Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/5FThw9O7kvmI72e-HIOdlVLG1p8.roa
File: 5FThw9O7kvmI72e-HIOdlVLG1p8.roa (raw, json)
Hash identifier: yOtQGifAyHFbnpzPuQFGtjS0YMfQ8JSaqw7lolPn0Yo=
Subject key identifier: E4:54:E1:C3:D3:BB:92:F9:88:EF:67:BE:1C:83:9D:95:52:C6:D6:9F
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018331339DC2EA19AA0FAFDAADCCB20337FA
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/5FThw9O7kvmI72e-HIOdlVLG1p8.roa
Signing time: Mon 12 Sep 2022 10:16:49 +0000
ROA not before: Mon 12 Sep 2022 10:16:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:33:9d:c2:ea:19:aa:0f:af:da:ad:cc:b2:03:37:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Sep 12 10:16:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e454e1c3d3bb92f988ef67be1c839d9552c6d69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:20:39:27:bc:59:f1:28:b6:19:f5:04:bc:ef:
30:35:39:73:02:7a:b3:d3:52:58:ad:94:4f:2e:e7:
5f:a0:98:9a:7e:96:57:11:e8:0b:a3:63:a9:f2:1c:
69:9c:32:25:10:c7:6a:77:bb:3d:8b:c3:83:d9:dc:
bb:49:d8:52:5b:a6:0b:45:e7:cd:1a:5a:ad:fc:11:
d9:66:e8:f8:75:48:ac:30:0a:d6:bf:de:b9:56:9c:
f1:44:65:a5:e6:a7:34:12:9c:ff:d4:bb:99:16:40:
a4:a7:d6:ef:af:c3:71:02:4c:dd:62:c4:fe:47:23:
46:65:99:dc:3d:00:64:36:8a:37:d4:f7:9c:7d:9f:
0c:cd:ad:07:70:92:7f:6c:f5:28:29:fd:c2:9a:83:
3e:48:ae:4a:d4:02:18:7a:a2:70:a1:74:59:93:f2:
20:16:cf:64:4e:d4:71:10:41:68:08:74:c7:29:ec:
fb:b4:3e:28:93:88:91:cb:7a:07:49:14:ed:f8:07:
64:92:dd:af:a6:db:1d:c4:50:60:bc:ab:76:18:bf:
d5:28:6b:f0:ac:a5:d1:d6:e4:30:9b:e6:68:fb:6b:
4e:ff:0b:48:57:57:8f:36:a9:ad:58:a1:80:10:f4:
8a:fa:ef:6f:91:96:8e:43:7b:97:7f:02:b7:2d:89:
3d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:54:E1:C3:D3:BB:92:F9:88:EF:67:BE:1C:83:9D:95:52:C6:D6:9F
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/5FThw9O7kvmI72e-HIOdlVLG1p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
b9:bf:d6:2b:f0:e6:7e:43:00:43:20:7a:6d:d0:44:eb:f2:e5:
76:0d:bd:f7:cb:2b:38:de:98:1e:f6:82:ab:6e:6f:f9:51:b1:
81:81:77:39:c4:23:38:69:a9:1e:79:00:28:75:80:c6:ac:17:
13:5e:6e:25:5a:c6:05:07:f0:b9:c0:49:7f:f3:8f:7b:fa:a1:
49:84:96:61:52:4a:47:a9:d9:9d:08:f5:ef:7e:4d:ac:d2:11:
82:07:1b:ca:c2:de:bb:8d:91:be:26:af:05:06:50:67:ec:c3:
32:26:67:7c:66:f8:aa:5b:01:40:d9:b8:1b:38:24:73:bf:19:
81:56:25:ce:fd:82:a5:0c:8a:0d:cb:44:a0:a9:80:41:77:aa:
d6:14:d7:0b:0f:07:25:d4:60:6a:07:50:54:1e:58:e6:63:2f:
eb:59:8f:58:df:ed:a1:52:e3:cf:be:90:80:6f:6e:8b:95:61:
64:86:c6:c9:99:83:f3:a2:c2:3b:28:1b:1e:11:38:05:3d:e3:
38:88:c2:55:ee:a0:8e:dd:12:ca:b8:4c:70:c4:67:c9:0d:0e:
ef:71:e1:05:14:7f:57:54:fb:0a:82:29:02:78:a4:ea:ea:75:
37:39:b1:68:1a:0f:7c:b0:07:81:47:58:ce:8e:6e:ac:30:eb:
ac:da:9c:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMxM53C6hmqD6/arcyyAzf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjIwOTEyMTAxNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU0ZTFjM2QzYmI5MmY5ODhlZjY3YmUxYzgzOWQ5NTUyYzZkNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiA5J7xZ8Si2GfUEvO8wNTlzAnqz
01JYrZRPLudfoJiafpZXEegLo2Op8hxpnDIlEMdqd7s9i8OD2dy7SdhSW6YLRefN
Glqt/BHZZuj4dUisMArWv965VpzxRGWl5qc0Epz/1LuZFkCkp9bvr8NxAkzdYsT+
RyNGZZncPQBkNoo31PecfZ8Mza0HcJJ/bPUoKf3CmoM+SK5K1AIYeqJwoXRZk/Ig
Fs9kTtRxEEFoCHTHKez7tD4ok4iRy3oHSRTt+Adkkt2vptsdxFBgvKt2GL/VKGvw
rKXR1uQwm+Zo+2tO/wtIV1ePNqmtWKGAEPSK+u9vkZaOQ3uXfwK3LYk9RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFORU4cPTu5L5iO9nvhyDnZVSxtafMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvNUZUaHc5Tzdrdm1JNzJlLUhJT2RsVkxHMXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZKaMA8E
AgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBALm/1ivw5n5DAEMgem3Q
ROvy5XYNvffLKzjemB72gqtub/lRsYGBdznEIzhpqR55ACh1gMasFxNebiVaxgUH
8LnASX/zj3v6oUmElmFSSkep2Z0I9e9+TazSEYIHG8rC3ruNkb4mrwUGUGfswzIm
Z3xm+KpbAUDZuBs4JHO/GYFWJc79gqUMig3LRKCpgEF3qtYU1wsPByXUYGoHUFQe
WOZjL+tZj1jf7aFS48++kIBvbouVYWSGxsmZg/OiwjsoGx4ROAU94ziIwlXuoI7d
Esq4THDEZ8kNDu9x4QUUf1dU+wqCKQJ4pOrqdTc5sWgaD3ywB4FHWM6Obqww66za
nBI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org