Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/DUu7lu8shDbChBCR47AC7ZQfRas.roa
File: DUu7lu8shDbChBCR47AC7ZQfRas.roa (raw, json)
Hash identifier: LWjZvd9jeyqShF/HiqR/uLJW1WUrLILHXfaZ1lChQrs=
Subject key identifier: 0D:4B:BB:96:EF:2C:84:36:C2:84:10:91:E3:B0:02:ED:94:1F:45:AB
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 01856C0A38F744403BCA742D244A93E70CA1
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/DUu7lu8shDbChBCR47AC7ZQfRas.roa
Signing time: Sun 01 Jan 2023 06:34:47 +0000
ROA not before: Sun 01 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4134
IP address blocks: 147.78.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:38:f7:44:40:3b:ca:74:2d:24:4a:93:e7:0c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 1 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d4bbb96ef2c8436c2841091e3b002ed941f45ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:40:64:de:17:08:8e:38:61:05:85:0a:1e:e3:
58:82:cf:36:c8:1b:6a:8d:18:80:6d:cc:74:67:c6:
8f:ef:19:91:6b:99:73:b4:3b:bb:6d:48:d5:4e:eb:
36:36:ba:dc:2d:62:fa:d8:50:0c:9f:4d:41:52:20:
ef:59:e9:db:00:27:8e:df:41:54:03:14:9c:62:7c:
28:87:12:3b:0d:4a:96:36:77:f9:5a:06:96:0a:70:
45:e8:8b:75:a6:cc:54:ff:53:24:28:e4:15:1b:15:
31:71:a2:af:a5:a3:68:75:92:de:84:63:91:a8:1b:
a1:e2:f7:43:e0:e2:e0:6d:85:10:26:81:40:59:ee:
11:03:ef:65:91:55:36:98:78:d3:c7:e2:d2:93:fd:
08:0d:8b:8b:12:12:29:e8:96:a9:cd:73:62:38:43:
a8:37:cf:9f:70:8d:0f:29:5b:68:36:c4:24:ce:05:
e7:dc:51:1c:12:ef:bf:42:6e:a1:dd:ec:e0:2c:80:
8c:79:33:02:02:00:f4:97:90:6f:2a:87:fa:d3:f4:
9d:9d:26:e9:86:7c:3f:5c:a5:dd:55:97:ee:00:11:
54:7e:44:a0:76:61:5b:29:d1:42:af:15:65:7b:39:
5c:1e:51:d4:4a:6b:7a:a5:b6:f6:11:a7:f7:5f:ad:
62:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4B:BB:96:EF:2C:84:36:C2:84:10:91:E3:B0:02:ED:94:1F:45:AB
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/DUu7lu8shDbChBCR47AC7ZQfRas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.134.0/23
Signature Algorithm: sha256WithRSAEncryption
83:41:52:e1:ba:fd:68:d0:e3:c3:ec:d6:c4:a1:1c:f6:0c:62:
b5:25:06:b6:8b:90:ca:8a:8c:81:15:a7:0d:97:4b:e6:b8:eb:
99:3a:42:69:33:cb:60:31:28:1d:a9:99:b8:48:75:48:38:46:
37:0a:cd:20:92:ef:23:ce:16:0e:ab:42:47:61:64:0d:79:35:
a0:bc:dd:2e:66:3c:ff:f5:16:86:33:19:67:27:78:03:b5:0a:
d8:73:03:92:6a:45:c2:ea:4d:69:8a:bc:8d:60:67:3b:1d:dc:
c2:bd:9b:a2:32:66:6f:71:ef:02:a4:7b:4b:45:f1:7f:f8:a3:
91:7a:1e:05:c1:b1:a1:58:fc:c7:1f:92:ee:12:16:ce:47:4d:
d6:f3:29:ff:8e:7a:e1:5f:5a:79:60:d7:ee:f3:1a:cc:66:1b:
d2:55:62:d8:b7:a3:ae:35:63:29:bc:76:55:ba:4c:d8:b7:cf:
29:0d:09:6e:e3:da:57:28:e8:1f:ea:8b:77:f5:fe:ba:a4:93:
c2:95:c7:a1:0f:fc:b0:c8:ba:11:f0:b5:df:51:40:29:e8:01:
37:e6:38:bb:a2:f0:3d:08:2e:39:05:37:52:e8:5f:d1:7b:c8:
d7:f8:f8:54:03:5e:0f:7d:2e:48:38:32:00:ab:0d:32:53:73:
cd:27:e2:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCjj3REA7ynQtJEqT5wyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjdjMjBiNTVhNDcwZGFiODkyZjRjOTFlYTAwMTBiZDFj
MzlmMzQwHhcNMjMwMTAxMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRiYmI5NmVmMmM4NDM2YzI4NDEwOTFlM2IwMDJlZDk0MWY0NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEBk3hcIjjhhBYUKHuNYgs82yBtq
jRiAbcx0Z8aP7xmRa5lztDu7bUjVTus2NrrcLWL62FAMn01BUiDvWenbACeO30FU
AxScYnwohxI7DUqWNnf5WgaWCnBF6It1psxU/1MkKOQVGxUxcaKvpaNodZLehGOR
qBuh4vdD4OLgbYUQJoFAWe4RA+9lkVU2mHjTx+LSk/0IDYuLEhIp6JapzXNiOEOo
N8+fcI0PKVtoNsQkzgXn3FEcEu+/Qm6h3ezgLICMeTMCAgD0l5BvKof60/SdnSbp
hnw/XKXdVZfuABFUfkSgdmFbKdFCrxVlezlcHlHUSmt6pbb2Eaf3X61i1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1Lu5bvLIQ2woQQkeOwAu2UH0WrMB8GA1UdIwQY
MBaAFMu3wgtVpHDauJL0yR6gAQvRw580MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgt
MjU2MzM5NzM2YzJiLzEvRFV1N2x1OHNoRGJDaEJDUjQ3QUM3WlFmUmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgtMjU2MzM5NzM2YzJi
LzEveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk06GMA0G
CSqGSIb3DQEBCwUAA4IBAQCDQVLhuv1o0OPD7NbEoRz2DGK1JQa2i5DKioyBFacN
l0vmuOuZOkJpM8tgMSgdqZm4SHVIOEY3Cs0gku8jzhYOq0JHYWQNeTWgvN0uZjz/
9RaGMxlnJ3gDtQrYcwOSakXC6k1piryNYGc7HdzCvZuiMmZvce8CpHtLRfF/+KOR
eh4FwbGhWPzHH5LuEhbOR03W8yn/jnrhX1p5YNfu8xrMZhvSVWLYt6OuNWMpvHZV
ukzYt88pDQlu49pXKOgf6ot39f66pJPClcehD/ywyLoR8LXfUUAp6AE35ji7ovA9
CC45BTdS6F/Re8jX+PhUA14PfS5IODIAqw0yU3PNJ+IC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:04 2025 by rpki-client