Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/1-mdTgnvddQqQiw-nKi45Y1tgjYo.roa
File: 1-mdTgnvddQqQiw-nKi45Y1tgjYo.roa (raw, json)
Hash identifier: 2ngDc7GDs+c5p+pj+AtEJ74LRsOhRVknKezSPEOYueE=
Subject key identifier: FA:67:53:82:7B:DD:75:0A:90:8B:0F:A7:2A:2E:39:63:5B:60:8D:8A
Certificate issuer: /CN=e156a785bf7fe4d7c4a5c6b721214f0e96f3aec9
Certificate serial: 02444880
Authority key identifier: E1:56:A7:85:BF:7F:E4:D7:C4:A5:C6:B7:21:21:4F:0E:96:F3:AE:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Vanhb9_5NfEpca3ISFPDpbzrsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/1-mdTgnvddQqQiw-nKi45Y1tgjYo.roa
Signing time: Sat 01 Jan 2022 07:04:13 +0000
ROA not before: Sat 01 Jan 2022 07:04:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 786
IP address blocks: 147.252.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38029440 (0x2444880)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e156a785bf7fe4d7c4a5c6b721214f0e96f3aec9
Validity
Not Before: Jan 1 07:04:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa6753827bdd750a908b0fa72a2e39635b608d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:27:64:9e:8c:d0:47:f8:95:38:1b:23:3d:bb:
18:83:ab:95:39:77:80:06:24:dc:8f:33:45:5b:7e:
55:55:cd:a1:8b:42:d3:73:32:30:f4:b8:8d:05:23:
3d:18:c2:68:99:f6:fd:69:d1:21:f0:6f:ff:ab:d7:
34:72:12:02:09:c5:b3:80:1a:9d:63:34:7c:9a:25:
83:34:a5:88:b8:87:fb:ab:10:d6:3b:ca:73:97:61:
14:d3:36:5d:15:2e:b9:b7:52:39:4c:fd:10:84:1c:
dc:9c:34:e8:0d:29:d3:e3:72:14:78:87:b2:96:54:
f1:c5:95:37:38:67:af:bb:15:ff:1d:3a:65:af:56:
7c:86:42:e4:f9:e1:22:d5:54:86:f2:2b:c6:02:a9:
c1:59:a4:3b:3c:e5:71:89:88:ef:65:ca:19:1d:a8:
9f:7b:17:06:64:1c:15:40:d8:ba:eb:af:a3:b0:a7:
59:53:af:7a:b2:f3:3e:b3:2f:71:b0:a8:02:7f:85:
c3:d9:39:f3:7c:d3:8e:aa:5a:0f:c6:61:fe:6f:31:
77:7d:ff:ad:bc:af:97:81:ee:82:cc:53:56:bd:0c:
63:c9:4c:5d:8c:4c:3a:61:37:23:2a:1f:c7:58:6d:
2e:3c:0b:6f:d1:3d:98:20:cc:6c:25:1a:90:d1:33:
6a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:67:53:82:7B:DD:75:0A:90:8B:0F:A7:2A:2E:39:63:5B:60:8D:8A
X509v3 Authority Key Identifier:
keyid:E1:56:A7:85:BF:7F:E4:D7:C4:A5:C6:B7:21:21:4F:0E:96:F3:AE:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Vanhb9_5NfEpca3ISFPDpbzrsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/1-mdTgnvddQqQiw-nKi45Y1tgjYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/4Vanhb9_5NfEpca3ISFPDpbzrsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.252.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:1a:08:84:ee:27:7e:e2:0e:16:a4:4c:7e:aa:a2:0e:47:c4:
a8:72:dd:9e:f5:da:87:f3:de:f9:42:89:2c:45:8f:6e:68:89:
44:27:ec:c7:56:2d:92:11:66:ec:93:4e:f5:b4:c2:86:4f:f6:
5b:c8:05:c6:cf:4b:fa:da:27:36:70:5a:90:7e:e0:1f:4f:c1:
da:a8:09:52:d6:50:79:59:69:03:81:73:5d:50:18:62:48:a0:
54:2d:1b:0a:9e:f9:39:1e:4a:30:40:d0:3c:98:0f:a5:22:07:
f5:ca:84:7a:eb:15:48:da:1f:1c:59:ab:50:7c:74:b3:57:52:
af:b3:27:12:3f:ab:07:ab:86:9f:f2:1f:61:2d:f7:74:19:64:
27:d2:fb:c6:46:ca:67:2c:4d:b0:20:96:12:eb:e6:43:20:4c:
5d:e8:d4:8f:05:ab:c1:5d:3e:63:26:08:f6:4f:5e:3d:86:a3:
e9:23:3d:67:e5:2a:81:2e:ae:a5:60:b6:44:be:4f:69:71:99:
40:d1:70:6f:1d:27:ac:d4:a6:27:3d:5e:24:23:12:21:51:d4:
fe:5e:c0:fb:31:d4:c7:5e:99:09:12:ac:42:8c:1c:54:f7:36:
6b:39:d5:e7:b0:20:81:d9:15:82:55:c8:e1:1b:2e:90:b7:f4:
eb:e0:70:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkRIgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTU2YTc4NWJmN2ZlNGQ3YzRhNWM2YjcyMTIxNGYwZTk2ZjNhZWM5MB4XDTIyMDEw
MTA3MDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE2NzUzODI3YmRk
NzUwYTkwOGIwZmE3MmEyZTM5NjM1YjYwOGQ4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8nZJ6M0Ef4lTgbIz27GIOrlTl3gAYk3I8zRVt+VVXNoYtC
03MyMPS4jQUjPRjCaJn2/WnRIfBv/6vXNHISAgnFs4AanWM0fJolgzSliLiH+6sQ
1jvKc5dhFNM2XRUuubdSOUz9EIQc3Jw06A0p0+NyFHiHspZU8cWVNzhnr7sV/x06
Za9WfIZC5PnhItVUhvIrxgKpwVmkOzzlcYmI72XKGR2on3sXBmQcFUDYuuuvo7Cn
WVOverLzPrMvcbCoAn+Fw9k583zTjqpaD8Zh/m8xd33/rbyvl4HugsxTVr0MY8lM
XYxMOmE3Iyofx1htLjwLb9E9mCDMbCUakNEzaocCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT6Z1OCe911CpCLD6cqLjljW2CNijAfBgNVHSMEGDAWgBThVqeFv3/k18Sl
xrchIU8OlvOuyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRWYW5oYjlfNU5mRXBjYTNJU0ZQRHBienJzay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYjE4ZjMyLTQ3M2MtNGQ5ZS1hYjg1LTdiZDBjZmEyMzlmNi8x
LzEtbWRUZ252ZGRRcVFpdy1uS2k0NVkxdGdqWW8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vl
L2IxOGYzMi00NzNjLTRkOWUtYWI4NS03YmQwY2ZhMjM5ZjYvMS80VmFuaGI5XzVO
ZkVwY2EzSVNGUERwYnpyc2suY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCT/DANBgkqhkiG9w0BAQsFAAOC
AQEAJBoIhO4nfuIOFqRMfqqiDkfEqHLdnvXah/Pe+UKJLEWPbmiJRCfsx1YtkhFm
7JNO9bTChk/2W8gFxs9L+tonNnBakH7gH0/B2qgJUtZQeVlpA4FzXVAYYkigVC0b
Cp75OR5KMEDQPJgPpSIH9cqEeusVSNofHFmrUHx0s1dSr7MnEj+rB6uGn/IfYS33
dBlkJ9L7xkbKZyxNsCCWEuvmQyBMXejUjwWrwV0+YyYI9k9ePYaj6SM9Z+UqgS6u
pWC2RL5PaXGZQNFwbx0nrNSmJz1eJCMSIVHU/l7A+zHUx16ZCRKsQowcVPc2aznV
57AggdkVglXI4RsukLf06+BwcA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:54:30 2025 by rpki-client