Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/VlaMH8k0LvPb0_2lUQX4-400rkI.roa
File: VlaMH8k0LvPb0_2lUQX4-400rkI.roa (raw, json)
Hash identifier: 1KUCv1lOzs3B5gz1Doiu8dwpN2z/vc141acHfLQjQLo=
Subject key identifier: 56:56:8C:1F:C9:34:2E:F3:DB:D3:FD:A5:51:05:F8:FB:8D:34:AE:42
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 0182E90C343AFA10B06DC57A6C99B556828F
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/VlaMH8k0LvPb0_2lUQX4-400rkI.roa
Signing time: Mon 29 Aug 2022 10:01:07 +0000
ROA not before: Mon 29 Aug 2022 10:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
185.235.141.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e9:0c:34:3a:fa:10:b0:6d:c5:7a:6c:99:b5:56:82:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Aug 29 10:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56568c1fc9342ef3dbd3fda55105f8fb8d34ae42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4c:5f:d0:a4:a9:62:72:80:10:c3:22:b2:8e:
88:30:ad:43:23:50:6c:72:33:a3:c2:13:ff:7a:99:
2d:ec:2a:7e:fd:19:52:33:17:a5:2e:a8:53:e2:e2:
c0:54:14:1b:0a:a0:cd:ca:44:fd:1f:7d:39:75:35:
68:5d:68:f9:2c:2d:86:0c:ef:1a:a8:18:5b:41:5d:
22:14:7d:b5:0a:74:59:f0:b9:e2:7b:d5:dc:50:4f:
72:67:d9:54:5d:70:0c:73:8f:5d:4a:42:b5:b5:a4:
89:49:0c:38:16:c1:fd:ff:3a:a1:2c:61:48:43:87:
a7:a2:10:1b:c3:a1:e7:85:33:fa:54:80:b4:98:48:
ca:e8:ad:04:9a:ed:1f:11:b5:a9:42:02:9d:21:7b:
db:75:5c:52:b7:5f:fa:7f:13:d8:e9:69:e4:1b:23:
c8:f8:c7:07:e2:84:97:63:15:d2:76:44:d9:c0:2e:
66:a5:f7:b9:9b:21:cc:6e:48:b2:8c:d7:99:49:dc:
a0:5f:1f:7a:1a:06:07:ec:44:34:b6:5b:ac:20:53:
e6:0c:68:b8:ea:fb:61:72:f8:e5:98:51:ba:3b:4b:
5a:8f:a3:41:a0:e9:dd:47:8e:95:50:94:ee:d5:1a:
2d:95:d7:79:13:68:df:b6:c0:c9:b6:5d:8e:4e:79:
6d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:56:8C:1F:C9:34:2E:F3:DB:D3:FD:A5:51:05:F8:FB:8D:34:AE:42
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/VlaMH8k0LvPb0_2lUQX4-400rkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.149.0-185.124.150.255
185.235.141.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
7c:25:d7:44:80:1f:67:3d:8d:2c:af:0a:6d:bc:02:dd:e6:bc:
f6:01:f1:26:67:60:15:14:dd:d0:b2:f2:30:73:0e:90:6a:f2:
24:be:49:dc:19:d9:1f:b8:21:97:7d:58:dd:59:ac:ec:27:18:
d1:ba:3f:1c:74:96:29:46:91:dc:e1:c4:91:2b:db:ef:16:c2:
4f:da:e5:98:1e:ee:8b:26:c0:45:57:fc:3a:a3:2a:c1:15:2a:
75:61:4b:cd:8d:46:a4:91:44:d6:7e:ed:8b:04:4f:62:76:f9:
05:64:f8:8e:59:7b:b5:4e:a0:83:50:d9:86:b4:be:94:d5:66:
d1:74:41:73:01:5c:6c:85:64:1b:ee:f7:f9:78:bd:e0:bd:ab:
47:c0:fb:a0:03:f9:72:b0:f5:00:a7:70:1a:87:07:a5:1b:28:
d8:fe:63:cc:7f:47:d4:29:0a:66:93:5d:d0:4b:9e:5a:f3:a5:
08:83:3a:ca:fe:f6:fb:90:cf:3b:61:c0:fb:fd:fb:f5:19:b9:
45:31:24:bb:23:7b:3a:73:f5:5a:2e:b9:23:c0:98:9e:02:c6:
23:bf:71:cb:56:90:1c:c0:76:2e:b4:1c:22:70:09:11:e0:36:
49:a1:d6:27:e6:ca:4d:1b:50:69:2b:37:db:0a:fc:24:f2:2b:
35:73:24:81
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYLpDDQ6+hCwbcV6bJm1VoKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIwODI5MTAwMTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjU2OGMxZmM5MzQyZWYzZGJkM2ZkYTU1MTA1ZjhmYjhkMzRhZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkxf0KSpYnKAEMMiso6IMK1DI1Bs
cjOjwhP/epkt7Cp+/RlSMxelLqhT4uLAVBQbCqDNykT9H305dTVoXWj5LC2GDO8a
qBhbQV0iFH21CnRZ8Lnie9XcUE9yZ9lUXXAMc49dSkK1taSJSQw4FsH9/zqhLGFI
Q4enohAbw6HnhTP6VIC0mEjK6K0Emu0fEbWpQgKdIXvbdVxSt1/6fxPY6WnkGyPI
+McH4oSXYxXSdkTZwC5mpfe5myHMbkiyjNeZSdygXx96GgYH7EQ0tlusIFPmDGi4
6vthcvjlmFG6O0taj6NBoOndR46VUJTu1Rotldd5E2jftsDJtl2OTnltRQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFZWjB/JNC7z29P9pVEF+PuNNK5CMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvVmxhTUg4azBMdlBiMF8ybFVRWDQtNDAwcmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5fJUD
BAC5fJYDBAC5640wDQQCAAIwBwMFAyoG7oAwDQYJKoZIhvcNAQELBQADggEBAHwl
10SAH2c9jSyvCm28At3mvPYB8SZnYBUU3dCy8jBzDpBq8iS+SdwZ2R+4IZd9WN1Z
rOwnGNG6Pxx0lilGkdzhxJEr2+8Wwk/a5Zge7osmwEVX/DqjKsEVKnVhS82NRqSR
RNZ+7YsET2J2+QVk+I5Ze7VOoINQ2Ya0vpTVZtF0QXMBXGyFZBvu9/l4veC9q0fA
+6AD+XKw9QCncBqHB6UbKNj+Y8x/R9QpCmaTXdBLnlrzpQiDOsr+9vuQzzthwPv9
+/UZuUUxJLsjezpz9VouuSPAmJ4CxiO/cctWkBzAdi60HCJwCRHgNkmh1ifmyk0b
UGkrN9sK/CTyKzVzJIE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:20 2023 by rpki-client on console-fra.rpki-client.org