Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/IP13DSTyLiusL_y9s8606RUUMjw.roa
File: IP13DSTyLiusL_y9s8606RUUMjw.roa (raw, json)
Hash identifier: jCDkMMRrd9KQjeiRoIHnI7AgMZ5Hgc4bL6ckykKis/U=
Subject key identifier: 20:FD:77:0D:24:F2:2E:2B:AC:2F:FC:BD:B3:CE:B4:E9:15:14:32:3C
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 0183850EE299C92129E34738A1BB8052D16E
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/IP13DSTyLiusL_y9s8606RUUMjw.roa
Signing time: Wed 28 Sep 2022 17:04:48 +0000
ROA not before: Wed 28 Sep 2022 17:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:0e:e2:99:c9:21:29:e3:47:38:a1:bb:80:52:d1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Sep 28 17:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20fd770d24f22e2bac2ffcbdb3ceb4e91514323c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b7:53:64:1b:45:25:f8:cb:93:70:5b:80:66:
33:98:25:5e:ce:ec:ea:69:fc:bf:f5:99:76:a6:ee:
71:73:c5:56:05:4b:b5:e4:0c:a8:55:c2:ab:18:b1:
59:ef:11:55:42:03:b8:23:1f:5c:33:7d:33:c9:97:
93:23:b6:18:95:5b:32:5d:2e:b4:84:08:15:b8:84:
b5:b2:b1:50:8e:e8:1f:59:d9:5b:14:bc:2e:79:0e:
8e:c0:c4:d3:db:ea:41:aa:25:68:97:4c:66:b6:64:
c3:13:74:f0:b3:cd:d3:c3:64:6a:d5:3d:f0:09:ce:
ee:52:25:9a:97:4d:a8:63:5c:20:6b:d6:dd:6c:65:
d0:ef:8f:35:fc:4b:28:29:37:50:af:f9:5e:57:cf:
42:4c:a8:9c:09:15:5f:b1:71:a5:76:80:ed:6d:08:
8d:37:6e:d1:93:ac:ac:91:5d:37:9f:6b:69:b1:6d:
84:cf:b7:bb:4d:b0:eb:a8:d5:a4:93:02:c6:19:33:
c2:80:4c:b9:3f:93:b1:b8:7c:bc:4c:bc:58:db:66:
ba:25:f5:c5:bd:0e:23:04:4d:eb:8f:25:b3:a0:1f:
c0:c6:91:f9:a0:3e:81:96:52:ab:35:a4:b3:3c:09:
1e:27:8a:b8:76:0a:6b:2d:04:23:e1:a8:d3:c6:6c:
90:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FD:77:0D:24:F2:2E:2B:AC:2F:FC:BD:B3:CE:B4:E9:15:14:32:3C
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/IP13DSTyLiusL_y9s8606RUUMjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.149.0-185.124.150.255
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
bb:c9:fd:e7:2c:5d:b4:90:a5:2d:bd:f3:b1:49:89:a8:db:64:
20:fe:ee:4e:88:2d:a0:aa:b4:df:b7:65:c4:23:66:e9:ef:0c:
31:9f:0d:15:76:50:d0:cf:c3:28:7a:9a:b0:7b:bf:35:e5:be:
14:23:97:59:59:f9:95:75:a6:70:34:b3:e8:e5:d1:2b:52:26:
6f:1d:93:86:00:eb:3e:2a:9c:22:b1:31:bc:8e:ba:53:34:78:
3f:45:dd:d2:00:ac:82:fd:fb:21:95:cb:52:b9:64:67:0c:e3:
45:c2:06:42:ff:08:14:7c:1d:8d:4f:e6:fa:1e:3f:e2:58:17:
4d:19:b4:73:b1:2c:d5:a1:0c:de:d8:d2:db:8e:cb:e5:45:d1:
f9:45:8a:aa:97:36:9c:7b:91:7b:33:39:81:e2:97:fd:17:f4:
da:c2:b2:f6:b5:06:b3:a5:2a:44:1a:20:31:75:02:97:b2:7d:
80:b7:31:90:c2:a4:7f:6d:c1:12:e2:7e:6a:90:b8:17:13:e8:
47:9c:70:9b:98:6e:f1:92:43:67:f8:ce:42:a4:2c:4f:cf:c2:
58:05:7b:c6:90:f7:13:a5:e2:79:37:99:39:6d:28:c9:3f:bc:
8f:18:38:11:f3:3e:93:77:7a:63:c4:cb:48:80:fc:40:59:f7:
b6:33:8a:9d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYOFDuKZySEp40c4obuAUtFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIwOTI4MTcwNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGZkNzcwZDI0ZjIyZTJiYWMyZmZjYmRiM2NlYjRlOTE1MTQzMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LdTZBtFJfjLk3BbgGYzmCVezuzq
afy/9Zl2pu5xc8VWBUu15AyoVcKrGLFZ7xFVQgO4Ix9cM30zyZeTI7YYlVsyXS60
hAgVuIS1srFQjugfWdlbFLwueQ6OwMTT2+pBqiVol0xmtmTDE3Tws83Tw2Rq1T3w
Cc7uUiWal02oY1wga9bdbGXQ7481/EsoKTdQr/leV89CTKicCRVfsXGldoDtbQiN
N27Rk6yskV03n2tpsW2Ez7e7TbDrqNWkkwLGGTPCgEy5P5OxuHy8TLxY22a6JfXF
vQ4jBE3rjyWzoB/AxpH5oD6BllKrNaSzPAkeJ4q4dgprLQQj4ajTxmyQ7QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCD9dw0k8i4rrC/8vbPOtOkVFDI8MB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvSVAxM0RTVHlMaXVzTF95OXM4NjA2UlVVTWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5fJUD
BAC5fJYwDQQCAAIwBwMFAyoG7oAwDQYJKoZIhvcNAQELBQADggEBALvJ/ecsXbSQ
pS2987FJiajbZCD+7k6ILaCqtN+3ZcQjZunvDDGfDRV2UNDPwyh6mrB7vzXlvhQj
l1lZ+ZV1pnA0s+jl0StSJm8dk4YA6z4qnCKxMbyOulM0eD9F3dIArIL9+yGVy1K5
ZGcM40XCBkL/CBR8HY1P5voeP+JYF00ZtHOxLNWhDN7Y0tuOy+VF0flFiqqXNpx7
kXszOYHil/0X9NrCsva1BrOlKkQaIDF1ApeyfYC3MZDCpH9twRLifmqQuBcT6Eec
cJuYbvGSQ2f4zkKkLE/PwlgFe8aQ9xOl4nk3mTltKMk/vI8YOBHzPpN3emPEy0iA
/EBZ97Yzip0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:20 2023 by rpki-client on console-fra.rpki-client.org