Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/Ob3Gjp-eeTjUzxOAZfHFxN94-DI.roa
File: Ob3Gjp-eeTjUzxOAZfHFxN94-DI.roa (raw, json)
Hash identifier: MyphfFWx5eCUlqkqGvAIWWX6zMY6jhF1ESbgaAosybg=
Subject key identifier: 39:BD:C6:8E:9F:9E:79:38:D4:CF:13:80:65:F1:C5:C4:DF:78:F8:32
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 01856C0A399AC73CFAB5BD10FC94E11D3009
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/Ob3Gjp-eeTjUzxOAZfHFxN94-DI.roa
Signing time: Sun 01 Jan 2023 06:34:47 +0000
ROA not before: Sun 01 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4809
IP address blocks: 147.78.132.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:39:9a:c7:3c:fa:b5:bd:10:fc:94:e1:1d:30:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 1 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39bdc68e9f9e7938d4cf138065f1c5c4df78f832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:00:d5:b5:03:d1:12:32:0d:82:6c:12:e0:a4:
8f:db:e9:f3:34:f2:a2:cf:00:3a:a0:9d:06:70:f9:
b5:4d:cf:72:fb:97:73:46:a3:b7:16:9f:97:83:12:
8c:83:e5:55:a4:25:47:98:bf:b9:df:79:a9:67:3a:
fa:f9:d8:45:64:2a:be:35:a8:7f:9f:38:b3:f1:72:
a8:8b:76:70:cc:6e:93:0d:5e:b4:76:91:f8:2b:64:
6d:a2:98:b9:ac:75:b6:5f:0f:7c:2a:9a:9d:4f:d0:
ee:29:48:d7:8a:f5:e4:cf:05:d4:5e:30:e6:6c:43:
ab:a7:af:77:86:81:7f:26:3c:84:d0:32:32:1f:57:
4b:37:af:74:1c:d6:c1:da:3f:d2:7c:eb:8f:10:eb:
aa:de:c5:5b:6e:64:ba:c4:d0:36:4b:d4:5e:45:e8:
47:fb:dc:34:89:1f:9d:1a:47:8c:2a:ba:d6:11:42:
aa:46:89:57:61:67:eb:f5:6e:1b:59:9c:3a:2e:41:
b3:03:d8:01:82:55:46:5e:12:7e:95:52:46:bf:ed:
d3:4e:2d:98:37:a1:32:b7:18:1c:61:92:3b:a5:f8:
5c:28:28:0a:67:9d:35:be:19:02:db:b3:43:aa:8f:
6e:7c:ca:d2:75:e7:66:f6:98:6e:84:4b:15:34:01:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BD:C6:8E:9F:9E:79:38:D4:CF:13:80:65:F1:C5:C4:DF:78:F8:32
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/Ob3Gjp-eeTjUzxOAZfHFxN94-DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.132.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:29:2b:58:a7:bb:4c:52:9b:a0:20:8f:84:3e:4b:33:0a:0c:
c5:7a:b5:4a:af:e6:f7:91:6e:30:99:f4:e8:15:a3:60:95:c8:
58:45:1e:1e:21:c0:a6:b7:c2:1a:70:bb:7d:76:d1:b1:d9:e4:
39:ed:66:6e:7f:99:ec:35:6a:53:39:ad:ce:12:c7:f8:84:48:
a1:cd:04:80:80:c8:41:3f:bd:b1:1f:9f:86:c6:36:6d:16:98:
52:b1:d3:06:a4:7d:f3:8f:66:89:20:83:49:fc:e9:5b:a2:65:
2d:58:89:48:75:a0:04:2a:64:bf:e7:fb:d8:63:66:7f:07:3b:
23:dd:af:d1:99:7c:e2:6a:d6:94:bf:96:d4:c4:4d:66:de:18:
f9:6d:57:5c:8d:05:42:b0:3e:9d:b3:4a:ba:7d:c6:41:9d:77:
7b:22:6f:82:17:e6:72:17:de:5b:38:2d:22:88:2c:e4:07:fd:
d9:9c:c8:99:5e:86:bd:f5:08:c0:d4:64:d8:54:55:41:b0:80:
da:81:c2:6f:13:a7:a6:52:0e:e0:78:91:b4:db:ab:95:9d:9a:
02:76:51:4e:b4:b6:c7:9b:2b:14:64:b4:ec:99:f0:5b:fe:ec:
17:07:e9:3c:79:b0:74:a2:cd:f7:67:03:38:10:60:c7:67:25:
dd:cc:9e:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCjmaxzz6tb0Q/JThHTAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjdjMjBiNTVhNDcwZGFiODkyZjRjOTFlYTAwMTBiZDFj
MzlmMzQwHhcNMjMwMTAxMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJkYzY4ZTlmOWU3OTM4ZDRjZjEzODA2NWYxYzVjNGRmNzhmODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkADVtQPREjINgmwS4KSP2+nzNPKi
zwA6oJ0GcPm1Tc9y+5dzRqO3Fp+XgxKMg+VVpCVHmL+533mpZzr6+dhFZCq+Nah/
nziz8XKoi3ZwzG6TDV60dpH4K2Rtopi5rHW2Xw98KpqdT9DuKUjXivXkzwXUXjDm
bEOrp693hoF/JjyE0DIyH1dLN690HNbB2j/SfOuPEOuq3sVbbmS6xNA2S9ReRehH
+9w0iR+dGkeMKrrWEUKqRolXYWfr9W4bWZw6LkGzA9gBglVGXhJ+lVJGv+3TTi2Y
N6EytxgcYZI7pfhcKCgKZ501vhkC27NDqo9ufMrSdedm9phuhEsVNAFDvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDm9xo6fnnk41M8TgGXxxcTfePgyMB8GA1UdIwQY
MBaAFMu3wgtVpHDauJL0yR6gAQvRw580MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgt
MjU2MzM5NzM2YzJiLzEvT2IzR2pwLWVlVGpVenhPQVpmSEZ4Tjk0LURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgtMjU2MzM5NzM2YzJi
LzEveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk06EMA0G
CSqGSIb3DQEBCwUAA4IBAQBeKStYp7tMUpugII+EPkszCgzFerVKr+b3kW4wmfTo
FaNglchYRR4eIcCmt8IacLt9dtGx2eQ57WZuf5nsNWpTOa3OEsf4hEihzQSAgMhB
P72xH5+GxjZtFphSsdMGpH3zj2aJIINJ/OlbomUtWIlIdaAEKmS/5/vYY2Z/Bzsj
3a/RmXziataUv5bUxE1m3hj5bVdcjQVCsD6ds0q6fcZBnXd7Im+CF+ZyF95bOC0i
iCzkB/3ZnMiZXoa99QjA1GTYVFVBsIDagcJvE6emUg7geJG026uVnZoCdlFOtLbH
mysUZLTsmfBb/uwXB+k8ebB0os33ZwM4EGDHZyXdzJ5G
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:58 2025 by rpki-client