx3ft7Kuc5RwG4E9DhQ.roa
File: cB4ETfTDbx3ft7Kuc5RwG4E9DhQ.roa (raw, json)
Hash identifier: RQlQDUZaQjsjvKr0hlUywZDkkrLng6nZp6GoRbi61pU=
Subject key identifier: 70:1E:04:4D:F4:C3:6F:1D:DF:B7:B2:AE:73:94:70:1B:81:3D:0E:14
Certificate issuer: /CN=761c05753b19bcdb532fdc7f6f47e97e935ba0a2
Certificate serial: 01856D5409B8B8378D12D1CFB81EE9F3CEF8
Authority key identifier: 76:1C:05:75:3B:19:BC:DB:53:2F:DC:7F:6F:47:E9:7E:93:5B:A0:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dhwFdTsZvNtTL9x_b0fpfpNboKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5befa7-87fd-44a2-b1f4-3e8f575eddff/1/cB4ETfTDbx3ft7Kuc5RwG4E9DhQ.roa
Signing time: Sun 01 Jan 2023 12:35:02 +0000
ROA not before: Sun 01 Jan 2023 12:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211329
IP address blocks: 147.236.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:09:b8:b8:37:8d:12:d1:cf:b8:1e:e9:f3:ce:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=761c05753b19bcdb532fdc7f6f47e97e935ba0a2
Validity
Not Before: Jan 1 12:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=701e044df4c36f1ddfb7b2ae7394701b813d0e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:8c:db:03:6b:05:5d:10:e4:88:34:3b:db:6e:
cc:17:a5:47:70:5f:78:16:d1:7f:a4:2b:72:5d:cd:
ba:aa:54:51:12:07:f5:fc:b2:21:73:02:21:a7:92:
96:75:ef:cb:53:81:96:d9:8d:6a:20:0b:54:df:55:
d8:59:a3:49:3d:38:13:3f:c1:da:05:ab:15:ce:cd:
76:58:37:01:98:e9:70:80:03:68:ec:8e:50:ce:27:
47:25:66:ad:5e:c1:98:93:50:60:92:c0:34:42:66:
b8:18:84:af:7e:4d:76:50:52:94:80:06:4d:de:6e:
c7:45:7c:6c:49:50:48:ff:c8:25:d0:42:2d:88:f5:
c5:ec:46:cd:e8:cc:42:da:ee:f0:5d:a6:f6:94:07:
12:91:18:16:20:79:5c:6a:4c:cc:93:54:5b:3a:61:
dd:b8:4f:d4:b6:9e:d9:a0:b1:a8:0c:1c:d8:e8:5a:
b8:e7:13:e3:01:b6:32:ba:59:68:0c:cf:4f:69:8f:
17:22:47:72:bf:70:5d:19:04:dc:73:d6:4c:1e:a4:
72:f6:38:70:ff:49:8d:ec:00:ab:1f:57:c1:90:b2:
bd:5a:33:88:90:f3:a2:9e:fb:13:de:da:b0:3b:a9:
46:18:f7:fa:26:b2:51:f1:cd:78:5f:d9:5b:25:4a:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:1E:04:4D:F4:C3:6F:1D:DF:B7:B2:AE:73:94:70:1B:81:3D:0E:14
X509v3 Authority Key Identifier:
keyid:76:1C:05:75:3B:19:BC:DB:53:2F:DC:7F:6F:47:E9:7E:93:5B:A0:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhwFdTsZvNtTL9x_b0fpfpNboKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5befa7-87fd-44a2-b1f4-3e8f575eddff/1/cB4ETfTDbx3ft7Kuc5RwG4E9DhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5befa7-87fd-44a2-b1f4-3e8f575eddff/1/dhwFdTsZvNtTL9x_b0fpfpNboKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.236.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:6e:b3:ae:68:0e:8a:ae:0c:77:eb:cb:af:53:55:eb:3f:31:
13:dd:6a:89:b4:aa:17:d3:dd:a4:4c:4d:72:0b:b7:44:2e:87:
40:f0:8d:c5:1a:33:40:ec:19:2c:35:b1:2f:24:5c:d5:67:78:
8e:16:52:44:a8:58:22:ce:e2:6a:af:17:25:d5:13:76:4d:ec:
c0:1a:05:59:d2:6f:e9:72:fc:e4:40:06:a9:00:df:25:79:d0:
dc:e9:4a:30:82:b3:e0:38:d7:40:de:03:9e:c0:5a:4b:9e:53:
a1:d1:88:9d:1b:c8:de:7e:2f:43:06:f5:19:f7:80:3b:c7:a9:
2f:8e:06:25:05:57:b9:4d:27:6a:75:c9:73:a3:75:c0:38:70:
cf:b7:f0:7e:05:e1:5d:12:c9:a0:3a:89:0c:e5:9f:10:35:39:
87:a9:05:0a:6a:c0:9c:b5:74:8e:a7:82:d4:3b:3e:8b:43:a6:
8f:b7:a3:20:4e:fc:12:c6:4d:0b:97:78:1b:af:38:04:38:b0:
c5:08:a3:0e:9a:5f:1d:78:97:2c:31:01:20:a9:38:d0:1c:56:
83:7c:b3:38:39:70:1c:73:06:96:04:f1:3f:30:eb:9f:17:5a:
08:86:a6:1f:d2:f1:09:f6:1a:2a:d2:ed:38:27:f4:01:48:ad:
65:f7:99:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVAm4uDeNEtHPuB7p8874MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MWMwNTc1M2IxOWJjZGI1MzJmZGM3ZjZmNDdlOTdlOTM1
YmEwYTIwHhcNMjMwMTAxMTIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDFlMDQ0ZGY0YzM2ZjFkZGZiN2IyYWU3Mzk0NzAxYjgxM2QwZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74zbA2sFXRDkiDQ7227MF6VHcF94
FtF/pCtyXc26qlRREgf1/LIhcwIhp5KWde/LU4GW2Y1qIAtU31XYWaNJPTgTP8Ha
BasVzs12WDcBmOlwgANo7I5QzidHJWatXsGYk1BgksA0Qma4GISvfk12UFKUgAZN
3m7HRXxsSVBI/8gl0EItiPXF7EbN6MxC2u7wXab2lAcSkRgWIHlcakzMk1RbOmHd
uE/Utp7ZoLGoDBzY6Fq45xPjAbYyulloDM9PaY8XIkdyv3BdGQTcc9ZMHqRy9jhw
/0mN7ACrH1fBkLK9WjOIkPOinvsT3tqwO6lGGPf6JrJR8c14X9lbJUqk2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAeBE30w28d37eyrnOUcBuBPQ4UMB8GA1UdIwQY
MBaAFHYcBXU7GbzbUy/cf29H6X6TW6CiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGh3RmRUc1p2TnRUTDl4X2IwZnBmcE5ib0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81YmVmYTctODdmZC00NGEyLWIxZjQt
M2U4ZjU3NWVkZGZmLzEvY0I0RVRmVERieDNmdDdLdWM1UndHNEU5RGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81YmVmYTctODdmZC00NGEyLWIxZjQtM2U4ZjU3NWVkZGZm
LzEvZGh3RmRUc1p2TnRUTDl4X2IwZnBmcE5ib0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk+zAMA0G
CSqGSIb3DQEBCwUAA4IBAQB9brOuaA6Krgx368uvU1XrPzET3WqJtKoX092kTE1y
C7dELodA8I3FGjNA7BksNbEvJFzVZ3iOFlJEqFgizuJqrxcl1RN2TezAGgVZ0m/p
cvzkQAapAN8ledDc6UowgrPgONdA3gOewFpLnlOh0YidG8jefi9DBvUZ94A7x6kv
jgYlBVe5TSdqdclzo3XAOHDPt/B+BeFdEsmgOokM5Z8QNTmHqQUKasCctXSOp4LU
Oz6LQ6aPt6MgTvwSxk0Ll3gbrzgEOLDFCKMOml8deJcsMQEgqTjQHFaDfLM4OXAc
cwaWBPE/MOufF1oIhqYf0vEJ9hoq0u04J/QBSK1l95mF
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:53:43 2025 by rpki-client