Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/UxElIVKfs4vb2oR5wW6Bw37ffLM.roa
File: UxElIVKfs4vb2oR5wW6Bw37ffLM.roa (raw, json)
Hash identifier: kfOkynfS4D+4NbP8cjnu/5o1kY5KoPWbs5dnphBajbI=
Subject key identifier: 53:11:25:21:52:9F:B3:8B:DB:DA:84:79:C1:6E:81:C3:7E:DF:7C:B3
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 01828B9CC93C0787C41DCAFEDA6F13530B64
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/UxElIVKfs4vb2oR5wW6Bw37ffLM.roa
Signing time: Thu 11 Aug 2022 06:34:44 +0000
ROA not before: Thu 11 Aug 2022 06:34:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207106
IP address blocks: 147.234.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8b:9c:c9:3c:07:87:c4:1d:ca:fe:da:6f:13:53:0b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Aug 11 06:34:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53112521529fb38bdbda8479c16e81c37edf7cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7e:06:e0:a5:e4:31:ca:c8:1b:00:e8:db:f5:
b4:09:7d:5e:9b:ed:84:92:46:1e:04:2b:fe:ba:22:
b7:db:42:c7:63:6c:bc:4e:6d:9a:e8:2f:98:ea:3c:
01:0d:b5:66:33:bf:ea:6c:a5:9e:32:eb:3d:ab:f2:
36:7d:f7:92:10:b1:2a:82:9a:97:f0:59:40:f7:a9:
5a:db:70:15:50:af:06:16:a1:ef:6d:99:70:ff:8f:
a8:fb:9c:df:52:93:6a:58:ab:80:41:33:6b:08:45:
e2:a6:3b:6d:3a:32:8a:e1:60:7f:2f:66:fb:a4:3f:
92:9a:87:8b:f3:ba:ba:65:35:c4:36:c4:c0:1b:9a:
9c:63:4a:c1:52:d0:0f:0e:f2:4d:87:c9:8a:2b:ae:
33:b7:19:19:01:c1:0c:a3:21:18:51:7c:5b:f6:d8:
63:d7:7a:a4:89:05:14:d1:d1:42:fe:c0:7c:ac:8e:
a2:73:27:1b:b6:50:51:cc:25:5e:f7:f6:30:6a:c8:
64:04:c5:eb:5c:eb:3d:e0:71:4b:eb:38:62:3a:83:
dc:84:dd:05:15:0c:4d:c2:11:44:7b:6c:8f:d2:2f:
63:a3:5e:91:7f:0b:2b:e4:7a:e4:4d:45:07:2a:8c:
b2:c5:0b:16:86:4c:d7:cb:82:1c:4b:a1:f5:61:fb:
e7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:11:25:21:52:9F:B3:8B:DB:DA:84:79:C1:6E:81:C3:7E:DF:7C:B3
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/UxElIVKfs4vb2oR5wW6Bw37ffLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.8.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ea:5d:31:d4:1e:fb:c0:ad:6d:09:4e:5f:9d:fe:f4:3d:e1:
67:f0:d3:e5:a4:72:3b:c3:3d:7f:a2:17:0f:0b:b6:5a:b8:51:
39:eb:32:d1:e1:06:5c:06:0a:45:c4:ca:f4:0c:50:0a:25:c2:
23:96:94:36:ef:b0:8d:ca:ea:c5:c0:91:cb:e5:63:6d:bf:0d:
0f:ca:dc:60:04:be:9e:5a:61:8e:6c:f0:30:9c:63:b3:11:42:
fc:83:f3:28:64:a1:60:54:a4:62:cf:86:c5:24:9a:43:73:fc:
7c:e1:cd:31:3a:95:19:50:f8:40:95:5f:ec:eb:75:66:c9:27:
fb:bf:3e:6b:56:6f:7e:33:be:4f:b5:80:9e:ed:b9:6b:1f:d6:
7c:ae:8a:d1:48:ba:52:34:1e:c9:52:9f:1d:ed:10:42:39:04:
fd:d3:75:d5:77:c5:e6:2a:b7:7f:ca:ec:66:1b:d6:b1:85:a5:
3e:4f:06:bb:fa:b6:e8:6e:3a:fe:5c:ae:21:8a:d1:65:85:0b:
ae:1c:64:b1:af:ed:90:85:52:6b:63:79:f7:ff:b8:80:da:4e:
5f:60:ca:11:d4:f2:be:75:26:0c:0b:ea:c8:9c:9d:2c:13:d2:
c3:26:6d:2c:13:6b:60:bb:51:e0:4f:5d:c7:ce:69:45:52:b7:
5b:ab:91:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKLnMk8B4fEHcr+2m8TUwtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjIwODExMDYzNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzExMjUyMTUyOWZiMzhiZGJkYTg0NzljMTZlODFjMzdlZGY3Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX4G4KXkMcrIGwDo2/W0CX1em+2E
kkYeBCv+uiK320LHY2y8Tm2a6C+Y6jwBDbVmM7/qbKWeMus9q/I2ffeSELEqgpqX
8FlA96la23AVUK8GFqHvbZlw/4+o+5zfUpNqWKuAQTNrCEXipjttOjKK4WB/L2b7
pD+SmoeL87q6ZTXENsTAG5qcY0rBUtAPDvJNh8mKK64ztxkZAcEMoyEYUXxb9thj
13qkiQUU0dFC/sB8rI6icycbtlBRzCVe9/YwashkBMXrXOs94HFL6zhiOoPchN0F
FQxNwhFEe2yP0i9jo16Rfwsr5HrkTUUHKoyyxQsWhkzXy4IcS6H1YfvnPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMRJSFSn7OL29qEecFugcN+33yzMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvVXhFbElWS2ZzNHZiMm9SNXdXNkJ3MzdmZkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oIMA0G
CSqGSIb3DQEBCwUAA4IBAQCr6l0x1B77wK1tCU5fnf70PeFn8NPlpHI7wz1/ohcP
C7ZauFE56zLR4QZcBgpFxMr0DFAKJcIjlpQ277CNyurFwJHL5WNtvw0PytxgBL6e
WmGObPAwnGOzEUL8g/MoZKFgVKRiz4bFJJpDc/x84c0xOpUZUPhAlV/s63VmySf7
vz5rVm9+M75PtYCe7blrH9Z8rorRSLpSNB7JUp8d7RBCOQT903XVd8XmKrd/yuxm
G9axhaU+Twa7+rbobjr+XK4hitFlhQuuHGSxr+2QhVJrY3n3/7iA2k5fYMoR1PK+
dSYMC+rInJ0sE9LDJm0sE2tgu1HgT13HzmlFUrdbq5Gd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:56 2023 by rpki-client on console-fra.rpki-client.org