Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/Su7HiJi7Zi6Y60rQY7fN8fAz4KA.roa
File: Su7HiJi7Zi6Y60rQY7fN8fAz4KA.roa (raw, json)
Hash identifier: ZcmMxAJWUFiyVfEasBWH5vp/x7sYQWSOEYsH0wTtQE4=
Subject key identifier: 4A:EE:C7:88:98:BB:66:2E:98:EB:4A:D0:63:B7:CD:F1:F0:33:E0:A0
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 98242D
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/Su7HiJi7Zi6Y60rQY7fN8fAz4KA.roa
Signing time: Sat 01 Jan 2022 01:54:52 +0000
ROA not before: Sat 01 Jan 2022 01:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4134
IP address blocks: 147.78.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9970733 (0x98242d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 1 01:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4aeec78898bb662e98eb4ad063b7cdf1f033e0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:52:f5:64:44:f1:c9:4b:62:c0:e8:e5:7f:67:
2c:61:a8:39:af:fa:d2:c8:35:ea:1a:4a:da:c7:ad:
b6:5b:27:de:e4:da:1e:cc:13:3b:ef:c9:36:1c:e8:
fd:f5:b0:da:06:64:07:d1:54:c5:b4:84:a6:24:f1:
78:22:ea:39:0b:59:79:59:9f:5f:09:54:87:bc:ae:
16:d7:64:d9:1f:e2:43:e3:47:75:e3:93:60:ff:b9:
75:f1:a8:82:0c:7a:34:38:87:bb:32:d7:cb:3f:d4:
bb:9c:be:56:7b:da:97:6e:76:18:e5:14:44:cc:32:
ef:97:4f:fd:88:06:d9:a2:2e:d7:91:d2:6f:52:fc:
14:ea:8e:13:4e:ec:c3:de:85:7c:45:c2:8a:4e:9c:
53:0f:34:87:b9:57:af:2d:27:4e:40:64:0b:3e:95:
39:c0:81:11:d0:ac:78:fa:a6:59:95:13:bb:35:20:
7a:ab:c3:52:8b:50:f8:d6:1b:05:20:71:5a:a6:7e:
ed:2c:10:56:0a:44:89:cc:1d:bd:c0:ba:17:a9:81:
16:58:68:ad:2f:d7:4d:6e:05:da:7f:8b:41:07:ec:
75:2a:c7:00:05:7b:6d:63:ff:69:63:91:04:f0:bc:
6f:6b:ad:6c:06:4e:3f:86:8f:47:66:3b:8b:38:16:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:EE:C7:88:98:BB:66:2E:98:EB:4A:D0:63:B7:CD:F1:F0:33:E0:A0
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/Su7HiJi7Zi6Y60rQY7fN8fAz4KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.134.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:27:f6:29:2a:21:40:ab:11:c2:44:90:86:40:11:f8:e5:c4:
48:cc:e6:00:b6:ba:97:c5:c4:da:f0:bc:cc:ae:69:a9:dd:af:
d8:6a:e8:30:9b:18:bd:97:b4:79:a3:30:16:48:a1:06:e4:20:
7a:e4:30:a0:0c:9e:16:cc:7f:5e:4f:0a:84:9c:4c:16:d8:d2:
ef:1a:46:5a:22:b0:c6:c9:d6:77:ed:aa:3d:a2:4f:e3:51:85:
80:3f:a1:25:26:4d:a9:6e:25:7a:d9:c1:47:df:85:6f:90:24:
c0:55:54:6d:08:6b:f4:de:5b:6e:03:6f:0d:93:33:20:00:54:
ca:2f:e2:8b:62:ae:1a:99:02:45:3a:79:be:22:e3:94:b9:b1:
dd:b8:44:13:a5:d3:8d:da:a1:cf:7e:9e:74:21:ea:9c:ea:b8:
1a:82:82:c5:dc:7c:04:73:2e:e8:19:97:cc:5e:dc:55:00:b3:
62:08:57:b6:3f:3e:21:24:dd:e4:07:27:47:ec:e9:02:c7:1a:
78:96:c4:49:bc:24:96:fc:7d:fe:2a:15:5f:ba:51:a7:10:f5:
1f:dc:e3:8d:2e:5d:fc:a2:e5:c8:df:1d:4c:c0:01:eb:6b:9d:
70:32:14:02:10:16:45:e9:30:60:a4:6e:7c:27:6a:d0:51:89:
70:b0:2c:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJgkLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmI3YzIwYjU1YTQ3MGRhYjg5MmY0YzkxZWEwMDEwYmQxYzM5ZjM0MB4XDTIyMDEw
MTAxNTQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFlZWM3ODg5OGJi
NjYyZTk4ZWI0YWQwNjNiN2NkZjFmMDMzZTBhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFS9WRE8clLYsDo5X9nLGGoOa/60sg16hpK2settlsn3uTa
HswTO+/JNhzo/fWw2gZkB9FUxbSEpiTxeCLqOQtZeVmfXwlUh7yuFtdk2R/iQ+NH
deOTYP+5dfGoggx6NDiHuzLXyz/Uu5y+Vnval252GOUURMwy75dP/YgG2aIu15HS
b1L8FOqOE07sw96FfEXCik6cUw80h7lXry0nTkBkCz6VOcCBEdCsePqmWZUTuzUg
eqvDUotQ+NYbBSBxWqZ+7SwQVgpEicwdvcC6F6mBFlhorS/XTW4F2n+LQQfsdSrH
AAV7bWP/aWORBPC8b2utbAZOP4aPR2Y7izgWOtcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRK7seImLtmLpjrStBjt83x8DPgoDAfBgNVHSMEGDAWgBTLt8ILVaRw2riS
9MkeoAEL0cOfNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3k3ZkNDMVdrY05xNGt2VEpIcUFCQzlIRG56US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvN2YwYzI0LTQ0MGEtNGZmNy1hMGM4LTI1NjMzOTczNmMyYi8x
L1N1N0hpSmk3Wmk2WTYwclFZN2ZOOGZBejRLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
N2YwYzI0LTQ0MGEtNGZmNy1hMGM4LTI1NjMzOTczNmMyYi8xL3k3ZkNDMVdrY05x
NGt2VEpIcUFCQzlIRG56US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZNOhjANBgkqhkiG9w0BAQsFAAOC
AQEAiif2KSohQKsRwkSQhkAR+OXESMzmALa6l8XE2vC8zK5pqd2v2GroMJsYvZe0
eaMwFkihBuQgeuQwoAyeFsx/Xk8KhJxMFtjS7xpGWiKwxsnWd+2qPaJP41GFgD+h
JSZNqW4letnBR9+Fb5AkwFVUbQhr9N5bbgNvDZMzIABUyi/ii2KuGpkCRTp5viLj
lLmx3bhEE6XTjdqhz36edCHqnOq4GoKCxdx8BHMu6BmXzF7cVQCzYghXtj8+ISTd
5AcnR+zpAscaeJbESbwklvx9/ioVX7pRpxD1H9zjjS5d/KLlyN8dTMAB62udcDIU
AhAWRekwYKRufCdq0FGJcLAsyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-ams.rpki-client.org