Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/528de1-8f68-4cb9-b6ce-ffaaa299af61/1/iARbbVrV0ILKWBjjivDhz2jSGRo.roa
File: iARbbVrV0ILKWBjjivDhz2jSGRo.roa (raw, json)
Hash identifier: 4927vv3rYJ7i9S98lV7DEZ6YxbcAe4/1nX7MK1B0b0w=
Subject key identifier: 88:04:5B:6D:5A:D5:D0:82:CA:58:18:E3:8A:F0:E1:CF:68:D2:19:1A
Certificate issuer: /CN=6b34fa53d1d84dbabe698d5bbccaedf109d157ae
Certificate serial: 1557CEE8
Authority key identifier: 6B:34:FA:53:D1:D8:4D:BA:BE:69:8D:5B:BC:CA:ED:F1:09:D1:57:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/azT6U9HYTbq-aY1bvMrt8QnRV64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/528de1-8f68-4cb9-b6ce-ffaaa299af61/1/iARbbVrV0ILKWBjjivDhz2jSGRo.roa
Signing time: Sat 01 Jan 2022 10:57:30 +0000
ROA not before: Sat 01 Jan 2022 10:57:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8762
IP address blocks: 147.95.200.0/24 maxlen: 24
147.95.0.0/16 maxlen: 16
147.95.128.0/20 maxlen: 20
147.95.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358076136 (0x1557cee8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b34fa53d1d84dbabe698d5bbccaedf109d157ae
Validity
Not Before: Jan 1 10:57:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88045b6d5ad5d082ca5818e38af0e1cf68d2191a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:b3:c5:f5:9b:df:88:66:0e:ef:7c:f3:24:
d1:fd:68:1c:a8:9b:f1:d3:74:e4:bd:05:36:c9:63:
1e:99:e4:3c:15:ff:0f:ea:89:ac:db:e5:b9:10:f0:
ce:40:7a:4f:98:be:1d:7a:38:60:74:e2:7b:77:40:
2e:a6:fd:b9:d4:f3:95:2f:b2:d5:81:47:14:a6:bc:
a3:e1:b4:97:90:1c:56:cd:bf:3f:be:e5:1a:d2:19:
01:da:ca:3e:21:be:bf:26:ee:2b:c2:f5:9f:30:b1:
4b:44:67:8c:63:3c:b6:ba:c2:f0:f6:36:dc:be:a2:
95:2f:09:f6:0d:84:17:45:e4:68:b9:81:13:b2:f3:
f3:fc:f2:fa:3f:1a:2e:9a:ff:e3:3d:64:a3:e0:5b:
df:8c:60:f8:b1:48:0a:b8:31:a1:42:74:dd:32:88:
3f:dc:a9:af:5a:55:12:cf:f6:59:0f:15:30:ac:9f:
85:50:5a:18:fa:b5:89:bf:7c:6e:df:59:59:d5:4f:
84:5b:c8:27:ad:88:f8:84:78:cb:32:0b:4f:75:f6:
4c:94:6b:4e:4a:63:e2:44:b2:fa:03:7e:e5:5f:94:
7e:64:77:af:34:c7:df:35:05:16:61:d4:74:cd:08:
ec:bc:29:87:2e:0e:21:6b:9b:11:5b:8c:f1:66:e9:
cf:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:04:5B:6D:5A:D5:D0:82:CA:58:18:E3:8A:F0:E1:CF:68:D2:19:1A
X509v3 Authority Key Identifier:
keyid:6B:34:FA:53:D1:D8:4D:BA:BE:69:8D:5B:BC:CA:ED:F1:09:D1:57:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/azT6U9HYTbq-aY1bvMrt8QnRV64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/528de1-8f68-4cb9-b6ce-ffaaa299af61/1/iARbbVrV0ILKWBjjivDhz2jSGRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/528de1-8f68-4cb9-b6ce-ffaaa299af61/1/azT6U9HYTbq-aY1bvMrt8QnRV64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:90:6d:4e:16:8c:3a:8b:69:67:f3:10:76:42:03:b7:f8:7b:
5c:4d:01:9c:43:42:e9:a9:15:3a:18:25:6e:5a:7a:9d:d6:37:
0a:3c:98:16:52:9c:c2:08:43:93:81:a5:f6:ff:e9:a3:ad:d5:
bf:38:d0:78:d2:f4:ca:b4:e7:df:ca:95:92:25:74:e1:af:96:
28:af:87:13:d8:44:b1:00:e3:17:67:8f:25:7a:bf:40:64:a6:
1a:6e:93:5e:d1:a0:9d:98:2b:5f:5d:80:46:22:0f:b7:64:75:
6c:80:a0:f2:37:7f:11:6b:ae:7b:c9:89:39:ee:78:c7:45:c1:
3f:4d:18:30:84:a5:26:35:10:f5:0f:03:0d:8d:05:36:6b:dc:
32:6a:f4:a0:58:1b:62:54:ef:ba:55:8a:d4:f8:73:5d:6f:47:
03:06:bf:f1:e8:54:73:bc:1d:c6:a7:be:c9:a2:3f:f4:40:f9:
55:97:44:b3:c3:80:dd:a7:1f:25:1f:09:b8:d9:e7:85:03:c8:
21:f0:d5:0b:7c:db:3a:ed:34:9c:c7:81:4e:61:c6:b2:48:d3:
78:16:cb:64:46:81:c8:0a:d0:c5:24:e4:70:1f:e8:0b:d3:88:
02:6e:7b:01:e5:f7:73:c2:d7:06:55:7f:0a:ad:13:a8:ef:85:
53:67:84:4f
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEFVfO6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjM0ZmE1M2QxZDg0ZGJhYmU2OThkNWJiY2NhZWRmMTA5ZDE1N2FlMB4XDTIyMDEw
MTEwNTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgwNDViNmQ1YWQ1
ZDA4MmNhNTgxOGUzOGFmMGUxY2Y2OGQyMTkxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6Ys8X1m9+IZg7vfPMk0f1oHKib8dN05L0FNsljHpnkPBX/
D+qJrNvluRDwzkB6T5i+HXo4YHTie3dALqb9udTzlS+y1YFHFKa8o+G0l5AcVs2/
P77lGtIZAdrKPiG+vybuK8L1nzCxS0RnjGM8trrC8PY23L6ilS8J9g2EF0XkaLmB
E7Lz8/zy+j8aLpr/4z1ko+Bb34xg+LFICrgxoUJ03TKIP9ypr1pVEs/2WQ8VMKyf
hVBaGPq1ib98bt9ZWdVPhFvIJ62I+IR4yzILT3X2TJRrTkpj4kSy+gN+5V+UfmR3
rzTH3zUFFmHUdM0I7Lwphy4OIWubEVuM8Wbpz9cCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBSIBFttWtXQgspYGOOK8OHPaNIZGjAfBgNVHSMEGDAWgBRrNPpT0dhNur5p
jVu8yu3xCdFXrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F6VDZVOUhZVGJxLWFZMWJ2TXJ0OFFuUlY2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvNTI4ZGUxLThmNjgtNGNiOS1iNmNlLWZmYWFhMjk5YWY2MS8x
L2lBUmJiVnJWMElMS1dCamppdkRoejJqU0dSby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
NTI4ZGUxLThmNjgtNGNiOS1iNmNlLWZmYWFhMjk5YWY2MS8xL2F6VDZVOUhZVGJx
LWFZMWJ2TXJ0OFFuUlY2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJNfMA0GCSqGSIb3DQEBCwUAA4IB
AQBRkG1OFow6i2ln8xB2QgO3+HtcTQGcQ0LpqRU6GCVuWnqd1jcKPJgWUpzCCEOT
gaX2/+mjrdW/ONB40vTKtOffypWSJXThr5Yor4cT2ESxAOMXZ48ler9AZKYabpNe
0aCdmCtfXYBGIg+3ZHVsgKDyN38Ra657yYk57njHRcE/TRgwhKUmNRD1DwMNjQU2
a9wyavSgWBtiVO+6VYrU+HNdb0cDBr/x6FRzvB3Gp77Joj/0QPlVl0Szw4Ddpx8l
Hwm42eeFA8gh8NULfNs67TScx4FOYcaySNN4FstkRoHICtDFJORwH+gL04gCbnsB
5fdzwtcGVX8KrROo74VTZ4RP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:37 2025 by rpki-client