Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/0AaA7Bzfp593GD0gCBNKgu1e-Rs.roa
File: 0AaA7Bzfp593GD0gCBNKgu1e-Rs.roa (raw, json)
Hash identifier: gPwF5gFe4iY/y+xfJaoZ1/amQoik9XLWk0eOsHB2kOk=
Subject key identifier: D0:06:80:EC:1C:DF:A7:9F:77:18:3D:20:08:13:4A:82:ED:5E:F9:1B
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 21856B32
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/0AaA7Bzfp593GD0gCBNKgu1e-Rs.roa
Signing time: Tue 08 Feb 2022 12:19:01 +0000
ROA not before: Tue 08 Feb 2022 12:19:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202553
IP address blocks: 147.181.4.0/22 maxlen: 24
147.181.8.0/22 maxlen: 24
147.181.16.0/23 maxlen: 24
147.181.12.0/22 maxlen: 24
147.181.32.0/22 maxlen: 24
147.181.36.0/22 maxlen: 24
147.181.44.0/22 maxlen: 24
2a04:9a00:1001::/48 maxlen: 48
2a04:9a00:1002::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 562391858 (0x21856b32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 8 12:19:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d00680ec1cdfa79f77183d2008134a82ed5ef91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8f:df:b0:c4:65:c9:b2:02:07:de:fd:b3:63:
6c:ef:03:19:ab:7e:02:0f:7d:63:0e:92:0c:a5:60:
4d:a8:f6:42:d5:a7:c1:b2:c4:3d:dc:fe:ae:c1:eb:
1a:de:1f:04:7c:91:96:40:a5:34:0a:8b:e8:18:50:
a5:ab:e6:10:41:23:9e:82:ca:3f:35:67:9c:2e:80:
19:15:18:7b:f8:de:37:3a:67:f6:0f:ed:69:d3:b0:
dc:43:ee:c5:88:42:a3:35:de:4a:c9:a9:55:50:b1:
12:d4:da:6b:be:51:78:4f:5b:3c:fb:ba:62:6b:4f:
0c:23:e1:5c:05:35:d8:b9:d2:57:7c:6c:67:dd:7d:
d4:c0:ed:e8:f2:4e:97:70:46:ab:0a:a7:7f:59:14:
b4:1a:4e:38:8f:d8:0e:80:f2:1b:74:8f:84:5c:58:
6b:38:6c:b5:58:1a:9c:f7:9f:69:d3:e3:28:9c:ad:
79:c4:6c:cc:8e:2c:de:62:a1:60:ee:5d:0c:62:32:
c9:22:3f:c5:28:03:cb:e5:a4:03:a4:e4:9f:cf:0e:
8b:60:42:15:bd:4a:34:4e:04:29:d8:73:02:b0:a5:
79:cc:33:50:b6:aa:9f:ba:78:ae:98:7a:28:ca:99:
d2:e9:45:d2:a0:67:fa:7d:f8:2c:c3:3b:d3:a5:3f:
cb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:06:80:EC:1C:DF:A7:9F:77:18:3D:20:08:13:4A:82:ED:5E:F9:1B
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/0AaA7Bzfp593GD0gCBNKgu1e-Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.4.0-147.181.17.255
147.181.32.0/21
147.181.44.0/22
IPv6:
2a04:9a00:1001::-2a04:9a00:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:45:54:17:37:36:09:38:01:0b:82:f7:2e:a1:b3:e6:b5:7c:
2a:ee:0c:51:b6:80:40:32:17:3d:c9:73:27:6f:b7:6e:62:f4:
cc:4a:5a:a4:e8:3b:f7:99:74:3a:81:04:fe:60:12:37:a7:0b:
89:03:3c:c6:69:2e:fe:87:2a:6c:5f:3f:f7:c4:35:01:ae:02:
b8:83:f3:86:b0:d0:97:af:0b:8f:25:78:2f:64:5c:ee:70:ec:
bd:94:2d:60:f2:aa:f5:e2:f5:3c:9b:f5:34:35:ad:35:ed:45:
79:3b:76:09:5b:5b:f8:0c:d1:af:cb:f5:a6:05:27:8e:d6:31:
f2:07:39:ed:a3:f5:ff:4b:d8:bc:f9:32:2c:cb:d3:60:7c:c9:
0c:da:f7:b6:9c:ab:c1:25:58:75:66:63:45:f1:0f:85:47:17:
18:15:18:ca:df:d0:a4:c1:1c:eb:18:4e:e7:ce:e9:d4:a4:47:
7e:80:13:11:9b:df:ca:ac:7c:d4:cd:45:bf:35:3b:09:ca:2b:
a0:77:2a:93:59:14:46:4e:46:db:0f:1c:1d:09:8b:b8:1b:69:
45:65:5a:32:70:d2:cd:33:11:56:ab:fa:a3:f6:5d:fb:fc:0a:
0d:f2:6c:49:7f:9f:97:76:a6:7f:bc:1b:d4:cf:6e:67:9e:82:
00:c1:c0:a7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEIYVrMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDIw
ODEyMTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAwNjgwZWMxY2Rm
YTc5Zjc3MTgzZDIwMDgxMzRhODJlZDVlZjkxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2P37DEZcmyAgfe/bNjbO8DGat+Ag99Yw6SDKVgTaj2QtWn
wbLEPdz+rsHrGt4fBHyRlkClNAqL6BhQpavmEEEjnoLKPzVnnC6AGRUYe/jeNzpn
9g/tadOw3EPuxYhCozXeSsmpVVCxEtTaa75ReE9bPPu6YmtPDCPhXAU12LnSV3xs
Z9191MDt6PJOl3BGqwqnf1kUtBpOOI/YDoDyG3SPhFxYazhstVganPefadPjKJyt
ecRszI4s3mKhYO5dDGIyySI/xSgDy+WkA6Tkn88Oi2BCFb1KNE4EKdhzArClecwz
ULaqn7p4rph6KMqZ0ulF0qBn+n34LMM706U/y+8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTQBoDsHN+nn3cYPSAIE0qC7V75GzAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
LzBBYUE3QnpmcDU5M0dEMGdDQk5LZ3UxZS1Scy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wIAQCAAEwGjAMAwQCk7UEAwQBk7UQAwQDk7UgAwQC
k7UsMBoEAgACMBQwEgMHACoEmgAQAQMHACoEmgAQAjANBgkqhkiG9w0BAQsFAAOC
AQEAmUVUFzc2CTgBC4L3LqGz5rV8Ku4MUbaAQDIXPclzJ2+3bmL0zEpapOg795l0
OoEE/mASN6cLiQM8xmku/ocqbF8/98Q1Aa4CuIPzhrDQl68LjyV4L2Rc7nDsvZQt
YPKq9eL1PJv1NDWtNe1FeTt2CVtb+AzRr8v1pgUnjtYx8gc57aP1/0vYvPkyLMvT
YHzJDNr3tpyrwSVYdWZjRfEPhUcXGBUYyt/QpMEc6xhO587p1KRHfoATEZvfyqx8
1M1FvzU7CcoroHcqk1kURk5G2w8cHQmLuBtpRWVaMnDSzTMRVqv6o/Zd+/wKDfJs
SX+fl3amf7wb1M9uZ56CAMHApw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:16 2025 by rpki-client