Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/kREoEK1xaA4NXv5b0KJiMc4DCcA.roa
File: kREoEK1xaA4NXv5b0KJiMc4DCcA.roa (raw, json)
Hash identifier: If7lVxfMcozf3jnqG+pGhTiHVP+oS5Qr8Oi9IPVzwsE=
Subject key identifier: 91:11:28:10:AD:71:68:0E:0D:5E:FE:5B:D0:A2:62:31:CE:03:09:C0
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 0183B228BACB7C5C31C09C0D2497A8C4B9A6
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/kREoEK1xaA4NXv5b0KJiMc4DCcA.roa
Signing time: Fri 07 Oct 2022 11:15:57 +0000
ROA not before: Fri 07 Oct 2022 11:15:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
185.124.151.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:28:ba:cb:7c:5c:31:c0:9c:0d:24:97:a8:c4:b9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Oct 7 11:15:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91112810ad71680e0d5efe5bd0a26231ce0309c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:19:a9:6e:64:f8:54:39:79:45:13:c2:39:62:
c5:4e:ec:b4:ea:5e:09:24:5d:09:e1:d5:4e:92:30:
c0:e8:fe:7b:43:57:5f:d3:ef:24:9d:f0:45:e0:86:
5e:20:7b:1d:1c:c6:88:1f:77:e7:db:ec:80:2f:68:
e6:ac:cd:7c:c6:9a:fd:e7:99:fc:49:dd:07:e1:94:
97:3a:0d:e3:db:b3:c8:d8:26:01:c1:68:3e:b3:b3:
ad:ba:1f:ae:c6:c0:7c:2e:a0:f3:f1:1b:49:63:a5:
cc:a4:66:8a:52:9a:49:b3:f7:1e:b7:2f:c8:dc:bc:
d3:58:e7:f7:cc:b6:f8:5c:84:5f:a7:9c:04:7d:f7:
ec:07:51:fa:ab:7a:6d:c9:e0:3d:ad:71:70:f4:f3:
26:11:ac:e3:c8:b7:3a:e0:e9:8e:13:fa:25:6f:14:
98:c6:11:6b:09:99:5b:90:bb:10:61:3d:4f:2b:38:
b7:c1:46:6f:a7:ac:d9:01:ff:26:94:d6:03:c1:9d:
49:28:78:f5:86:63:80:8e:a9:f5:01:12:c7:0f:c8:
a8:e4:4b:e7:00:fa:6f:2b:94:a9:f4:87:37:57:de:
15:67:60:42:ad:c1:b4:c9:82:11:cf:57:28:7d:72:
0b:14:7c:b3:da:ec:e7:fc:6c:eb:ef:0d:a7:9f:87:
78:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:11:28:10:AD:71:68:0E:0D:5E:FE:5B:D0:A2:62:31:CE:03:09:C0
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/kREoEK1xaA4NXv5b0KJiMc4DCcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/22
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
8d:82:26:3d:45:c5:90:09:c0:5f:c7:1d:85:77:0d:e8:72:e2:
93:ed:e6:70:ea:29:46:e4:f7:07:86:6e:33:e3:4a:1f:cd:56:
9c:37:c6:63:af:b2:a2:b5:05:2b:ee:52:ea:36:da:3c:6c:ff:
52:c7:bc:45:0e:18:3f:72:67:a5:71:1e:d8:0c:f5:92:c7:93:
e5:53:13:65:9e:e1:b7:96:a1:8b:4b:7d:4c:91:1e:e3:50:8b:
79:02:3d:ab:37:96:14:af:7e:f6:38:47:26:75:9e:6e:da:a8:
91:db:30:21:21:9e:ef:71:79:d7:b2:96:cc:39:b8:fe:b1:a9:
66:de:f4:6f:f5:0e:a8:f6:a3:0d:c9:61:6d:97:09:d3:66:13:
fc:75:64:75:3f:ca:46:3f:5e:91:77:79:41:b2:80:dc:72:a4:
82:46:e0:07:22:c1:cb:73:51:3f:36:27:be:2c:a2:e0:c3:09:
cc:37:f1:c2:3a:29:76:c7:2e:27:c4:c2:3f:60:67:6c:e5:a3:
df:59:62:1f:9d:a2:e9:ac:30:b9:89:eb:04:76:77:ae:8e:95:
a8:23:1d:cb:4d:6c:02:08:8a:40:49:08:6a:8c:a2:a8:3b:d3:
67:dc:41:17:e5:d8:f7:b6:dd:dd:67:7a:7d:dd:61:f9:54:d3:
e7:09:79:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOyKLrLfFwxwJwNJJeoxLmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIxMDA3MTExNTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTExMjgxMGFkNzE2ODBlMGQ1ZWZlNWJkMGEyNjIzMWNlMDMwOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxmpbmT4VDl5RRPCOWLFTuy06l4J
JF0J4dVOkjDA6P57Q1df0+8knfBF4IZeIHsdHMaIH3fn2+yAL2jmrM18xpr955n8
Sd0H4ZSXOg3j27PI2CYBwWg+s7Otuh+uxsB8LqDz8RtJY6XMpGaKUppJs/cety/I
3LzTWOf3zLb4XIRfp5wEfffsB1H6q3ptyeA9rXFw9PMmEazjyLc64OmOE/olbxSY
xhFrCZlbkLsQYT1PKzi3wUZvp6zZAf8mlNYDwZ1JKHj1hmOAjqn1ARLHD8io5Evn
APpvK5Sp9Ic3V94VZ2BCrcG0yYIRz1cofXILFHyz2uzn/Gzr7w2nn4d4cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJERKBCtcWgODV7+W9CiYjHOAwnAMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEva1JFb0VLMXhhQTROWHY1YjBLSmlNYzREQ2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXyUMA0E
AgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQCNgiY9RcWQCcBfxx2Fdw3o
cuKT7eZw6ilG5PcHhm4z40ofzVacN8Zjr7KitQUr7lLqNto8bP9Sx7xFDhg/cmel
cR7YDPWSx5PlUxNlnuG3lqGLS31MkR7jUIt5Aj2rN5YUr372OEcmdZ5u2qiR2zAh
IZ7vcXnXspbMObj+salm3vRv9Q6o9qMNyWFtlwnTZhP8dWR1P8pGP16Rd3lBsoDc
cqSCRuAHIsHLc1E/Nie+LKLgwwnMN/HCOil2xy4nxMI/YGds5aPfWWIfnaLprDC5
iesEdneujpWoIx3LTWwCCIpASQhqjKKoO9Nn3EEX5dj3tt3dZ3p93WH5VNPnCXmS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:06 2024 by rpki-client on console-fra.rpki-client.org