Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/I1FDDsc3icY-fegBZ3eMQ5TwfF0.roa
File: I1FDDsc3icY-fegBZ3eMQ5TwfF0.roa (raw, json)
Hash identifier: tdz7NCFv0CWQ7DgdNUT8dcHTwpGcfV3pPH5J0wPr2WQ=
Subject key identifier: 23:51:43:0E:C7:37:89:C6:3E:7D:E8:01:67:77:8C:43:94:F0:7C:5D
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0184A5DF7725FE7BA70AA798A0AED94FB4BA
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/I1FDDsc3icY-fegBZ3eMQ5TwfF0.roa
Signing time: Wed 23 Nov 2022 19:03:16 +0000
ROA not before: Wed 23 Nov 2022 19:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.148.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a5:df:77:25:fe:7b:a7:0a:a7:98:a0:ae:d9:4f:b4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Nov 23 19:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2351430ec73789c63e7de80167778c4394f07c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ca:33:ed:ef:e1:e4:60:d1:d2:84:4c:77:dd:
1c:97:d1:28:72:8a:d6:35:cb:0e:e2:60:c7:88:74:
1e:21:67:1e:e1:97:37:e3:34:98:64:ad:98:67:fb:
69:ef:a9:a5:27:e3:da:28:a9:6c:4c:ee:92:c1:5c:
9a:b0:96:95:2a:52:ae:82:69:3a:ab:22:e5:63:a5:
eb:2f:21:7d:05:40:c7:60:3f:22:23:11:3f:2a:e7:
31:95:22:29:99:43:0b:a3:ac:b9:0d:25:cf:81:09:
b1:54:e9:04:8d:a9:df:74:9e:e7:51:d0:2e:dc:42:
9e:f2:bf:25:6f:0a:59:b5:3e:7e:31:db:a6:03:79:
f3:89:9e:a9:2d:d8:12:94:a3:04:87:cf:11:b3:81:
f7:09:08:ce:0f:84:42:81:61:17:0e:91:7f:59:b1:
db:88:8e:87:69:15:20:34:65:8a:19:99:ee:72:44:
61:b1:36:c7:89:05:cd:91:7a:57:ea:8f:2b:37:f3:
87:89:2c:6a:1d:0a:30:45:34:c4:bd:af:c9:66:fc:
83:47:21:0e:1f:1d:10:dd:81:60:c1:1d:86:2e:1d:
58:aa:6c:bc:dc:02:f1:99:6b:17:89:62:e0:59:88:
31:81:8f:77:17:c3:1b:df:cd:44:78:16:6e:ab:8d:
8d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:51:43:0E:C7:37:89:C6:3E:7D:E8:01:67:77:8C:43:94:F0:7C:5D
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/I1FDDsc3icY-fegBZ3eMQ5TwfF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.241.0/24
185.148.243.0/24
Signature Algorithm: sha256WithRSAEncryption
54:12:03:f0:92:8f:0b:c5:eb:81:ec:b9:77:bc:fa:af:92:af:
02:e2:1f:d7:8c:a7:95:f8:e9:da:7e:94:46:68:57:30:d5:dc:
32:67:13:64:33:68:31:98:d7:a0:93:0f:48:7d:ea:2f:00:7a:
3a:51:a8:85:19:3f:c4:77:21:0c:20:fb:f4:a4:1d:22:3d:35:
ec:32:e3:5c:ba:1e:e4:23:d5:3c:7e:12:69:6b:8e:c4:25:7b:
f1:50:46:af:ac:69:13:fa:0c:c1:56:dc:3b:6a:a8:a4:26:ef:
26:02:14:b2:54:0a:3c:b9:3d:b3:ca:4a:0d:a4:f0:0f:6a:a0:
b8:04:2d:3f:0b:5e:0d:ba:f7:52:01:ea:45:4a:ee:66:9e:04:
30:7e:7c:42:d2:be:b1:21:78:7a:9c:41:59:fb:58:03:68:ba:
df:05:77:0d:bc:6e:60:d9:50:7e:62:a5:07:0a:4f:ed:4d:8d:
be:86:99:89:02:0e:68:53:dd:4c:e4:d3:94:16:b4:bb:ca:13:
c6:a1:ac:18:c1:1a:61:f7:a9:e3:68:2d:2e:aa:46:13:d5:a3:
c7:1e:d5:ac:fa:a8:57:e9:60:0f:d9:55:f7:60:27:88:b1:9f:
76:c1:f8:b4:5c:f0:b5:45:54:59:fa:76:15:93:d3:ae:20:c6:
ad:01:05:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSl33cl/nunCqeYoK7ZT7S6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjIxMTIzMTkwMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzUxNDMwZWM3Mzc4OWM2M2U3ZGU4MDE2Nzc3OGM0Mzk0ZjA3YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsoz7e/h5GDR0oRMd90cl9EocorW
NcsO4mDHiHQeIWce4Zc34zSYZK2YZ/tp76mlJ+PaKKlsTO6SwVyasJaVKlKugmk6
qyLlY6XrLyF9BUDHYD8iIxE/KucxlSIpmUMLo6y5DSXPgQmxVOkEjanfdJ7nUdAu
3EKe8r8lbwpZtT5+MdumA3nziZ6pLdgSlKMEh88Rs4H3CQjOD4RCgWEXDpF/WbHb
iI6HaRUgNGWKGZnuckRhsTbHiQXNkXpX6o8rN/OHiSxqHQowRTTEva/JZvyDRyEO
Hx0Q3YFgwR2GLh1Yqmy83ALxmWsXiWLgWYgxgY93F8Mb381EeBZuq42NywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNRQw7HN4nGPn3oAWd3jEOU8HxdMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvSTFGRERzYzNpY1ktZmVnQlozZU1RNVR3ZkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZTxAwQA
uZTzMA0GCSqGSIb3DQEBCwUAA4IBAQBUEgPwko8LxeuB7Ll3vPqvkq8C4h/XjKeV
+OnafpRGaFcw1dwyZxNkM2gxmNegkw9IfeovAHo6UaiFGT/EdyEMIPv0pB0iPTXs
MuNcuh7kI9U8fhJpa47EJXvxUEavrGkT+gzBVtw7aqikJu8mAhSyVAo8uT2zykoN
pPAPaqC4BC0/C14NuvdSAepFSu5mngQwfnxC0r6xIXh6nEFZ+1gDaLrfBXcNvG5g
2VB+YqUHCk/tTY2+hpmJAg5oU91M5NOUFrS7yhPGoawYwRph96njaC0uqkYT1aPH
HtWs+qhX6WAP2VX3YCeIsZ92wfi0XPC1RVRZ+nYVk9OuIMatAQV3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org