Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/NRZ4-IzkF2DRp9RF2g-H4cX4vfk.roa
File: NRZ4-IzkF2DRp9RF2g-H4cX4vfk.roa (raw, json)
Hash identifier: xlMBbDbbdBm9t8ELORKAy+XT4EGO5WG2RGQ1q2d2C+8=
Subject key identifier: 35:16:78:F8:8C:E4:17:60:D1:A7:D4:45:DA:0F:87:E1:C5:F8:BD:F9
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 01851CF6D05F04E1A18EF136AD44D35CD882
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/NRZ4-IzkF2DRp9RF2g-H4cX4vfk.roa
Signing time: Fri 16 Dec 2022 22:03:35 +0000
ROA not before: Fri 16 Dec 2022 22:03:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1c:f6:d0:5f:04:e1:a1:8e:f1:36:ad:44:d3:5c:d8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Dec 16 22:03:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=351678f88ce41760d1a7d445da0f87e1c5f8bdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:86:c4:33:f2:30:ed:16:31:d7:47:62:d6:d0:
6d:3b:58:93:63:87:16:b7:1d:23:74:d9:e9:65:6c:
55:d8:2b:17:f4:66:e2:c1:59:7f:c4:f5:c1:07:09:
1b:a1:d3:d5:f9:db:5e:22:4c:2f:f5:14:ef:75:dc:
30:72:ec:37:8b:66:b3:5a:20:05:ed:ae:98:af:d7:
39:34:08:97:74:49:73:72:ca:28:38:e7:41:e5:87:
41:38:8d:a5:d2:3c:84:3f:8a:b8:ba:76:16:21:7f:
83:12:73:d1:0c:b6:7c:d3:f9:63:b1:5e:77:7f:5e:
a7:ee:56:b9:9f:c4:5a:a0:68:b2:02:98:81:5a:11:
98:63:fe:b2:cf:6e:40:cf:11:40:8e:59:fe:63:ff:
d6:17:0c:b7:81:58:63:8a:67:19:ea:15:81:06:31:
ec:27:6e:08:49:7a:0e:9a:15:c7:4b:6f:55:3b:f8:
11:d2:d5:54:c5:6c:26:44:36:dc:d3:c4:09:7d:34:
c0:ec:2a:a9:65:7f:f1:51:9d:03:ee:17:3b:e7:53:
92:09:d6:dd:f8:3a:1b:14:35:c5:78:5b:0d:21:03:
58:42:f3:76:bd:dc:cf:7b:ca:0d:cc:c8:eb:2e:6b:
7a:26:4a:5a:24:b4:59:46:92:5d:26:6d:6c:85:e8:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:16:78:F8:8C:E4:17:60:D1:A7:D4:45:DA:0F:87:E1:C5:F8:BD:F9
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/NRZ4-IzkF2DRp9RF2g-H4cX4vfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/24
185.124.150.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
47:c4:b9:26:89:a1:4a:68:04:98:59:31:25:ad:d8:74:db:d5:
7b:ad:7b:0a:70:84:7e:37:b2:b6:3f:b4:7c:eb:74:9c:9e:1a:
77:95:cf:82:b2:ab:87:7a:d7:35:30:0a:6b:df:9b:7a:01:9f:
21:35:88:a8:10:2f:11:d4:b0:fb:27:c1:9e:fc:4d:c4:3a:43:
53:50:e8:d8:c7:c7:2d:ff:de:89:a1:ef:dc:91:f6:61:34:24:
0d:dc:b0:b4:08:ad:18:48:27:86:18:2e:2e:87:a3:ae:1a:5d:
1e:59:32:d9:73:d5:74:1e:be:63:08:de:c0:93:f8:1d:59:91:
ef:e3:ef:96:d5:aa:ea:72:a1:0c:26:6f:80:73:2f:a3:58:be:
35:73:10:10:6a:3b:f0:63:88:13:29:db:22:9e:4f:0e:09:65:
7c:62:92:5a:2b:04:dd:28:31:01:3f:a7:ca:3c:37:26:e5:0f:
f6:aa:af:a1:8e:7b:4c:59:2e:ac:46:19:ea:ad:81:a4:bd:64:
4a:99:d1:74:a3:4b:8c:21:c3:83:56:ab:ef:5b:b7:dd:ef:04:
90:99:d5:4f:c6:32:f4:2e:f1:82:31:c9:bd:19:c1:63:af:92:
76:51:a6:40:31:fa:58:f5:b2:7d:40:06:00:41:41:76:e1:68:
ee:87:67:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUc9tBfBOGhjvE2rUTTXNiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIxMjE2MjIwMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE2NzhmODhjZTQxNzYwZDFhN2Q0NDVkYTBmODdlMWM1ZjhiZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4bEM/Iw7RYx10di1tBtO1iTY4cW
tx0jdNnpZWxV2CsX9GbiwVl/xPXBBwkbodPV+dteIkwv9RTvddwwcuw3i2azWiAF
7a6Yr9c5NAiXdElzcsooOOdB5YdBOI2l0jyEP4q4unYWIX+DEnPRDLZ80/ljsV53
f16n7la5n8RaoGiyApiBWhGYY/6yz25AzxFAjln+Y//WFwy3gVhjimcZ6hWBBjHs
J24ISXoOmhXHS29VO/gR0tVUxWwmRDbc08QJfTTA7CqpZX/xUZ0D7hc751OSCdbd
+DobFDXFeFsNIQNYQvN2vdzPe8oNzMjrLmt6JkpaJLRZRpJdJm1shei2vQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDUWePiM5Bdg0afURdoPh+HF+L35MB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvTlJaNC1JemtGMkRScDlSRjJnLUg0Y1g0dmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXyUAwQA
uXyWMA0EAgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQBHxLkmiaFKaASY
WTElrdh029V7rXsKcIR+N7K2P7R863Scnhp3lc+CsquHetc1MApr35t6AZ8hNYio
EC8R1LD7J8Ge/E3EOkNTUOjYx8ct/96Joe/ckfZhNCQN3LC0CK0YSCeGGC4uh6Ou
Gl0eWTLZc9V0Hr5jCN7Ak/gdWZHv4++W1arqcqEMJm+Acy+jWL41cxAQajvwY4gT
Kdsink8OCWV8YpJaKwTdKDEBP6fKPDcm5Q/2qq+hjntMWS6sRhnqrYGkvWRKmdF0
o0uMIcODVqvvW7fd7wSQmdVPxjL0LvGCMcm9GcFjr5J2UaZAMfpY9bJ9QAYAQUF2
4Wjuh2d5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org