Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/sKOauMLo--dlp6VgahqNRwpr1M4.roa
File: sKOauMLo--dlp6VgahqNRwpr1M4.roa (raw, json)
Hash identifier: LWUpANdSQsDE3dqFgqJNeWRXYoCgZTiUYPTkFApF4ew=
Subject key identifier: B0:A3:9A:B8:C2:E8:FB:E7:65:A7:A5:60:6A:1A:8D:47:0A:6B:D4:CE
Certificate issuer: /CN=0a1fdb80eff5bce1654ac8c6b922e781fd2d36a5
Certificate serial: 04D87E56
Authority key identifier: 0A:1F:DB:80:EF:F5:BC:E1:65:4A:C8:C6:B9:22:E7:81:FD:2D:36:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch_bgO_1vOFlSsjGuSLngf0tNqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/sKOauMLo--dlp6VgahqNRwpr1M4.roa
Signing time: Sat 01 Jan 2022 11:55:11 +0000
ROA not before: Sat 01 Jan 2022 11:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36492
IP address blocks: 185.150.148.0/22 maxlen: 22
185.150.149.0/24 maxlen: 24
185.150.150.0/24 maxlen: 24
185.150.150.0/23 maxlen: 23
185.150.148.0/24 maxlen: 24
185.150.148.0/23 maxlen: 23
185.150.151.0/24 maxlen: 24
2a03:ace0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81296982 (0x4d87e56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1fdb80eff5bce1654ac8c6b922e781fd2d36a5
Validity
Not Before: Jan 1 11:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0a39ab8c2e8fbe765a7a5606a1a8d470a6bd4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dd:a2:1d:1a:e8:2d:ed:30:5a:3d:cc:ef:27:
0d:86:ac:5f:44:06:6e:69:1c:f0:22:2a:0d:49:5d:
08:0e:22:a0:7d:82:ab:b2:61:f5:44:ee:8c:09:66:
0c:40:57:1b:34:33:ea:ae:ce:47:63:c2:b3:71:46:
ff:84:06:c5:d8:3d:91:70:31:ee:e6:30:ca:0b:5f:
6e:b8:01:69:42:c1:4c:1d:75:07:67:58:1a:73:57:
cc:12:2a:03:ed:26:c2:9d:d8:ef:88:33:7f:30:2c:
3a:53:43:dc:51:f2:18:27:37:84:88:25:4e:bd:ea:
12:41:e8:5d:a0:29:bb:fa:94:d6:c1:48:44:1e:1c:
3f:5d:8f:8f:5e:3e:bb:cc:6d:4f:eb:06:79:51:64:
c2:89:a8:f8:f0:07:d2:5b:a6:fd:0c:c9:c0:ba:e7:
7c:7c:8f:07:71:4d:e4:b8:4a:3d:cc:f8:9d:f5:06:
ee:ca:4a:bc:9d:15:d2:65:f9:e4:78:b1:b2:7c:eb:
17:93:42:95:c1:d2:37:e0:ac:ef:b8:b0:57:cb:52:
36:56:9b:96:b5:41:e2:cc:e5:93:d0:d2:f0:b0:3b:
c0:a5:15:ec:1f:35:31:ba:97:51:4a:3b:8e:89:d0:
78:cb:45:b0:0b:56:23:30:d8:de:53:ed:b4:d7:c7:
9e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A3:9A:B8:C2:E8:FB:E7:65:A7:A5:60:6A:1A:8D:47:0A:6B:D4:CE
X509v3 Authority Key Identifier:
keyid:0A:1F:DB:80:EF:F5:BC:E1:65:4A:C8:C6:B9:22:E7:81:FD:2D:36:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch_bgO_1vOFlSsjGuSLngf0tNqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/sKOauMLo--dlp6VgahqNRwpr1M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/Ch_bgO_1vOFlSsjGuSLngf0tNqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.148.0/22
IPv6:
2a03:ace0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:a2:6b:6e:ce:00:43:4e:47:d1:bf:07:a2:bf:c9:89:93:88:
d1:aa:35:9a:48:29:02:0b:a7:c7:aa:c2:42:6e:0f:2b:bb:9c:
08:6f:0c:2e:70:21:b4:38:09:68:2c:68:c3:4d:e0:ec:99:10:
fd:a0:a9:84:d0:2b:cd:5a:0e:b6:79:92:ca:c4:74:ad:41:5c:
07:99:b1:27:9d:e9:d4:39:ab:61:c0:f4:85:8d:4b:24:17:51:
e3:0d:23:47:e8:74:88:52:45:a9:c0:6d:b5:7b:a5:71:0c:3d:
5e:04:56:5f:c8:a4:c5:55:c1:8a:51:b9:a0:44:5d:f3:d4:6b:
90:54:31:f9:94:bc:44:b7:4a:37:dd:2a:28:14:95:39:06:4a:
46:3e:bb:45:0a:92:56:6c:87:52:48:7e:b2:04:7f:77:4c:c7:
32:2d:2b:21:6d:bd:ac:c2:b2:86:5f:47:2a:3c:7d:da:b3:aa:
1e:a0:58:70:e4:8a:ce:79:1f:de:b3:84:04:a8:aa:13:2b:8d:
f7:70:a8:12:d4:db:20:8f:63:19:ab:a6:ae:6e:92:60:1b:6f:
a9:82:75:56:2b:d6:66:00:ff:b5:54:ff:f9:db:3b:d4:b6:9d:
4b:8f:4c:b0:c4:8c:7e:65:76:5e:92:9c:7e:cf:54:cc:c6:41:
49:a9:8a:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBNh+VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFmZGI4MGVmZjViY2UxNjU0YWM4YzZiOTIyZTc4MWZkMmQzNmE1MB4XDTIyMDEw
MTExNTUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBhMzlhYjhjMmU4
ZmJlNzY1YTdhNTYwNmExYThkNDcwYTZiZDRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrdoh0a6C3tMFo9zO8nDYasX0QGbmkc8CIqDUldCA4ioH2C
q7Jh9UTujAlmDEBXGzQz6q7OR2PCs3FG/4QGxdg9kXAx7uYwygtfbrgBaULBTB11
B2dYGnNXzBIqA+0mwp3Y74gzfzAsOlND3FHyGCc3hIglTr3qEkHoXaApu/qU1sFI
RB4cP12Pj14+u8xtT+sGeVFkwomo+PAH0lum/QzJwLrnfHyPB3FN5LhKPcz4nfUG
7spKvJ0V0mX55HixsnzrF5NClcHSN+Cs77iwV8tSNlablrVB4szlk9DS8LA7wKUV
7B81MbqXUUo7jonQeMtFsAtWIzDY3lPttNfHnvMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSwo5q4wuj752WnpWBqGo1HCmvUzjAfBgNVHSMEGDAWgBQKH9uA7/W84WVK
yMa5IueB/S02pTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoX2JnT18xdk9GbFNzakd1U0xuZ2YwdE5xVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYWQ1NWU0LWMwYzktNDMxOS04YmQ4LTA0YmM4N2EyOWU0ZC8x
L3NLT2F1TUxvLS1kbHA2VmdhaHFOUndwcjFNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YWQ1NWU0LWMwYzktNDMxOS04YmQ4LTA0YmM4N2EyOWU0ZC8xL0NoX2JnT18xdk9G
bFNzakd1U0xuZ2YwdE5xVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmWlDANBAIAAjAHAwUAKgOs4DAN
BgkqhkiG9w0BAQsFAAOCAQEAX6Jrbs4AQ05H0b8Hor/JiZOI0ao1mkgpAgunx6rC
Qm4PK7ucCG8MLnAhtDgJaCxow03g7JkQ/aCphNArzVoOtnmSysR0rUFcB5mxJ53p
1DmrYcD0hY1LJBdR4w0jR+h0iFJFqcBttXulcQw9XgRWX8ikxVXBilG5oERd89Rr
kFQx+ZS8RLdKN90qKBSVOQZKRj67RQqSVmyHUkh+sgR/d0zHMi0rIW29rMKyhl9H
Kjx92rOqHqBYcOSKznkf3rOEBKiqEyuN93CoEtTbII9jGaumrm6SYBtvqYJ1VivW
ZgD/tVT/+ds71LadS49MsMSMfmV2XpKcfs9UzMZBSamK6A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:14 2023 by rpki-client on console-fra.rpki-client.org