Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/kAk9NwMUls4mV_zTUg1du_u1n2U.roa
File: kAk9NwMUls4mV_zTUg1du_u1n2U.roa (raw, json)
Hash identifier: sq8e6u99BzuMufRHb7EbeiI8i4XLeXwolbP4tuE1uqw=
Subject key identifier: 90:09:3D:37:03:14:96:CE:26:57:FC:D3:52:0D:5D:BB:FB:B5:9F:65
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 01834042D843D6665AAF287C117B3DE31567
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/kAk9NwMUls4mV_zTUg1du_u1n2U.roa
Signing time: Thu 15 Sep 2022 08:27:45 +0000
ROA not before: Thu 15 Sep 2022 08:27:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48037
IP address blocks: 147.181.98.0/24 maxlen: 24
147.181.96.0/24 maxlen: 24
147.181.97.0/24 maxlen: 24
147.181.99.0/24 maxlen: 24
147.181.103.0/24 maxlen: 24
147.181.112.0/24 maxlen: 24
147.181.109.0/24 maxlen: 24
147.181.108.0/24 maxlen: 24
147.181.117.0/24 maxlen: 24
147.181.113.0/24 maxlen: 24
147.181.114.0/24 maxlen: 24
147.181.40.0/22 maxlen: 24
2a04:9a03:1010::/44 maxlen: 44
2a04:9a00:1004::/48 maxlen: 48
2a04:9a00:1124::/48 maxlen: 48
2a04:9a00:1121::/48 maxlen: 48
2a04:9a00:111c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:42:d8:43:d6:66:5a:af:28:7c:11:7b:3d:e3:15:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Sep 15 08:27:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90093d37031496ce2657fcd3520d5dbbfbb59f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:51:ce:62:85:05:c1:f2:d6:22:e6:6f:60:8b:
6d:ae:b7:69:aa:f5:3e:5f:6d:b3:88:25:b9:75:96:
ee:ae:4b:17:76:eb:5b:51:65:ba:56:da:94:e4:47:
eb:8e:ac:bf:17:df:11:39:47:c5:5b:d0:c7:bb:32:
62:01:18:bc:01:37:b6:60:da:e2:38:61:8e:dd:7c:
eb:bc:31:82:76:06:dd:10:fb:2c:d9:65:f8:b1:4e:
57:15:73:92:9f:26:2a:c3:cd:3b:70:a0:b5:59:ab:
76:2d:ff:4e:11:11:80:89:23:5d:46:f9:62:5c:a7:
a4:a0:1c:69:26:35:bc:ff:62:3b:75:28:ed:b0:c8:
13:7c:81:80:08:4e:1c:74:58:c7:d6:7c:c6:85:34:
b2:05:c2:04:f2:ca:f7:83:7e:a3:96:77:b2:f0:ad:
88:aa:dc:dc:0f:ea:ce:b7:ba:48:ff:26:17:9b:5c:
02:f4:75:b8:59:b6:31:79:13:90:3c:53:be:28:53:
c3:a3:88:97:6e:d0:f3:fd:7d:ff:55:b2:9c:d4:89:
df:31:c6:64:e0:4a:a5:85:f7:63:d3:ff:8b:68:65:
7a:08:29:57:eb:71:18:1a:b3:95:38:b8:6f:d3:b3:
2a:31:5d:37:33:68:89:de:0c:84:98:16:d9:11:11:
aa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:09:3D:37:03:14:96:CE:26:57:FC:D3:52:0D:5D:BB:FB:B5:9F:65
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/kAk9NwMUls4mV_zTUg1du_u1n2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.40.0/22
147.181.96.0/22
147.181.103.0/24
147.181.108.0/23
147.181.112.0-147.181.114.255
147.181.117.0/24
IPv6:
2a04:9a00:1004::/48
2a04:9a00:111c::/48
2a04:9a00:1121::/48
2a04:9a00:1124::/48
2a04:9a03:1010::/44
Signature Algorithm: sha256WithRSAEncryption
2b:de:f8:ba:56:0d:7d:75:a5:01:30:4c:90:18:9f:00:ef:63:
67:52:93:a6:4f:60:38:dd:1a:94:52:b8:de:d4:1a:18:67:d1:
9d:c8:a1:91:58:88:7c:96:2a:05:9e:43:47:f2:db:85:6e:e4:
c6:4e:64:d2:c7:0f:78:dc:1a:4e:ae:40:38:4f:4c:30:38:36:
61:bf:f7:b8:6f:f4:28:25:fa:57:08:b2:74:82:f3:46:4d:f5:
1e:4e:49:51:ce:f8:75:42:ec:37:07:91:09:4f:46:41:62:8a:
21:dc:ba:d2:f5:67:bb:af:25:41:a9:9a:18:a2:f7:e3:a4:d9:
a4:bd:cb:d1:d6:af:f3:4e:b9:d6:66:3e:aa:a1:fa:83:18:6b:
f5:36:65:01:98:56:c3:99:82:93:c9:94:19:97:df:f9:73:f6:
eb:da:96:19:43:27:78:17:88:3b:30:a4:31:1e:c0:14:16:a8:
cc:ff:8b:41:b5:4c:f1:8c:be:06:0f:44:20:a0:ce:82:d4:4b:
35:c1:da:2c:6a:f9:c4:8a:b1:69:e8:df:5c:34:05:04:ee:d4:
d5:9c:f5:e2:3f:38:89:7c:21:29:b8:4d:6b:b5:33:43:1f:7a:
53:bf:82:1f:83:18:9b:e2:48:09:f9:6f:cf:58:d8:6d:bb:0c:
2e:35:2d:a0
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYNAQthD1mZaryh8EXs94xVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjIwOTE1MDgyNzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDA5M2QzNzAzMTQ5NmNlMjY1N2ZjZDM1MjBkNWRiYmZiYjU5ZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1HOYoUFwfLWIuZvYIttrrdpqvU+
X22ziCW5dZburksXdutbUWW6VtqU5Efrjqy/F98ROUfFW9DHuzJiARi8ATe2YNri
OGGO3XzrvDGCdgbdEPss2WX4sU5XFXOSnyYqw807cKC1Wat2Lf9OERGAiSNdRvli
XKekoBxpJjW8/2I7dSjtsMgTfIGACE4cdFjH1nzGhTSyBcIE8sr3g36jlney8K2I
qtzcD+rOt7pI/yYXm1wC9HW4WbYxeROQPFO+KFPDo4iXbtDz/X3/VbKc1InfMcZk
4Eqlhfdj0/+LaGV6CClX63EYGrOVOLhv07MqMV03M2iJ3gyEmBbZERGqwQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFJAJPTcDFJbOJlf801INXbv7tZ9lMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEva0FrOU53TVVsczRtVl96VFVnMWR1X3UxbjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTAyBAIAATAsAwQCk7UoAwQC
k7VgAwQAk7VnAwQBk7VsMAwDBASTtXADBACTtXIDBACTtXUwMwQCAAIwLQMHACoE
mgAQBAMHACoEmgARHAMHACoEmgARIQMHACoEmgARJAMHBCoEmgMQEDANBgkqhkiG
9w0BAQsFAAOCAQEAK974ulYNfXWlATBMkBifAO9jZ1KTpk9gON0alFK43tQaGGfR
ncihkViIfJYqBZ5DR/LbhW7kxk5k0scPeNwaTq5AOE9MMDg2Yb/3uG/0KCX6Vwiy
dILzRk31Hk5JUc74dULsNweRCU9GQWKKIdy60vVnu68lQamaGKL346TZpL3L0dav
80651mY+qqH6gxhr9TZlAZhWw5mCk8mUGZff+XP269qWGUMneBeIOzCkMR7AFBao
zP+LQbVM8Yy+Bg9EIKDOgtRLNcHaLGr5xIqxaejfXDQFBO7U1Zz14j84iXwhKbhN
a7UzQx96U7+CH4MYm+JICflvz1jYbbsMLjUtoA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:31 2023 by rpki-client on console-fra.rpki-client.org