Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/a9g-lObBUenvKrl0xUqCBIZojI0.roa
File: a9g-lObBUenvKrl0xUqCBIZojI0.roa (raw, json)
Hash identifier: D9hQ7/5YvkBLcqrqez+pqL640PTqYeZ+6Zi/HFl8dR0=
Subject key identifier: 6B:D8:3E:94:E6:C1:51:E9:EF:2A:B9:74:C5:4A:82:04:86:68:8C:8D
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 01830F114AAC33064B673D50668C2D625DDE
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/a9g-lObBUenvKrl0xUqCBIZojI0.roa
Signing time: Mon 05 Sep 2022 19:12:14 +0000
ROA not before: Mon 05 Sep 2022 19:12:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.242.0/24 maxlen: 24
185.148.241.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
45.10.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0f:11:4a:ac:33:06:4b:67:3d:50:66:8c:2d:62:5d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 5 19:12:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bd83e94e6c151e9ef2ab974c54a820486688c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c9:48:60:56:4e:63:59:bf:36:48:b0:d6:16:
ef:de:bb:e5:ea:91:b1:87:82:db:6c:a0:83:0a:b0:
7c:06:a7:4f:24:ff:d3:2e:38:97:79:45:85:3d:00:
d9:38:21:1b:7c:8f:45:c9:b1:29:d1:9a:76:9f:2d:
5a:84:7f:55:46:6c:6b:8d:a6:1c:b3:9a:df:74:1c:
67:0e:ca:99:f5:23:a9:2b:39:e7:e9:b8:5b:10:b7:
de:03:cd:31:e9:d8:0d:bc:90:30:63:59:31:14:25:
db:95:bb:4e:d6:42:ca:83:48:a5:7b:93:b1:e2:47:
ed:42:e7:1d:da:ea:16:bc:b0:ce:68:ed:7f:4f:a8:
4f:c0:82:88:79:78:b8:cf:99:13:9b:7f:1a:bc:89:
8a:b3:e2:71:90:2a:9d:cb:f4:62:e8:c0:98:76:63:
9b:d6:3a:6a:b6:00:50:e5:2a:47:d4:dc:e5:c6:24:
09:7a:4c:98:a7:a8:b8:f5:ca:90:86:38:58:c2:0b:
66:29:17:19:85:33:81:32:4d:a6:b3:9d:43:c4:d1:
a4:64:35:4b:48:00:b7:7e:ff:75:60:68:91:c0:66:
39:a6:2f:34:2b:19:07:09:fa:d8:2e:3f:ed:7f:3a:
f9:04:95:4f:77:66:bd:06:5d:88:e3:e2:62:17:0f:
c7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D8:3E:94:E6:C1:51:E9:EF:2A:B9:74:C5:4A:82:04:86:68:8C:8D
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/a9g-lObBUenvKrl0xUqCBIZojI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.151.0/24
185.148.241.0-185.148.243.255
Signature Algorithm: sha256WithRSAEncryption
02:9e:2a:9e:93:cb:f3:eb:43:48:6c:cf:b6:c9:1a:ee:7d:43:
97:77:0a:75:dd:54:b6:55:e5:d7:62:4a:07:e4:48:12:c1:4e:
3a:61:30:a4:e4:a0:d4:2e:4d:43:f1:97:e4:71:49:01:e9:bc:
bd:e5:03:54:48:28:e8:6f:02:ea:65:fb:c4:b7:ba:39:fa:ce:
b7:c6:8e:63:a7:c3:3e:96:40:3d:52:ef:b9:da:16:40:80:28:
c8:59:6f:2f:2c:35:d6:ac:23:26:d6:5f:cc:97:75:13:09:45:
bf:29:ef:fe:95:5b:f4:41:4b:d1:fb:39:7c:07:53:fe:7d:e7:
5c:5d:48:3a:bf:f9:b8:70:9a:ae:78:69:54:4d:c7:8b:11:77:
9a:b8:2a:79:98:35:be:d6:0c:2b:80:82:d2:9d:7d:4d:65:d4:
3f:53:9b:08:8b:4d:d3:7d:a0:4d:90:f7:d3:fb:5a:5e:d4:48:
b9:d2:c9:75:f2:c2:f9:3f:10:e7:c1:93:f5:05:0b:83:42:1c:
36:e1:ab:12:cc:30:40:8c:d0:52:66:45:88:c9:d1:73:7d:96:
56:62:3a:3e:8c:1a:2a:11:c4:29:aa:b8:a5:75:26:d0:07:9b:
24:cf:24:eb:ce:76:3c:5e:ec:2f:ef:f8:b4:aa:86:54:59:13:
c1:6c:ef:ce
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYMPEUqsMwZLZz1QZowtYl3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjIwOTA1MTkxMjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ4M2U5NGU2YzE1MWU5ZWYyYWI5NzRjNTRhODIwNDg2Njg4YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiclIYFZOY1m/Nkiw1hbv3rvl6pGx
h4LbbKCDCrB8BqdPJP/TLjiXeUWFPQDZOCEbfI9FybEp0Zp2ny1ahH9VRmxrjaYc
s5rfdBxnDsqZ9SOpKznn6bhbELfeA80x6dgNvJAwY1kxFCXblbtO1kLKg0ile5Ox
4kftQucd2uoWvLDOaO1/T6hPwIKIeXi4z5kTm38avImKs+JxkCqdy/Ri6MCYdmOb
1jpqtgBQ5SpH1NzlxiQJekyYp6i49cqQhjhYwgtmKRcZhTOBMk2ms51DxNGkZDVL
SAC3fv91YGiRwGY5pi80KxkHCfrYLj/tfzr5BJVPd2a9Bl2I4+JiFw/HgwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGvYPpTmwVHp7yq5dMVKggSGaIyNMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvYTlnLWxPYkJVZW52S3JsMHhVcUNCSVpvakkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALQqXMAwD
BAC5lPEDBAK5lPAwDQYJKoZIhvcNAQELBQADggEBAAKeKp6Ty/PrQ0hsz7bJGu59
Q5d3CnXdVLZV5ddiSgfkSBLBTjphMKTkoNQuTUPxl+RxSQHpvL3lA1RIKOhvAupl
+8S3ujn6zrfGjmOnwz6WQD1S77naFkCAKMhZby8sNdasIybWX8yXdRMJRb8p7/6V
W/RBS9H7OXwHU/5951xdSDq/+bhwmq54aVRNx4sRd5q4KnmYNb7WDCuAgtKdfU1l
1D9TmwiLTdN9oE2Q99P7Wl7USLnSyXXywvk/EOfBk/UFC4NCHDbhqxLMMECM0FJm
RYjJ0XN9llZiOj6MGioRxCmquKV1JtAHmyTPJOvOdjxe7C/v+LSqhlRZE8Fs784=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org