Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/538Q2fGGriOGBMUfJXUDzAOkzLA.roa
File: 538Q2fGGriOGBMUfJXUDzAOkzLA.roa (raw, json)
Hash identifier: 4ucEN6MbiVn+aIJfJFwcvQ74bIalGg5gijiTE3qfPaI=
Subject key identifier: E7:7F:10:D9:F1:86:AE:23:86:04:C5:1F:25:75:03:CC:03:A4:CC:B0
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 225B0DE4
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/538Q2fGGriOGBMUfJXUDzAOkzLA.roa
Signing time: Tue 10 May 2022 09:20:02 +0000
ROA not before: Tue 10 May 2022 09:20:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48037
IP address blocks: 147.181.98.0/24 maxlen: 24
147.181.96.0/24 maxlen: 24
147.181.97.0/24 maxlen: 24
147.181.99.0/24 maxlen: 24
147.181.103.0/24 maxlen: 24
147.181.112.0/24 maxlen: 24
147.181.109.0/24 maxlen: 24
147.181.108.0/24 maxlen: 24
147.181.113.0/24 maxlen: 24
147.181.114.0/24 maxlen: 24
147.181.117.0/24 maxlen: 24
147.181.40.0/22 maxlen: 22
2a04:9a03:1010::/44 maxlen: 44
2a04:9a00:1004::/48 maxlen: 48
2a04:9a00:1124::/48 maxlen: 48
2a04:9a00:1121::/48 maxlen: 48
2a04:9a00:111c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 576392676 (0x225b0de4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 10 09:20:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e77f10d9f186ae238604c51f257503cc03a4ccb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:3e:35:26:22:8c:e5:17:8a:49:e3:60:ab:
03:8d:3a:79:24:f9:ce:b0:9c:68:94:4c:8d:df:36:
a7:b1:d0:d6:b9:f4:da:81:dd:20:2a:42:84:e6:06:
10:7d:82:10:c2:d8:53:04:87:8c:48:48:b8:f9:18:
91:f3:56:57:c3:06:5b:84:cf:93:4f:92:52:b7:6d:
1d:b8:ce:21:8f:99:c2:1c:0f:6c:df:8a:8e:60:ad:
7b:04:c0:84:96:e8:ba:6d:fd:e2:14:44:8a:3f:d6:
4f:2a:6d:0b:c5:cc:3f:86:4b:c3:95:8c:49:d5:98:
a8:12:4d:fa:97:6b:5a:2a:c6:46:3a:d3:4e:98:d0:
cd:be:81:fc:ef:e7:28:35:69:13:71:17:90:c8:30:
b1:f2:5c:8a:ad:12:15:f1:87:e5:3e:37:f8:b8:ee:
4a:f1:b3:e7:ae:17:86:ad:bc:e7:ce:e3:fb:6e:e1:
ce:af:7e:9e:17:b0:9b:f8:cd:60:48:ce:5b:ae:c0:
a5:f9:de:63:f4:b0:42:ac:ed:e7:f4:4f:df:fc:39:
45:22:c8:dc:fd:84:c7:fd:10:90:24:ca:4e:0d:34:
73:84:ea:14:12:21:1e:f3:21:e5:d7:57:72:9f:01:
a2:52:54:6c:f1:c6:4b:80:c0:fe:0d:10:ba:a4:de:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7F:10:D9:F1:86:AE:23:86:04:C5:1F:25:75:03:CC:03:A4:CC:B0
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/538Q2fGGriOGBMUfJXUDzAOkzLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.40.0/22
147.181.96.0/22
147.181.103.0/24
147.181.108.0/23
147.181.112.0-147.181.114.255
147.181.117.0/24
IPv6:
2a04:9a00:1004::/48
2a04:9a00:111c::/48
2a04:9a00:1121::/48
2a04:9a00:1124::/48
2a04:9a03:1010::/44
Signature Algorithm: sha256WithRSAEncryption
30:00:a6:54:d4:01:a7:e8:82:94:4a:09:22:be:0c:64:6c:9c:
0c:83:8f:17:f4:bb:f0:45:83:6f:01:c9:41:87:16:56:57:ab:
30:42:e0:26:b9:0f:cd:77:ee:8b:38:71:1d:d8:79:f6:7a:02:
b8:1b:c1:ed:b1:63:61:cc:12:03:67:1e:53:86:39:b3:87:63:
c0:1a:5f:58:82:8f:89:a5:8a:ad:30:6d:90:d9:46:26:d0:d7:
4e:00:ab:d8:f3:4d:9e:08:8a:58:d7:95:50:79:99:36:18:7e:
e0:cb:33:1c:e5:93:fc:1b:7c:85:35:4d:e5:02:6e:28:30:d7:
80:12:e7:d4:5e:47:f1:1b:f3:20:af:4d:21:04:9e:03:1e:28:
69:81:98:a5:83:f9:e7:34:60:e7:f9:22:3b:a4:7e:f1:b8:05:
03:7f:d5:3c:a7:32:b8:e6:91:e7:e4:69:65:76:fc:80:73:4c:
49:e6:89:46:d0:13:d4:f8:95:4c:53:6b:20:76:c1:13:33:38:
fe:58:1c:c0:83:13:23:be:8c:ca:43:71:bc:ef:fc:03:0f:41:
87:79:bb:e3:72:38:27:64:68:f7:c1:70:d5:88:ae:c0:07:b6:
82:e4:d3:60:20:e8:1f:6d:2f:63:dc:f0:b4:92:a8:12:d2:1b:
ac:a2:c9:ef
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIEIlsN5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDUx
MDA5MjAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc3ZjEwZDlmMTg2
YWUyMzg2MDRjNTFmMjU3NTAzY2MwM2E0Y2NiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhZPjUmIozlF4pJ42CrA406eST5zrCcaJRMjd82p7HQ1rn0
2oHdICpChOYGEH2CEMLYUwSHjEhIuPkYkfNWV8MGW4TPk0+SUrdtHbjOIY+ZwhwP
bN+KjmCtewTAhJboum394hREij/WTyptC8XMP4ZLw5WMSdWYqBJN+pdrWirGRjrT
TpjQzb6B/O/nKDVpE3EXkMgwsfJciq0SFfGH5T43+LjuSvGz564Xhq28587j+27h
zq9+nhewm/jNYEjOW67ApfneY/SwQqzt5/RP3/w5RSLI3P2Ex/0QkCTKTg00c4Tq
FBIhHvMh5ddXcp8BolJUbPHGS4DA/g0QuqTeLV0CAwEAAaOCAmQwggJgMB0GA1Ud
DgQWBBTnfxDZ8YauI4YExR8ldQPMA6TMsDAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
LzUzOFEyZkdHcmlPR0JNVWZKWFVEekFPa3pMQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB6
BggrBgEFBQcBBwEB/wRrMGkwMgQCAAEwLAMEApO1KAMEApO1YAMEAJO1ZwMEAZO1
bDAMAwQEk7VwAwQAk7VyAwQAk7V1MDMEAgACMC0DBwAqBJoAEAQDBwAqBJoAERwD
BwAqBJoAESEDBwAqBJoAESQDBwQqBJoDEBAwDQYJKoZIhvcNAQELBQADggEBADAA
plTUAafogpRKCSK+DGRsnAyDjxf0u/BFg28ByUGHFlZXqzBC4Ca5D8137os4cR3Y
efZ6Argbwe2xY2HMEgNnHlOGObOHY8AaX1iCj4mliq0wbZDZRibQ104Aq9jzTZ4I
iljXlVB5mTYYfuDLMxzlk/wbfIU1TeUCbigw14AS59ReR/Eb8yCvTSEEngMeKGmB
mKWD+ec0YOf5IjukfvG4BQN/1TynMrjmkefkaWV2/IBzTEnmiUbQE9T4lUxTayB2
wRMzOP5YHMCDEyO+jMpDcbzv/AMPQYd5u+NyOCdkaPfBcNWIrsAHtoLk02Ag6B9t
L2Pc8LSSqBLSG6yiye8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:23 2023 by rpki-client on console-ams.rpki-client.org