Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/KBJarYkPYU4Q0obRHTKePV3XwDo.roa
File: KBJarYkPYU4Q0obRHTKePV3XwDo.roa (raw, json)
Hash identifier: YCBgs2kiDC7h+u+ESeDTY/rsuP2gq1D5w8LDzxr8TvM=
Subject key identifier: 28:12:5A:AD:89:0F:61:4E:10:D2:86:D1:1D:32:9E:3D:5D:D7:C0:3A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 21297D7B
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/KBJarYkPYU4Q0obRHTKePV3XwDo.roa
Signing time: Sat 01 Jan 2022 13:00:36 +0000
ROA not before: Sat 01 Jan 2022 13:00:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202553
IP address blocks: 147.181.4.0/22 maxlen: 24
147.181.8.0/22 maxlen: 24
147.181.16.0/23 maxlen: 24
147.181.12.0/22 maxlen: 24
147.181.32.0/22 maxlen: 24
147.181.36.0/22 maxlen: 24
147.181.44.0/22 maxlen: 24
2a04:9a00:1000::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 556367227 (0x21297d7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 13:00:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28125aad890f614e10d286d11d329e3d5dd7c03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e6:69:c3:7d:9b:7d:5a:17:02:d1:98:05:c4:
db:fb:ca:f5:7e:02:18:f9:a5:9a:52:05:07:f8:4e:
ed:24:2d:db:47:3a:53:cd:a3:f8:4c:b7:9a:c4:5b:
38:4e:1f:c2:bd:ff:4e:99:9a:79:b4:c3:5b:03:74:
99:9b:ed:e8:85:ab:9e:eb:d0:c4:30:42:68:26:a4:
e0:30:16:ff:3b:78:a3:c1:fa:ce:31:6c:40:d9:54:
7b:b7:33:2f:bf:af:6c:f5:8c:c6:66:ac:18:2f:14:
ba:7c:a2:81:65:75:5d:3f:b7:38:4e:79:bd:4d:a8:
91:fa:43:05:96:c5:74:aa:d4:5a:ad:7b:fb:1c:7d:
6d:31:34:5c:c8:7b:fb:c3:d4:bf:4b:98:41:60:e1:
11:d7:95:73:a7:d0:c8:59:31:2e:c8:dc:1a:60:20:
aa:21:e2:4a:de:b0:b6:f2:60:36:14:d6:ed:6a:81:
de:e2:6a:79:b3:44:0e:64:ff:68:b0:20:d9:c8:cc:
5a:be:99:de:ad:97:54:6f:c0:96:e9:c2:90:cf:d5:
a2:d8:d6:e7:64:8c:6e:1c:5d:bc:bd:a0:3a:ab:bf:
24:47:5c:e2:d8:5d:d5:30:bc:80:4d:ee:99:da:08:
b5:d4:7b:bd:4f:88:44:80:97:35:a0:16:30:72:3d:
ad:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:5A:AD:89:0F:61:4E:10:D2:86:D1:1D:32:9E:3D:5D:D7:C0:3A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/KBJarYkPYU4Q0obRHTKePV3XwDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.4.0-147.181.17.255
147.181.32.0/21
147.181.44.0/22
IPv6:
2a04:9a00:1000::/44
Signature Algorithm: sha256WithRSAEncryption
ad:3e:ab:0d:b3:5f:81:c4:83:b7:ba:1b:ee:ab:56:d5:78:3a:
f3:85:63:6a:6c:69:35:f2:32:77:c8:68:b6:a5:79:55:f4:d0:
96:84:8f:e9:8c:36:47:fc:ff:d7:17:24:80:e9:97:d2:36:dc:
ae:ce:51:21:8d:e1:52:9c:28:93:c4:71:54:14:b7:46:6c:dc:
8d:9f:2b:89:fd:a6:c6:8b:dc:84:ae:00:b7:81:e8:9a:22:26:
a2:03:e6:ef:eb:8b:a8:ed:25:42:c0:6a:54:d6:54:d2:be:e5:
fb:fd:2a:29:9d:fa:78:85:f3:39:ed:c6:7b:3b:d5:c9:aa:48:
2a:c2:73:c0:aa:3c:9c:82:e6:c3:6e:0e:70:dc:bb:ea:e7:df:
e5:5c:7c:97:99:e3:ad:a9:4c:e5:55:3c:a5:08:65:b9:49:8f:
03:9a:1e:2f:ac:00:e8:a0:02:1c:4f:1f:fd:9a:fa:d8:f8:d5:
6a:73:19:c2:31:88:86:d7:3c:5a:65:9e:1c:7e:dd:c3:fd:bd:
8e:3e:f8:24:de:81:8b:c3:fc:7b:78:63:8d:be:3b:a6:ce:6c:
a2:ee:6e:98:42:a6:2b:84:1c:65:16:fe:f5:eb:1d:58:fc:b9:
c9:46:72:4c:1e:e4:8b:96:e4:25:4a:b6:d8:c2:c5:b4:7c:b7:
0b:df:b3:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEISl9ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDEw
MTEzMDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgxMjVhYWQ4OTBm
NjE0ZTEwZDI4NmQxMWQzMjllM2Q1ZGQ3YzAzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvmacN9m31aFwLRmAXE2/vK9X4CGPmlmlIFB/hO7SQt20c6
U82j+Ey3msRbOE4fwr3/TpmaebTDWwN0mZvt6IWrnuvQxDBCaCak4DAW/zt4o8H6
zjFsQNlUe7czL7+vbPWMxmasGC8UunyigWV1XT+3OE55vU2okfpDBZbFdKrUWq17
+xx9bTE0XMh7+8PUv0uYQWDhEdeVc6fQyFkxLsjcGmAgqiHiSt6wtvJgNhTW7WqB
3uJqebNEDmT/aLAg2cjMWr6Z3q2XVG/AlunCkM/VotjW52SMbhxdvL2gOqu/JEdc
4thd1TC8gE3umdoItdR7vU+IRICXNaAWMHI9rYkCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBQoElqtiQ9hThDShtEdMp49XdfAOjAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
L0tCSmFyWWtQWVU0UTBvYlJIVEtlUFYzWHdEby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIAQCAAEwGjAMAwQCk7UEAwQBk7UQAwQDk7UgAwQC
k7UsMA8EAgACMAkDBwQqBJoAEAAwDQYJKoZIhvcNAQELBQADggEBAK0+qw2zX4HE
g7e6G+6rVtV4OvOFY2psaTXyMnfIaLaleVX00JaEj+mMNkf8/9cXJIDpl9I23K7O
USGN4VKcKJPEcVQUt0Zs3I2fK4n9psaL3ISuALeB6JoiJqID5u/ri6jtJULAalTW
VNK+5fv9Kimd+niF8zntxns71cmqSCrCc8CqPJyC5sNuDnDcu+rn3+VcfJeZ462p
TOVVPKUIZblJjwOaHi+sAOigAhxPH/2a+tj41WpzGcIxiIbXPFplnhx+3cP9vY4+
+CTegYvD/Ht4Y42+O6bObKLubphCpiuEHGUW/vXrHVj8uclGckwe5IuW5CVKttjC
xbR8twvfs/Q=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:31 2023 by rpki-client on console-fra.rpki-client.org