Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/uqb7Vw1Nfb6zShbIKDHRvnpnsiY.roa
File: uqb7Vw1Nfb6zShbIKDHRvnpnsiY.roa (raw, json)
Hash identifier: UA8KJZGI929jmsXJq5dGev+KBnu61UNytx2fm3xtZAA=
Subject key identifier: BA:A6:FB:57:0D:4D:7D:BE:B3:4A:16:C8:28:31:D1:BE:7A:67:B2:26
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 01835F038CE3F5B47E003FFDACC3CB6B7E7C
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/uqb7Vw1Nfb6zShbIKDHRvnpnsiY.roa
Signing time: Wed 21 Sep 2022 07:46:51 +0000
ROA not before: Wed 21 Sep 2022 07:46:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 147.234.89.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:03:8c:e3:f5:b4:7e:00:3f:fd:ac:c3:cb:6b:7e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Sep 21 07:46:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=baa6fb570d4d7dbeb34a16c82831d1be7a67b226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:22:b2:bf:64:ee:72:ad:35:42:af:31:44:
e0:84:49:0b:bc:d9:5b:6a:4d:1c:fc:e7:3a:cc:e8:
f7:b3:e1:d6:43:0b:0b:72:00:a6:fd:d3:9d:f3:9b:
92:68:b5:9a:c8:a5:9c:42:6f:82:f8:41:18:87:06:
d5:c2:b2:29:55:e2:31:1e:db:8d:b3:89:7f:81:06:
93:55:54:06:4b:e6:f3:cf:1d:9e:39:da:2b:c7:31:
46:10:2e:55:15:7b:c1:88:30:1c:9c:8b:0d:87:36:
14:48:7d:2d:2e:db:15:f7:96:d3:ed:06:0e:91:6b:
72:eb:20:49:f1:db:82:32:ae:08:50:36:45:51:96:
16:e7:8e:de:43:3b:a0:fe:36:b0:e4:48:79:5f:89:
c6:76:fe:f1:14:f1:b7:c8:c4:bb:10:a6:7e:e8:93:
9f:5a:5e:e1:39:a4:f7:50:df:33:ca:cc:a6:e2:08:
67:f7:d0:be:1d:54:c9:df:05:5b:c6:ff:91:ba:60:
77:d7:24:1d:b1:c8:8a:cd:c8:24:c3:8b:f6:ac:f5:
f5:a3:c5:fe:5b:3e:0f:d4:70:f5:bb:9e:0e:d6:1f:
2a:49:ef:c6:83:49:08:b6:08:36:4e:e6:a3:4d:95:
af:e5:ea:66:a7:ec:fe:41:60:dd:84:cc:c8:33:7a:
6b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A6:FB:57:0D:4D:7D:BE:B3:4A:16:C8:28:31:D1:BE:7A:67:B2:26
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/uqb7Vw1Nfb6zShbIKDHRvnpnsiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.74.0/23
147.234.88.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:c8:db:fc:db:60:03:0d:86:85:ce:cb:75:97:0c:04:f0:a4:
34:f5:c9:ba:7e:e9:c7:a5:4b:7d:06:2c:d7:0c:74:c8:8f:6a:
ba:73:c3:9a:03:0c:80:5c:12:99:ed:cf:c2:1b:66:79:68:65:
3b:f2:db:59:e2:db:a6:05:6f:26:2f:9b:12:4f:16:58:d1:3f:
76:00:31:9a:76:18:67:54:08:b8:5c:66:71:24:22:b7:5d:aa:
95:ed:e4:01:bc:5f:0f:e1:cb:86:ec:29:f4:7e:3e:0b:be:64:
86:60:89:c3:8e:23:cc:4d:d4:51:4b:61:63:85:95:4e:f3:93:
81:ec:11:f5:d5:0b:d2:38:17:28:55:d1:e3:42:1d:76:7c:d3:
df:79:c5:7c:73:71:30:ac:ce:69:04:91:c6:5e:69:4a:72:6f:
f4:6e:d8:b4:18:fa:4a:4b:31:5b:3b:a8:1d:4a:c0:6b:ea:1c:
3b:1e:12:99:6b:16:74:3e:a7:e2:e3:10:b1:05:99:9a:f5:50:
64:57:dc:03:71:d7:74:62:3c:78:2d:7f:94:32:e9:99:46:b9:
d5:92:85:19:68:33:2c:81:b1:8e:c9:bc:2b:ce:87:3e:99:1a:
50:65:34:cb:68:7b:da:f3:f8:30:91:fe:2c:82:8a:24:ce:d7:
87:10:21:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNfA4zj9bR+AD/9rMPLa358MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjIwOTIxMDc0NjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE2ZmI1NzBkNGQ3ZGJlYjM0YTE2YzgyODMxZDFiZTdhNjdiMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLYisr9k7nKtNUKvMUTghEkLvNlb
ak0c/Oc6zOj3s+HWQwsLcgCm/dOd85uSaLWayKWcQm+C+EEYhwbVwrIpVeIxHtuN
s4l/gQaTVVQGS+bzzx2eOdorxzFGEC5VFXvBiDAcnIsNhzYUSH0tLtsV95bT7QYO
kWty6yBJ8duCMq4IUDZFUZYW547eQzug/jaw5Eh5X4nGdv7xFPG3yMS7EKZ+6JOf
Wl7hOaT3UN8zysym4ghn99C+HVTJ3wVbxv+RumB31yQdsciKzcgkw4v2rPX1o8X+
Wz4P1HD1u54O1h8qSe/Gg0kItgg2TuajTZWv5epmp+z+QWDdhMzIM3prKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqm+1cNTX2+s0oWyCgx0b56Z7ImMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvdXFiN1Z3MU5mYjZ6U2hiSUtESFJ2bnBuc2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBk+pKAwQB
k+pYMA0GCSqGSIb3DQEBCwUAA4IBAQAOyNv822ADDYaFzst1lwwE8KQ09cm6funH
pUt9BizXDHTIj2q6c8OaAwyAXBKZ7c/CG2Z5aGU78ttZ4tumBW8mL5sSTxZY0T92
ADGadhhnVAi4XGZxJCK3XaqV7eQBvF8P4cuG7Cn0fj4LvmSGYInDjiPMTdRRS2Fj
hZVO85OB7BH11QvSOBcoVdHjQh12fNPfecV8c3EwrM5pBJHGXmlKcm/0bti0GPpK
SzFbO6gdSsBr6hw7HhKZaxZ0Pqfi4xCxBZma9VBkV9wDcdd0Yjx4LX+UMumZRrnV
koUZaDMsgbGOybwrzoc+mRpQZTTLaHva8/gwkf4sgookzteHECF/
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:54:51 2025 by rpki-client