Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/zP3p_DJeLUYVOoFv2-M0Thz8uGg.roa
File: zP3p_DJeLUYVOoFv2-M0Thz8uGg.roa (raw, json)
Hash identifier: kgSsCunNTgbGOC4ixpw6VYa2prfgN5+2IQGZWLbc7po=
Subject key identifier: CC:FD:E9:FC:32:5E:2D:46:15:3A:81:6F:DB:E3:34:4E:1C:FC:B8:68
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0DE4DB3D
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/zP3p_DJeLUYVOoFv2-M0Thz8uGg.roa
Signing time: Sat 01 Jan 2022 10:54:08 +0000
ROA not before: Sat 01 Jan 2022 10:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 147.136.68.0/22 maxlen: 24
147.136.76.0/22 maxlen: 24
147.136.84.0/22 maxlen: 24
147.136.92.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233102141 (0xde4db3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 10:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ccfde9fc325e2d46153a816fdbe3344e1cfcb868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:37:f7:c4:ab:82:29:72:aa:33:7a:be:68:ad:
4f:c3:b0:aa:c5:b0:77:19:20:81:cc:c4:9d:ee:74:
86:4b:54:78:c5:6d:96:8c:da:74:54:9b:0e:c7:76:
83:d4:67:d3:a3:0a:0f:b1:79:a5:33:59:36:43:e0:
30:26:1e:b7:d6:46:b9:19:87:76:71:cf:0f:c9:7d:
5d:46:98:7a:1f:23:a2:a7:b1:85:7d:d4:21:23:fe:
65:42:9f:df:d2:34:51:02:3b:ea:f0:dd:df:b5:dd:
73:0f:73:50:25:e8:41:c8:5c:03:8b:14:81:6b:41:
a6:f8:e2:b5:8b:94:a6:57:50:69:d7:94:fd:0e:f5:
3a:af:06:7f:87:87:17:08:af:dd:6f:5e:0e:47:81:
aa:ff:b9:74:7a:96:91:a2:9d:b7:fc:f4:c0:a7:a4:
db:9b:e9:50:1b:a9:17:f2:ef:08:92:10:1a:37:27:
c5:93:da:0e:a7:be:08:c9:14:1a:d9:e3:3d:00:aa:
7c:a1:af:bd:31:08:36:04:c9:db:65:fe:05:a5:3e:
09:b1:2b:9f:3a:d5:fb:e6:43:2a:08:14:44:11:4f:
00:c2:6f:fc:51:5e:92:86:62:cb:e6:84:34:a3:65:
5f:0e:ee:6f:b6:30:6d:11:c2:b1:66:25:27:6a:db:
a5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:FD:E9:FC:32:5E:2D:46:15:3A:81:6F:DB:E3:34:4E:1C:FC:B8:68
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/zP3p_DJeLUYVOoFv2-M0Thz8uGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.68.0/22
147.136.76.0/22
147.136.84.0/22
147.136.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:6e:74:09:59:0b:cb:35:54:4b:d4:eb:40:87:51:c1:98:07:
79:2f:5d:82:2c:26:6e:61:09:dd:03:84:fb:a8:46:97:98:a3:
fd:59:54:0c:de:a7:15:d4:85:62:c0:d5:ca:04:b4:18:48:91:
21:e4:a9:47:69:89:df:99:d4:9a:4c:79:07:cc:97:a8:72:ad:
99:f2:f3:b3:76:4e:ba:1a:c0:1d:7b:7b:68:fc:7f:da:f8:50:
2d:07:56:bf:92:5c:e1:fa:f1:0c:d1:48:6b:b6:90:59:b2:57:
54:7f:59:35:dc:80:02:3c:9a:de:79:ad:8b:1a:24:a0:93:b7:
2d:4c:05:f7:8b:d9:85:dc:23:d1:c3:e2:9f:8b:ae:de:d4:8c:
f8:2f:98:b7:76:3d:ba:08:81:f0:fc:fb:80:86:4e:e3:00:5d:
11:cd:d0:7c:a0:e5:4f:34:3e:8a:16:cd:93:2e:e4:6a:82:d6:
ba:f0:c2:91:73:5f:20:aa:b7:11:bb:11:10:8c:f2:02:3b:90:
57:8c:5c:e3:16:5d:84:a0:21:21:08:7f:79:38:ed:8d:d1:b4:
94:de:ba:58:e2:44:88:76:43:ae:b1:9d:68:a8:21:48:f8:01:
55:da:3b:bc:c1:f6:a9:f9:1d:bd:95:34:56:8f:ca:2d:dc:b9:
79:e6:0f:e5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDeTbPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MB4XDTIyMDEw
MTEwNTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2NmZGU5ZmMzMjVl
MmQ0NjE1M2E4MTZmZGJlMzM0NGUxY2ZjYjg2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8398SrgilyqjN6vmitT8OwqsWwdxkggczEne50hktUeMVt
lozadFSbDsd2g9Rn06MKD7F5pTNZNkPgMCYet9ZGuRmHdnHPD8l9XUaYeh8joqex
hX3UISP+ZUKf39I0UQI76vDd37Xdcw9zUCXoQchcA4sUgWtBpvjitYuUpldQadeU
/Q71Oq8Gf4eHFwiv3W9eDkeBqv+5dHqWkaKdt/z0wKek25vpUBupF/LvCJIQGjcn
xZPaDqe+CMkUGtnjPQCqfKGvvTEINgTJ22X+BaU+CbErnzrV++ZDKggURBFPAMJv
/FFekoZiy+aENKNlXw7ub7YwbRHCsWYlJ2rbpVcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTM/en8Ml4tRhU6gW/b4zROHPy4aDAfBgNVHSMEGDAWgBSCZgW00n8Tlo6H
lObvCRIjdIgX2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtWUZ0TkpfRTVhT2g1VG03d2tTSTNTSUY5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8x
L3pQM3BfREplTFVZVk9vRnYyLU0wVGh6OHVHZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8xL2dtWUZ0TkpfRTVh
T2g1VG03d2tTSTNTSUY5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEApOIRAMEApOITAMEApOIVAMEApOI
XDANBgkqhkiG9w0BAQsFAAOCAQEAXm50CVkLyzVUS9TrQIdRwZgHeS9dgiwmbmEJ
3QOE+6hGl5ij/VlUDN6nFdSFYsDVygS0GEiRIeSpR2mJ35nUmkx5B8yXqHKtmfLz
s3ZOuhrAHXt7aPx/2vhQLQdWv5Jc4frxDNFIa7aQWbJXVH9ZNdyAAjya3nmtixok
oJO3LUwF94vZhdwj0cPin4uu3tSM+C+Yt3Y9ugiB8Pz7gIZO4wBdEc3QfKDlTzQ+
ihbNky7kaoLWuvDCkXNfIKq3EbsREIzyAjuQV4xc4xZdhKAhIQh/eTjtjdG0lN66
WOJEiHZDrrGdaKghSPgBVdo7vMH2qfkdvZU0Vo/KLdy5eeYP5Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org