Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/jK_ZlOJsxffR79rZvspUasSmy2c.roa
File: jK_ZlOJsxffR79rZvspUasSmy2c.roa (raw, json)
Hash identifier: pJR4bIoyx1t+MhkxV/5e5JQ5l8ilgvCovqRTGBRYE0o=
Subject key identifier: 8C:AF:D9:94:E2:6C:C5:F7:D1:EF:DA:D9:BE:CA:54:6A:C4:A6:CB:67
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 98CF5A
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/jK_ZlOJsxffR79rZvspUasSmy2c.roa
Signing time: Sat 01 Jan 2022 01:54:53 +0000
ROA not before: Sat 01 Jan 2022 01:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23764
IP address blocks: 147.78.135.0/24 maxlen: 24
147.78.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10014554 (0x98cf5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 1 01:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cafd994e26cc5f7d1efdad9beca546ac4a6cb67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:94:e2:94:07:2c:fc:25:8d:a5:53:8c:d0:5e:
7a:08:82:06:b3:69:c9:3b:7d:ca:c7:6c:53:ae:b7:
1d:8e:86:76:2e:5d:cc:9a:59:22:28:9b:5f:ab:e4:
75:af:7a:2d:36:0d:1f:f0:71:63:89:d9:83:a2:c6:
76:a8:3e:0e:60:af:cc:37:6b:8e:f0:ff:1f:80:06:
d8:1f:cd:10:d0:b5:7e:e5:91:6f:ef:93:1c:e2:00:
05:ae:83:8e:f5:2e:2e:35:91:a5:a6:34:41:88:99:
da:c0:76:7b:c8:be:5b:c8:aa:c2:fb:03:58:c7:e8:
bb:b7:f3:bf:95:68:82:16:8a:97:11:37:07:88:d7:
0d:2a:be:2c:82:ff:59:b9:36:52:82:43:68:37:fc:
b3:31:35:f4:2e:fc:c1:e6:37:df:49:05:64:64:c1:
d3:43:76:67:cb:08:4f:53:8d:9a:5a:a0:37:67:42:
55:69:f7:5d:f6:bf:bf:b7:c8:69:9a:4d:98:52:ea:
97:87:10:f8:0f:a4:05:0a:3a:de:14:06:d8:af:20:
0b:1b:8a:75:e4:e4:d3:a5:c7:f1:ae:ed:b1:87:0a:
a8:0b:df:7d:01:0b:49:de:43:c9:e8:b7:bd:59:cb:
7a:b8:29:2a:fd:3b:06:32:7e:81:02:49:55:3e:f1:
29:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AF:D9:94:E2:6C:C5:F7:D1:EF:DA:D9:BE:CA:54:6A:C4:A6:CB:67
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/jK_ZlOJsxffR79rZvspUasSmy2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.133.0/24
147.78.135.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6f:17:4b:13:88:5f:b7:f7:d8:bb:14:64:0d:32:36:15:59:
9e:93:16:fd:3f:6e:4f:6d:71:58:dd:c2:d7:df:a8:17:e2:a0:
77:f2:06:ff:fd:4f:0b:ee:e8:77:34:85:9c:ec:49:2a:8f:cd:
2c:9f:74:01:38:5f:e0:21:5d:7c:d0:e5:22:8f:5f:09:ae:c8:
d2:82:b9:61:b2:9c:3b:8f:30:fc:b6:16:d3:d0:c1:fd:f8:03:
ad:89:62:49:dd:16:14:ad:76:c7:88:52:ec:62:ad:a2:f3:6a:
d3:61:47:86:8e:89:61:08:18:98:da:2e:d2:eb:3f:22:6a:f3:
72:a7:23:4f:2e:fb:02:2d:31:c8:19:f0:ec:2f:d9:ca:66:a9:
71:cd:8e:19:a7:22:a8:ca:7b:e7:74:90:25:fc:a2:44:2f:89:
ce:e5:e8:62:19:e2:eb:79:ba:d5:0f:52:6e:51:e5:3e:9f:46:
f1:f5:0a:f9:22:54:36:ec:79:cf:b3:10:9f:c7:3f:da:30:05:
0c:47:27:ce:6e:cb:31:dd:c8:ee:3b:bf:44:0a:4e:36:02:17:
70:a2:33:fc:6b:e1:c1:96:9e:00:45:16:ff:4d:04:78:e0:e8:
5f:a7:a7:02:51:4e:a0:ad:9c:f1:d7:5d:cf:45:ba:22:43:aa:
d0:62:cc:9f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAJjPWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmI3YzIwYjU1YTQ3MGRhYjg5MmY0YzkxZWEwMDEwYmQxYzM5ZjM0MB4XDTIyMDEw
MTAxNTQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhZmQ5OTRlMjZj
YzVmN2QxZWZkYWQ5YmVjYTU0NmFjNGE2Y2I2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiU4pQHLPwljaVTjNBeegiCBrNpyTt9ysdsU663HY6Gdi5d
zJpZIiibX6vkda96LTYNH/BxY4nZg6LGdqg+DmCvzDdrjvD/H4AG2B/NENC1fuWR
b++THOIABa6DjvUuLjWRpaY0QYiZ2sB2e8i+W8iqwvsDWMfou7fzv5VoghaKlxE3
B4jXDSq+LIL/Wbk2UoJDaDf8szE19C78weY330kFZGTB00N2Z8sIT1ONmlqgN2dC
VWn3Xfa/v7fIaZpNmFLql4cQ+A+kBQo63hQG2K8gCxuKdeTk06XH8a7tsYcKqAvf
fQELSd5Dyei3vVnLergpKv07BjJ+gQJJVT7xKQcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSMr9mU4mzF99Hv2tm+ylRqxKbLZzAfBgNVHSMEGDAWgBTLt8ILVaRw2riS
9MkeoAEL0cOfNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3k3ZkNDMVdrY05xNGt2VEpIcUFCQzlIRG56US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvN2YwYzI0LTQ0MGEtNGZmNy1hMGM4LTI1NjMzOTczNmMyYi8x
L2pLX1psT0pzeGZmUjc5clp2c3BVYXNTbXkyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
N2YwYzI0LTQ0MGEtNGZmNy1hMGM4LTI1NjMzOTczNmMyYi8xL3k3ZkNDMVdrY05x
NGt2VEpIcUFCQzlIRG56US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJNOhQMEAJNOhzANBgkqhkiG9w0B
AQsFAAOCAQEAKW8XSxOIX7f32LsUZA0yNhVZnpMW/T9uT21xWN3C19+oF+Kgd/IG
//1PC+7odzSFnOxJKo/NLJ90AThf4CFdfNDlIo9fCa7I0oK5YbKcO48w/LYW09DB
/fgDrYliSd0WFK12x4hS7GKtovNq02FHho6JYQgYmNou0us/ImrzcqcjTy77Ai0x
yBnw7C/Zymapcc2OGaciqMp753SQJfyiRC+JzuXoYhni63m61Q9SblHlPp9G8fUK
+SJUNux5z7MQn8c/2jAFDEcnzm7LMd3I7ju/RApONgIXcKIz/GvhwZaeAEUW/00E
eODoX6enAlFOoK2c8dddz0W6IkOq0GLMnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:51 2024 by rpki-client on console-fra.rpki-client.org