Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/nPJw-XqzsuOAS28LtbbkdS9Spas.roa
File: nPJw-XqzsuOAS28LtbbkdS9Spas.roa (raw, json)
Hash identifier: R9th1AZWbxULFDrsrICE9ysfgPjINYxnB4doHiWGkbY=
Subject key identifier: 9C:F2:70:F9:7A:B3:B2:E3:80:4B:6F:0B:B5:B6:E4:75:2F:52:A5:AB
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD27C3F86619077E54F3B52FEFF2B
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/nPJw-XqzsuOAS28LtbbkdS9Spas.roa
Signing time: Mon 02 Jan 2023 15:14:58 +0000
ROA not before: Mon 02 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202356
IP address blocks: 147.234.87.0/24 maxlen: 24
147.234.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d2:7c:3f:86:61:90:77:e5:4f:3b:52:fe:ff:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cf270f97ab3b2e3804b6f0bb5b6e4752f52a5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:fb:e6:95:00:a4:6c:b4:d7:e6:82:7c:41:
54:96:4d:1c:90:af:da:a2:cf:9f:1f:2b:ef:50:e3:
e9:8e:43:a7:cd:30:03:6d:8d:25:f1:e0:62:56:b4:
f7:17:ed:4a:fc:95:ae:a6:61:ca:c5:bb:8f:cc:00:
cb:d5:b8:ca:05:d1:a3:69:bd:fa:56:04:7e:ab:e2:
3d:0a:2c:a4:e3:19:58:b9:df:d0:0b:ae:33:ab:0c:
ed:6e:f3:29:b8:4d:6d:06:cb:d2:a2:a7:26:c3:66:
31:db:5e:bb:31:fd:32:b3:2e:e8:41:01:91:f4:b9:
66:4f:f9:28:bd:7c:d9:84:27:48:ff:86:93:5e:71:
6a:dd:d7:19:09:b8:37:42:42:64:f9:c4:78:0d:23:
16:47:08:d1:c7:8b:b5:fc:bc:b6:5b:d1:bb:6f:7f:
1d:90:ad:40:49:f8:5a:8a:a7:86:ff:23:4f:66:17:
16:22:fe:0f:7e:22:b0:2e:ce:6a:29:04:d6:03:5f:
51:eb:6f:00:8f:ef:96:3e:8a:d2:1f:99:68:dd:bf:
67:34:01:c6:1f:c2:1d:b1:a1:51:5d:e0:f3:46:2d:
c4:0a:f0:27:97:25:7d:47:1f:76:a3:ac:ed:c2:29:
19:06:2a:b0:b1:04:7c:a4:21:8a:98:a7:83:83:89:
cf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F2:70:F9:7A:B3:B2:E3:80:4B:6F:0B:B5:B6:E4:75:2F:52:A5:AB
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/nPJw-XqzsuOAS28LtbbkdS9Spas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.32.0/24
147.234.87.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5c:bf:50:61:96:6f:f0:f3:da:ac:55:e5:0c:ff:b0:33:fa:
ed:e2:c6:9f:12:87:f0:d2:45:32:40:7b:70:51:66:fd:23:dc:
a1:96:79:d1:e8:46:b5:90:6e:6e:05:32:5a:4e:68:17:a8:41:
0b:7c:ec:b8:9b:e7:18:3c:a6:ae:0a:c5:a1:8e:04:7f:c0:e7:
ef:fd:df:ef:15:c2:e9:a2:c5:04:33:fa:50:c9:6a:9a:30:ca:
0f:70:30:eb:dd:26:1f:07:d1:71:e6:ab:50:a4:20:45:e1:5c:
04:83:62:0d:3a:77:b0:88:36:75:b2:85:81:9a:4c:bb:22:ac:
0a:59:5c:0a:48:bf:40:b8:3f:f4:5b:64:fc:4d:f5:4f:5b:ff:
64:52:7f:f0:5d:03:bd:f3:f6:2b:e0:a3:37:d5:cf:1d:de:c8:
7e:56:ef:0e:ed:04:fe:ad:08:47:34:81:55:60:4d:83:d7:09:
ba:c0:18:66:be:eb:b8:f9:24:6e:9a:37:e5:10:d2:5c:fc:d7:
94:04:64:e5:8c:b7:70:b7:41:41:d6:3f:de:a2:70:61:a5:79:
ee:81:89:3a:35:26:3e:5f:a3:e0:b1:4b:40:0d:c6:a7:a2:95:
b1:0d:45:c2:13:c0:a2:bb:4f:5c:be:90:a0:d6:ab:e8:81:21:
a1:34:a5:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzDNJ8P4ZhkHflTztS/v8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2YyNzBmOTdhYjNiMmUzODA0YjZmMGJiNWI2ZTQ3NTJmNTJhNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtf75pUApGy01+aCfEFUlk0ckK/a
os+fHyvvUOPpjkOnzTADbY0l8eBiVrT3F+1K/JWupmHKxbuPzADL1bjKBdGjab36
VgR+q+I9Ciyk4xlYud/QC64zqwztbvMpuE1tBsvSoqcmw2Yx2167Mf0ysy7oQQGR
9LlmT/kovXzZhCdI/4aTXnFq3dcZCbg3QkJk+cR4DSMWRwjRx4u1/Ly2W9G7b38d
kK1ASfhaiqeG/yNPZhcWIv4PfiKwLs5qKQTWA19R628Aj++WPorSH5lo3b9nNAHG
H8IdsaFRXeDzRi3ECvAnlyV9Rx92o6ztwikZBiqwsQR8pCGKmKeDg4nPfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJzycPl6s7LjgEtvC7W25HUvUqWrMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvblBKdy1YcXpzdU9BUzI4THRiYmtkUzlTcGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk+ogAwQA
k+pXMA0GCSqGSIb3DQEBCwUAA4IBAQBkXL9QYZZv8PParFXlDP+wM/rt4safEofw
0kUyQHtwUWb9I9yhlnnR6Ea1kG5uBTJaTmgXqEELfOy4m+cYPKauCsWhjgR/wOfv
/d/vFcLposUEM/pQyWqaMMoPcDDr3SYfB9Fx5qtQpCBF4VwEg2INOnewiDZ1soWB
mky7IqwKWVwKSL9AuD/0W2T8TfVPW/9kUn/wXQO98/Yr4KM31c8d3sh+Vu8O7QT+
rQhHNIFVYE2D1wm6wBhmvuu4+SRumjflENJc/NeUBGTljLdwt0FB1j/eonBhpXnu
gYk6NSY+X6PgsUtADcanopWxDUXCE8Ciu09cvpCg1qvogSGhNKXk
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:55 2025 by rpki-client