Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/jtf0vxUXutqmLefZGlTj_NUkpa0.roa
File: jtf0vxUXutqmLefZGlTj_NUkpa0.roa (raw, json)
Hash identifier: emOAPkfiJ7yIHIA02ybkfy1KbHshRc2Wsck0x7wWyDA=
Subject key identifier: 8E:D7:F4:BF:15:17:BA:DA:A6:2D:E7:D9:1A:54:E3:FC:D5:24:A5:AD
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD1B630ED5C15E29CFD22A057A38C
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/jtf0vxUXutqmLefZGlTj_NUkpa0.roa
Signing time: Mon 02 Jan 2023 15:14:58 +0000
ROA not before: Mon 02 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202320
IP address blocks: 147.234.21.0/24 maxlen: 24
147.234.21.0/25 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d1:b6:30:ed:5c:15:e2:9c:fd:22:a0:57:a3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ed7f4bf1517badaa62de7d91a54e3fcd524a5ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:90:76:fb:69:cb:39:31:08:f2:98:ad:3f:
12:f0:3a:e9:32:f1:e2:e3:b0:03:dd:76:fe:05:a3:
09:bb:24:25:f1:da:5b:db:1e:24:00:47:07:28:90:
96:66:8e:34:68:af:f4:c9:b1:aa:5d:fe:29:84:b1:
38:e1:a1:e3:f8:b6:49:31:99:13:b8:7b:eb:d2:68:
39:3a:ea:ff:19:2b:9b:5f:14:b3:f3:35:02:08:10:
38:af:a7:a4:95:0e:8f:8a:0b:d6:1a:88:b8:f6:4e:
f6:3e:dc:65:97:30:ae:22:fc:95:64:29:21:38:b2:
45:e8:92:f2:06:98:e0:77:79:4b:ea:70:ba:c6:db:
b0:bf:8c:e3:d9:d0:8c:ac:69:e8:36:e9:3c:89:29:
f4:58:3a:93:9d:3f:71:73:d6:25:af:a7:7d:6a:23:
de:fb:da:c4:09:f8:68:d3:76:4d:cf:6d:4e:bd:61:
63:2a:84:d4:e9:b5:42:41:da:c6:9d:f8:0e:9d:5e:
ea:df:fa:a8:f1:ba:49:44:19:86:ad:90:75:36:03:
63:ed:3e:2e:b4:77:7e:a0:d3:85:db:c9:a6:8c:1a:
0b:6f:9e:50:9b:04:bf:8b:56:d4:84:87:6c:10:98:
ae:34:48:31:46:0e:e2:ff:42:4a:b2:43:6f:12:23:
29:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D7:F4:BF:15:17:BA:DA:A6:2D:E7:D9:1A:54:E3:FC:D5:24:A5:AD
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/jtf0vxUXutqmLefZGlTj_NUkpa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.21.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:33:bd:e4:06:d5:26:34:6d:9a:9d:b6:10:a7:d9:fe:95:9f:
39:36:63:8d:9b:7d:40:4a:f7:4a:f4:95:f0:36:b8:91:cd:c2:
06:73:93:3a:b0:37:f3:e7:d7:48:75:f4:70:cb:36:9b:f7:18:
8c:dd:07:78:4a:d0:21:04:26:88:6b:fc:7c:62:4c:26:b1:4e:
a8:ea:57:74:79:03:7d:af:9e:8e:3f:16:90:de:33:34:fb:87:
b5:5c:fa:0a:14:4d:55:87:8f:0f:35:a6:fe:c9:23:3b:d3:54:
35:13:5f:04:e2:ba:34:70:5e:23:96:f9:f3:54:ae:d8:9a:25:
0c:af:d1:ac:74:29:50:b1:cf:fa:89:4a:a7:a4:e6:66:6d:e0:
bd:c1:ce:32:08:2a:13:dc:55:90:36:24:21:29:35:e8:2a:fe:
c4:5c:f2:bb:56:a2:e2:35:a7:1b:92:da:fe:d2:7a:77:72:2a:
c3:b9:e3:48:19:b1:2a:25:12:08:fe:3a:57:db:1a:ba:57:77:
3a:46:82:d6:4d:8d:14:d1:e0:9d:65:77:03:df:22:ab:ea:93:
85:93:33:8f:d1:a9:31:be:02:4c:eb:86:94:1d:33:31:77:97:
63:ed:e1:ce:b0:ea:ef:a8:40:2f:fa:55:f2:76:2f:b4:45:d5:
cb:05:a0:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDNG2MO1cFeKc/SKgV6OMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWQ3ZjRiZjE1MTdiYWRhYTYyZGU3ZDkxYTU0ZTNmY2Q1MjRhNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogyQdvtpyzkxCPKYrT8S8DrpMvHi
47AD3Xb+BaMJuyQl8dpb2x4kAEcHKJCWZo40aK/0ybGqXf4phLE44aHj+LZJMZkT
uHvr0mg5Our/GSubXxSz8zUCCBA4r6eklQ6PigvWGoi49k72PtxllzCuIvyVZCkh
OLJF6JLyBpjgd3lL6nC6xtuwv4zj2dCMrGnoNuk8iSn0WDqTnT9xc9Ylr6d9aiPe
+9rECfho03ZNz21OvWFjKoTU6bVCQdrGnfgOnV7q3/qo8bpJRBmGrZB1NgNj7T4u
tHd+oNOF28mmjBoLb55QmwS/i1bUhIdsEJiuNEgxRg7i/0JKskNvEiMpdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7X9L8VF7rapi3n2RpU4/zVJKWtMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvanRmMHZ4VVh1dHFtTGVmWkdsVGpfTlVrcGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oVMA0G
CSqGSIb3DQEBCwUAA4IBAQBaM73kBtUmNG2anbYQp9n+lZ85NmONm31ASvdK9JXw
NriRzcIGc5M6sDfz59dIdfRwyzab9xiM3Qd4StAhBCaIa/x8YkwmsU6o6ld0eQN9
r56OPxaQ3jM0+4e1XPoKFE1Vh48PNab+ySM701Q1E18E4ro0cF4jlvnzVK7YmiUM
r9GsdClQsc/6iUqnpOZmbeC9wc4yCCoT3FWQNiQhKTXoKv7EXPK7VqLiNacbktr+
0np3cirDueNIGbEqJRII/jpX2xq6V3c6RoLWTY0U0eCdZXcD3yKr6pOFkzOP0akx
vgJM64aUHTMxd5dj7eHOsOrvqEAv+lXydi+0RdXLBaAW
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:05 2025 by rpki-client