Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/fYQ5reaU73SgX_upksuT3Wqx1jw.roa
File: fYQ5reaU73SgX_upksuT3Wqx1jw.roa (raw, json)
Hash identifier: +nJwD2jkQJnbi8I+VsCpdVzRvYqaxB59P8XTtbYunJA=
Subject key identifier: 7D:84:39:AD:E6:94:EF:74:A0:5F:FB:A9:92:CB:93:DD:6A:B1:D6:3C
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018331339E7F6A5BFC24EFF00F339518EEE3
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/fYQ5reaU73SgX_upksuT3Wqx1jw.roa
Signing time: Mon 12 Sep 2022 10:16:49 +0000
ROA not before: Mon 12 Sep 2022 10:16:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.146.155.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:33:9e:7f:6a:5b:fc:24:ef:f0:0f:33:95:18:ee:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Sep 12 10:16:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d8439ade694ef74a05ffba992cb93dd6ab1d63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:76:54:cf:05:90:d0:4b:b5:34:df:54:05:36:
28:a6:2a:96:4d:93:c3:d7:86:4e:63:ac:36:d7:79:
13:9f:1e:ad:fc:cc:fe:39:0e:81:b7:b9:b6:e5:ea:
75:01:85:b0:7a:f2:56:aa:78:ed:49:01:4a:0d:03:
7c:ef:50:4e:dd:9e:9c:fc:a8:9d:99:a8:1f:5d:15:
09:cd:f4:1e:6b:e4:8f:f8:1e:ed:55:9c:07:3c:4c:
57:dc:87:3f:9a:38:d9:10:dd:74:b0:c4:10:f0:14:
f9:fe:55:62:82:93:73:91:27:9d:d3:42:d4:71:be:
a6:85:32:07:9f:96:a2:b2:ff:b8:6e:1c:bf:2a:d7:
12:a0:b8:c9:4b:50:6d:ae:60:65:d7:ca:23:c8:2c:
f9:81:b3:f9:4f:ab:37:9a:45:88:d3:fe:f1:db:af:
d9:1a:b8:1e:f7:bf:0d:fc:fe:9d:a7:ac:c6:7a:e6:
b5:6b:d1:80:36:10:25:4b:95:03:ed:f5:33:2a:b2:
22:77:05:5a:19:ed:4b:4a:9e:a8:77:e9:3d:df:6e:
7b:b0:b3:d6:c9:55:42:ed:e7:1a:5e:93:67:af:d3:
b1:88:05:ce:5b:db:81:ee:ae:a7:c6:8a:39:87:29:
43:68:65:9b:e8:72:ff:78:c3:d4:61:01:59:ee:bd:
8d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:84:39:AD:E6:94:EF:74:A0:5F:FB:A9:92:CB:93:DD:6A:B1:D6:3C
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/fYQ5reaU73SgX_upksuT3Wqx1jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
a3:37:3e:53:1c:48:0a:85:80:99:1f:a4:22:46:bb:d2:85:e6:
1b:98:70:db:cd:a7:76:23:0a:dd:ef:7c:57:d7:09:d4:72:80:
60:6a:7f:e6:81:db:ab:e3:1c:34:f9:e7:9b:ff:17:b6:29:68:
77:3d:a5:46:c6:fc:eb:c6:81:11:76:d8:ed:c7:22:f6:18:32:
95:c4:56:7f:42:e8:de:94:dc:ca:88:c2:f0:27:a9:e0:18:a8:
ec:4a:98:51:8c:b6:d9:31:6d:b5:ad:dd:dd:92:26:30:b0:f0:
49:26:a9:7e:04:30:4b:18:31:d8:b6:d4:bc:86:83:4b:c7:0b:
85:e9:01:7a:c8:2a:b0:0e:b6:5b:42:a8:69:20:22:c9:14:27:
e5:ba:6c:15:1d:22:3c:22:27:33:cd:ee:4b:b0:25:8a:62:de:
79:fc:6b:02:ff:9d:46:39:7c:5c:14:5b:34:19:1a:59:8e:5f:
8d:61:07:cc:5a:ff:35:f8:ae:8e:9c:2a:1b:15:9a:47:3c:c7:
b4:e1:a2:78:74:66:db:4e:3c:44:76:5d:4c:72:b3:1f:63:ff:
b4:2a:4d:1d:08:ea:33:34:14:7d:f9:ae:2e:9b:c5:5c:63:45:
f5:c3:4c:67:76:5f:98:32:95:ee:0a:df:93:46:3d:24:7a:f4:
67:c1:b4:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMxM55/alv8JO/wDzOVGO7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjIwOTEyMTAxNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDg0MzlhZGU2OTRlZjc0YTA1ZmZiYTk5MmNiOTNkZDZhYjFkNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHZUzwWQ0Eu1NN9UBTYopiqWTZPD
14ZOY6w213kTnx6t/Mz+OQ6Bt7m25ep1AYWwevJWqnjtSQFKDQN871BO3Z6c/Kid
magfXRUJzfQea+SP+B7tVZwHPExX3Ic/mjjZEN10sMQQ8BT5/lVigpNzkSed00LU
cb6mhTIHn5aisv+4bhy/KtcSoLjJS1BtrmBl18ojyCz5gbP5T6s3mkWI0/7x26/Z
Grge978N/P6dp6zGeua1a9GANhAlS5UD7fUzKrIidwVaGe1LSp6od+k93257sLPW
yVVC7ecaXpNnr9OxiAXOW9uB7q6nxoo5hylDaGWb6HL/eMPUYQFZ7r2NawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2EOa3mlO90oF/7qZLLk91qsdY8MB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvZllRNXJlYVU3M1NnWF91cGtzdVQzV3F4MWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZKaMA8E
AgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAKM3PlMcSAqFgJkfpCJG
u9KF5huYcNvNp3YjCt3vfFfXCdRygGBqf+aB26vjHDT555v/F7YpaHc9pUbG/OvG
gRF22O3HIvYYMpXEVn9C6N6U3MqIwvAnqeAYqOxKmFGMttkxbbWt3d2SJjCw8Ekm
qX4EMEsYMdi21LyGg0vHC4XpAXrIKrAOtltCqGkgIskUJ+W6bBUdIjwiJzPN7kuw
JYpi3nn8awL/nUY5fFwUWzQZGlmOX41hB8xa/zX4ro6cKhsVmkc8x7Thonh0ZttO
PER2XUxysx9j/7QqTR0I6jM0FH35ri6bxVxjRfXDTGd2X5gyle4K35NGPSR69GfB
tKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org