Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/zEwSLouAyWEkunk8saPQvLqg-WA.roa
File: zEwSLouAyWEkunk8saPQvLqg-WA.roa (raw, json)
Hash identifier: I1NuP3kq9rdsTJT9QgTlqbT3pSvo8Z0BA0EjA/d/rNI=
Subject key identifier: CC:4C:12:2E:8B:80:C9:61:24:BA:79:3C:B1:A3:D0:BC:BA:A0:F9:60
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 01830CB43E681BB67A676DD4F73131320AC9
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/zEwSLouAyWEkunk8saPQvLqg-WA.roa
Signing time: Mon 05 Sep 2022 08:11:22 +0000
ROA not before: Mon 05 Sep 2022 08:11:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.146.154.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0c:b4:3e:68:1b:b6:7a:67:6d:d4:f7:31:31:32:0a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Sep 5 08:11:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc4c122e8b80c96124ba793cb1a3d0bcbaa0f960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:52:b9:b4:5f:8e:e2:b1:5f:00:ba:f6:a6:18:
95:4c:eb:1c:e8:8e:7a:e1:e6:d5:6a:69:af:c2:93:
5d:34:d7:56:51:eb:ef:53:29:9d:8e:47:ee:43:f0:
65:f8:d1:a8:17:4e:c4:07:19:52:28:86:93:06:4c:
61:43:76:d9:a0:12:f2:de:06:fc:93:da:61:1a:00:
fe:62:5a:aa:ba:0e:70:55:28:19:df:c0:88:20:bf:
c1:4e:45:b0:63:53:34:22:b4:c3:0e:b7:43:f1:ed:
34:4a:fa:81:5a:fb:00:d2:b9:b5:04:1c:54:77:4e:
75:05:96:8f:0d:29:18:37:a0:38:73:cc:c8:62:c5:
79:32:4f:1c:99:53:a2:12:d7:20:2e:95:e3:d2:ec:
5b:12:e6:32:72:cb:14:ac:b5:0a:e3:74:62:c1:91:
77:5b:31:c2:f5:e2:82:d7:0a:76:26:06:75:59:43:
fa:e3:9e:11:66:fd:cd:75:95:74:e2:ce:ae:6a:ea:
60:95:90:91:c3:d1:d0:9d:71:79:e3:fc:e2:5d:6b:
0a:fc:6a:55:19:74:71:1d:25:5c:8f:e4:d7:d5:37:
b9:6a:a0:7c:70:d7:6f:cd:39:77:2b:32:8d:dd:0a:
f5:c5:fc:52:96:b6:d2:68:2a:6f:0b:52:f3:0b:af:
8e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4C:12:2E:8B:80:C9:61:24:BA:79:3C:B1:A3:D0:BC:BA:A0:F9:60
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/zEwSLouAyWEkunk8saPQvLqg-WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/24
IPv6:
2a07:4f80::/44
Signature Algorithm: sha256WithRSAEncryption
7f:dd:ac:03:e6:67:da:f0:1c:24:a2:4f:c5:b9:67:64:be:a1:
af:40:b0:54:8e:d3:7a:a0:d8:5f:b8:b0:09:c9:8f:61:70:3e:
c3:0f:52:42:73:fd:56:c5:f6:37:57:58:a5:fe:21:20:31:6c:
0a:80:ea:93:da:d4:b2:22:24:b5:2a:df:9d:47:2b:19:1f:16:
4b:ba:b1:e2:51:94:49:c5:99:ed:da:40:9f:bf:37:d3:f7:4f:
e2:63:9f:0e:7d:04:5b:dc:07:63:1d:6c:d4:68:72:60:03:9d:
7a:ab:bc:dc:b8:78:ab:3b:a7:97:53:4d:c0:b3:eb:6e:af:22:
c6:f9:6e:d3:75:99:f5:99:2e:56:79:e2:b8:35:a2:9f:a5:b5:
50:80:0c:86:8a:83:6f:b2:38:22:a6:16:70:6d:a3:65:45:77:
b7:1f:12:4d:54:e6:25:05:1e:f9:80:a5:27:df:97:84:4e:72:
82:5b:fc:f8:a2:b1:79:a1:e8:ee:48:4e:1c:b5:c9:d6:57:17:
2b:d5:3b:5c:72:33:99:8c:d9:58:ef:2f:03:9c:e7:02:54:10:
12:56:78:bb:f4:71:58:8d:9c:d0:16:d2:a3:14:7f:f4:9b:9d:
73:9a:0f:65:0b:d1:57:6c:fb:4c:8b:8a:1e:6e:bd:09:67:dd:
55:df:57:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMMtD5oG7Z6Z23U9zExMgrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjIwOTA1MDgxMTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzRjMTIyZThiODBjOTYxMjRiYTc5M2NiMWEzZDBiY2JhYTBmOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplK5tF+O4rFfALr2phiVTOsc6I56
4ebVammvwpNdNNdWUevvUymdjkfuQ/Bl+NGoF07EBxlSKIaTBkxhQ3bZoBLy3gb8
k9phGgD+Ylqqug5wVSgZ38CIIL/BTkWwY1M0IrTDDrdD8e00SvqBWvsA0rm1BBxU
d051BZaPDSkYN6A4c8zIYsV5Mk8cmVOiEtcgLpXj0uxbEuYycssUrLUK43RiwZF3
WzHC9eKC1wp2JgZ1WUP6454RZv3NdZV04s6uaupglZCRw9HQnXF54/ziXWsK/GpV
GXRxHSVcj+TX1Te5aqB8cNdvzTl3KzKN3Qr1xfxSlrbSaCpvC1LzC6+OdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxMEi6LgMlhJLp5PLGj0Ly6oPlgMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvekV3U0xvdUF5V0VrdW5rOHNhUFF2THFnLVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZKaMA8E
AgACMAkDBwQqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAH/drAPmZ9rwHCSiT8W5
Z2S+oa9AsFSO03qg2F+4sAnJj2FwPsMPUkJz/VbF9jdXWKX+ISAxbAqA6pPa1LIi
JLUq351HKxkfFku6seJRlEnFme3aQJ+/N9P3T+Jjnw59BFvcB2MdbNRocmADnXqr
vNy4eKs7p5dTTcCz626vIsb5btN1mfWZLlZ54rg1op+ltVCADIaKg2+yOCKmFnBt
o2VFd7cfEk1U5iUFHvmApSffl4ROcoJb/PiisXmh6O5IThy1ydZXFyvVO1xyM5mM
2VjvLwOc5wJUEBJWeLv0cViNnNAW0qMUf/SbnXOaD2UL0Vds+0yLih5uvQln3VXf
V8o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org