Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/KJMZUGaGKa8Jo3yJ8u6334xuy4A.roa
File: KJMZUGaGKa8Jo3yJ8u6334xuy4A.roa (raw, json)
Hash identifier: HsQOC4r64MKTZIahBtF83VBygbSz6XCTQ5PZGLC4LLs=
Subject key identifier: 28:93:19:50:66:86:29:AF:09:A3:7C:89:F2:EE:B7:DF:8C:6E:CB:80
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 01834D2708657FA273FED2D8647F879C8060
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/KJMZUGaGKa8Jo3yJ8u6334xuy4A.roa
Signing time: Sat 17 Sep 2022 20:32:26 +0000
ROA not before: Sat 17 Sep 2022 20:32:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:4d:27:08:65:7f:a2:73:fe:d2:d8:64:7f:87:9c:80:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Sep 17 20:32:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28931950668629af09a37c89f2eeb7df8c6ecb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:eb:a9:d4:92:95:df:ef:19:9f:38:6b:45:d3:
39:e3:19:54:f4:98:aa:82:68:dc:ed:49:f0:a0:2f:
03:bf:99:3c:28:40:f4:06:8b:79:eb:07:c1:df:65:
86:c3:bb:bd:0f:53:7b:84:15:5a:8f:5d:d4:56:c9:
fc:be:6e:67:77:82:a0:77:02:2f:f3:44:94:a0:95:
1c:22:b7:f6:e6:53:85:cc:55:cb:87:49:28:3d:41:
a3:a0:d2:cb:6f:68:5d:bf:80:d7:42:d8:8e:93:27:
78:69:3e:d4:55:9f:9a:f1:61:52:60:d5:e5:3c:0f:
e0:11:df:3f:dd:df:1a:47:08:a6:b2:ec:9a:bf:88:
2e:f5:98:1b:17:c1:8f:24:84:a6:41:bb:6f:06:63:
2f:7b:46:3c:f6:65:77:43:59:c0:61:01:4b:9e:29:
e5:f9:68:4f:81:aa:95:24:3b:36:de:cc:43:b0:1d:
81:d3:a6:ee:a6:89:37:13:f2:bd:97:94:ae:10:48:
eb:04:c3:96:76:67:fa:c3:61:65:7a:fd:19:9f:a7:
58:4d:3c:d3:3f:ab:95:f1:1d:21:e1:26:92:61:05:
26:67:93:a9:10:b5:8e:a3:10:45:0d:8f:32:9d:38:
9a:e5:9f:f3:ab:b2:d9:ad:5b:d7:68:fa:2a:05:30:
07:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:93:19:50:66:86:29:AF:09:A3:7C:89:F2:EE:B7:DF:8C:6E:CB:80
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/KJMZUGaGKa8Jo3yJ8u6334xuy4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.149.0-185.124.150.255
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
4c:da:fb:2d:32:b4:a6:6b:da:91:44:ad:c7:44:4f:f9:92:bb:
d7:c6:37:4a:79:b5:4b:59:99:1b:74:76:35:e0:51:87:3e:83:
27:0c:5b:a2:13:c8:86:28:b7:b4:77:09:e2:a5:1b:6e:6f:a6:
dc:da:9f:4a:3c:7f:8c:51:02:7b:fb:61:f3:f2:32:32:f0:5e:
7f:1d:e1:ae:d6:b4:49:7e:e4:83:9e:26:84:b0:f3:cb:a1:dd:
d3:04:fd:14:2d:32:c1:91:a6:d7:eb:e2:6a:44:78:db:47:11:
6b:7c:26:5f:75:e2:35:94:c3:44:19:ad:60:2c:8c:7f:85:6c:
c0:7d:a5:27:1d:84:4e:3c:e8:47:ba:26:bf:43:54:89:2f:9c:
17:40:b5:d7:74:3c:2e:9c:96:e5:0e:c5:cc:8c:aa:0f:09:09:
68:d9:18:a9:b5:5c:e0:99:79:bf:b5:d8:b5:42:cb:76:28:92:
7b:20:f8:c5:c7:f8:67:f9:ad:bd:25:a7:9e:0e:fb:80:08:42:
5a:ae:15:8d:f5:4f:49:7a:81:f2:ed:27:5f:57:dc:f2:32:4c:
db:76:26:79:50:66:8a:fc:90:aa:aa:3a:73:6c:77:a4:c4:81:
c4:6f:a0:6e:90:0b:fd:2a:3a:76:5c:8b:a1:be:40:f3:5d:ed:
90:84:0c:9c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYNNJwhlf6Jz/tLYZH+HnIBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIwOTE3MjAzMjI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkzMTk1MDY2ODYyOWFmMDlhMzdjODlmMmVlYjdkZjhjNmVjYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOup1JKV3+8ZnzhrRdM54xlU9Jiq
gmjc7UnwoC8Dv5k8KED0Bot56wfB32WGw7u9D1N7hBVaj13UVsn8vm5nd4KgdwIv
80SUoJUcIrf25lOFzFXLh0koPUGjoNLLb2hdv4DXQtiOkyd4aT7UVZ+a8WFSYNXl
PA/gEd8/3d8aRwimsuyav4gu9ZgbF8GPJISmQbtvBmMve0Y89mV3Q1nAYQFLninl
+WhPgaqVJDs23sxDsB2B06bupok3E/K9l5SuEEjrBMOWdmf6w2Flev0Zn6dYTTzT
P6uV8R0h4SaSYQUmZ5OpELWOoxBFDY8ynTia5Z/zq7LZrVvXaPoqBTAHwQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCiTGVBmhimvCaN8ifLut9+MbsuAMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvS0pNWlVHYUdLYThKbzN5Sjh1NjMzNHh1eTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5fJUD
BAC5fJYwDQQCAAIwBwMFAyoG7oAwDQYJKoZIhvcNAQELBQADggEBAEza+y0ytKZr
2pFErcdET/mSu9fGN0p5tUtZmRt0djXgUYc+gycMW6ITyIYot7R3CeKlG25vptza
n0o8f4xRAnv7YfPyMjLwXn8d4a7WtEl+5IOeJoSw88uh3dME/RQtMsGRptfr4mpE
eNtHEWt8Jl914jWUw0QZrWAsjH+FbMB9pScdhE486Ee6Jr9DVIkvnBdAtdd0PC6c
luUOxcyMqg8JCWjZGKm1XOCZeb+12LVCy3Yoknsg+MXH+Gf5rb0lp54O+4AIQlqu
FY31T0l6gfLtJ19X3PIyTNt2JnlQZor8kKqqOnNsd6TEgcRvoG6QC/0qOnZci6G+
QPNd7ZCEDJw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:20 2023 by rpki-client on console-fra.rpki-client.org