Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/LtAZNVDjzhciPme4UmMOHpxApqc.roa
File: LtAZNVDjzhciPme4UmMOHpxApqc.roa (raw, json)
Hash identifier: /GuNN6AZzSFpachoCpMZ0r5dopibi+1G2Vjvakg/7fs=
Subject key identifier: 2E:D0:19:35:50:E3:CE:17:22:3E:67:B8:52:63:0E:1E:9C:40:A6:A7
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 0182E5A989AAC700E29DC4956A71FD3AF333
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/LtAZNVDjzhciPme4UmMOHpxApqc.roa
Signing time: Sun 28 Aug 2022 18:14:29 +0000
ROA not before: Sun 28 Aug 2022 18:14:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.149.0/24 maxlen: 24
185.124.151.0/24 maxlen: 32
185.124.148.0/24 maxlen: 32
185.124.150.0/24 maxlen: 24
185.235.141.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e5:a9:89:aa:c7:00:e2:9d:c4:95:6a:71:fd:3a:f3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Aug 28 18:14:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ed0193550e3ce17223e67b852630e1e9c40a6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:6e:03:d2:35:2c:e5:7c:3f:d9:e8:a7:57:
4c:33:ef:db:87:ba:5a:16:be:ea:81:35:1b:02:53:
c8:6a:02:ab:0c:c4:e6:55:87:c3:90:97:58:45:de:
21:0f:eb:d6:99:bb:df:90:b8:b3:bb:61:34:92:8a:
4e:43:23:eb:4c:d5:cf:65:7a:8c:61:4d:80:18:0f:
14:90:c5:18:81:9c:61:de:ab:54:b5:cd:15:9e:4e:
2a:5a:49:ad:f7:a7:33:0a:88:e2:62:67:39:75:34:
c7:d9:26:54:d9:df:2e:76:d0:50:08:3e:a5:7e:da:
82:2c:5e:34:55:bd:aa:ab:8f:9b:20:78:44:8d:4f:
05:39:4b:a2:cc:03:d0:2d:ef:4d:79:ae:9a:6d:8e:
fe:75:4d:e3:58:03:64:97:ac:4e:3c:ce:f4:e6:c4:
b9:1e:7a:77:41:1c:1e:9f:16:aa:9c:97:7c:f6:8e:
62:6b:d9:0a:51:6a:df:dd:b9:ec:a7:d1:fc:58:47:
d1:d8:19:c6:70:c7:d9:84:5c:fe:06:5f:f1:39:ed:
18:34:48:11:5c:d0:37:bd:77:d5:9b:4e:aa:2f:83:
af:6b:7e:96:80:2a:af:54:1f:90:eb:60:77:77:8c:
31:9a:58:9b:17:79:51:68:58:4a:be:53:8c:a3:c2:
d9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D0:19:35:50:E3:CE:17:22:3E:67:B8:52:63:0E:1E:9C:40:A6:A7
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/LtAZNVDjzhciPme4UmMOHpxApqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/22
185.235.141.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
a1:29:63:7f:74:11:f4:97:57:30:58:0d:a0:f4:e4:f5:de:31:
64:51:68:8a:6f:9e:57:8b:5a:4a:b5:28:5e:8a:f4:c9:6c:6e:
a6:46:fb:0f:84:a4:d5:be:0e:aa:35:d5:9d:1c:6f:67:4f:35:
60:67:9b:19:4d:5c:5a:47:a6:25:58:55:6f:3b:87:16:19:8a:
08:89:06:8d:1a:5b:12:50:1e:0e:94:7d:6d:e0:29:56:ae:c3:
c6:60:33:d6:d4:d6:da:b0:2b:7e:ff:da:2c:b6:32:85:df:65:
35:30:31:6e:5c:81:f7:c4:3c:43:e5:d8:7f:e1:43:62:f2:fa:
8a:d9:2c:af:26:2a:1b:c3:ce:a4:d0:42:13:e7:29:fb:2c:10:
fe:79:d8:64:1b:c2:4f:91:25:eb:2d:76:5b:9f:c7:76:03:9a:
f9:b5:df:3c:68:69:da:21:f6:e2:67:c6:b2:99:8e:cd:fc:ab:
84:36:af:d8:15:58:99:7f:14:67:27:72:55:e2:5b:78:6e:d7:
f2:da:38:60:c0:ff:42:00:f2:7a:07:7a:64:ec:d0:94:a2:2d:
f6:35:25:90:28:03:8b:e3:60:25:50:11:ed:69:86:5b:64:43:
22:68:e2:56:bc:3a:57:1e:2d:42:94:fa:f5:60:f5:9f:64:b4:
31:26:06:d0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYLlqYmqxwDincSVanH9OvMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIwODI4MTgxNDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQwMTkzNTUwZTNjZTE3MjIzZTY3Yjg1MjYzMGUxZTljNDBhNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwluA9I1LOV8P9nop1dMM+/bh7pa
Fr7qgTUbAlPIagKrDMTmVYfDkJdYRd4hD+vWmbvfkLizu2E0kopOQyPrTNXPZXqM
YU2AGA8UkMUYgZxh3qtUtc0Vnk4qWkmt96czCojiYmc5dTTH2SZU2d8udtBQCD6l
ftqCLF40Vb2qq4+bIHhEjU8FOUuizAPQLe9Nea6abY7+dU3jWANkl6xOPM705sS5
Hnp3QRwenxaqnJd89o5ia9kKUWrf3bnsp9H8WEfR2BnGcMfZhFz+Bl/xOe0YNEgR
XNA3vXfVm06qL4Ova36WgCqvVB+Q62B3d4wxmlibF3lRaFhKvlOMo8LZdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC7QGTVQ484XIj5nuFJjDh6cQKanMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvTHRBWk5WRGp6aGNpUG1lNFVtTU9IcHhBcHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXyUAwQA
ueuNMA0EAgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQChKWN/dBH0l1cw
WA2g9OT13jFkUWiKb55Xi1pKtSheivTJbG6mRvsPhKTVvg6qNdWdHG9nTzVgZ5sZ
TVxaR6YlWFVvO4cWGYoIiQaNGlsSUB4OlH1t4ClWrsPGYDPW1NbasCt+/9ostjKF
32U1MDFuXIH3xDxD5dh/4UNi8vqK2SyvJiobw86k0EIT5yn7LBD+edhkG8JPkSXr
LXZbn8d2A5r5td88aGnaIfbiZ8aymY7N/KuENq/YFViZfxRnJ3JV4lt4btfy2jhg
wP9CAPJ6B3pk7NCUoi32NSWQKAOL42AlUBHtaYZbZEMiaOJWvDpXHi1ClPr1YPWf
ZLQxJgbQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:20 2023 by rpki-client on console-fra.rpki-client.org