Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/ztB3LauzU2m_aZzckRHIKZoA8nY.roa
File: ztB3LauzU2m_aZzckRHIKZoA8nY.roa (raw, json)
Hash identifier: YvR2Y0E+SutbSPRz+qYVp5nvV1wq6X24lHZNYcUlPIU=
Subject key identifier: CE:D0:77:2D:AB:B3:53:69:BF:69:9C:DC:91:11:C8:29:9A:00:F2:76
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 01831C8D442CD653545ADA911A3CCD6B5A44
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/ztB3LauzU2m_aZzckRHIKZoA8nY.roa
Signing time: Thu 08 Sep 2022 10:02:43 +0000
ROA not before: Thu 08 Sep 2022 10:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
185.124.151.0/24 maxlen: 24
185.235.141.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:8d:44:2c:d6:53:54:5a:da:91:1a:3c:cd:6b:5a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Sep 8 10:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ced0772dabb35369bf699cdc9111c8299a00f276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c9:99:db:46:40:79:7a:39:18:c3:ea:d9:dd:
35:c3:ae:a5:e9:78:7f:8b:da:4e:d8:5b:fe:31:a1:
89:43:aa:fc:4c:1b:57:e7:f2:9a:c5:96:c6:65:46:
23:6a:ef:8e:58:00:ec:4d:e9:8d:13:ff:c9:37:06:
46:6d:64:32:87:34:f1:d5:a2:25:67:ba:67:bb:03:
03:54:91:d0:83:d9:bc:74:00:ae:8c:21:f9:0e:1c:
b7:9d:7f:63:f7:fe:f3:60:6c:43:3d:28:37:c5:b8:
67:c8:51:af:85:db:a3:51:9f:b5:ae:8f:f3:6e:ad:
83:de:6d:25:77:c0:b4:6e:49:61:df:d8:22:43:52:
15:cc:e3:1e:cb:9a:6d:f4:75:e8:b6:05:7b:fc:6c:
17:1b:6e:28:1c:5b:88:ec:f7:48:f0:b2:ec:45:fe:
c3:15:6a:7c:dc:02:8f:3e:1a:42:40:e4:d4:fd:ac:
3b:f3:13:d2:ba:20:be:34:1b:cd:36:9c:f0:1a:1a:
18:54:9c:69:65:f6:d1:15:3c:16:b1:07:5b:48:6b:
67:28:2f:46:40:17:5e:b7:2d:ee:8c:94:5f:b4:7e:
c3:21:c8:ab:b3:a4:9b:f7:69:cb:e2:ec:28:83:b8:
bf:b7:37:6b:96:5a:e7:b6:21:6d:9f:ad:32:8c:37:
ca:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D0:77:2D:AB:B3:53:69:BF:69:9C:DC:91:11:C8:29:9A:00:F2:76
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/ztB3LauzU2m_aZzckRHIKZoA8nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/22
185.235.141.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
6c:f4:ec:0e:9f:70:90:96:6c:36:b7:fa:be:c4:af:9d:0a:76:
28:fd:64:54:1c:8d:d0:42:54:ec:58:cf:d5:16:8b:65:f1:e8:
a0:1e:6c:1c:ed:a8:ae:dc:71:e2:4a:2e:f0:1b:ba:01:e7:28:
19:94:91:dc:a7:ef:bd:b4:95:01:b2:8c:53:76:82:d9:54:6f:
6b:db:3a:16:77:86:0d:27:01:eb:ee:c8:49:4c:14:fe:ec:ea:
e5:18:08:28:90:5b:4e:f0:e4:aa:90:5f:d1:00:a8:06:01:37:
ad:0b:50:33:8e:9a:7d:d0:15:1c:c9:cd:bd:cc:6f:bf:1e:c1:
19:72:29:21:08:16:a1:1b:25:1f:2f:80:eb:07:b3:91:80:d4:
29:7e:cd:78:72:d5:73:a2:8e:fb:d9:15:6a:bb:6c:f6:68:53:
a3:2c:65:74:dd:1f:f5:60:a0:5d:a4:99:90:6e:58:f9:05:a4:
95:9c:01:15:3a:80:9d:f6:9c:0c:30:6f:11:30:7a:47:fe:78:
5a:3f:20:c1:2c:25:a0:61:26:23:a6:fa:0d:c8:ba:03:ae:ac:
fa:b2:02:a8:ab:98:56:55:f6:b5:1c:4f:25:7f:47:6e:24:f6:
8d:89:38:ee:b3:23:e8:0a:cf:96:b8:34:c2:58:e1:1a:dc:1d:
35:bd:1a:23
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYMcjUQs1lNUWtqRGjzNa1pEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjIwOTA4MTAwMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQwNzcyZGFiYjM1MzY5YmY2OTljZGM5MTExYzgyOTlhMDBmMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8mZ20ZAeXo5GMPq2d01w66l6Xh/
i9pO2Fv+MaGJQ6r8TBtX5/KaxZbGZUYjau+OWADsTemNE//JNwZGbWQyhzTx1aIl
Z7pnuwMDVJHQg9m8dACujCH5Dhy3nX9j9/7zYGxDPSg3xbhnyFGvhdujUZ+1ro/z
bq2D3m0ld8C0bklh39giQ1IVzOMey5pt9HXotgV7/GwXG24oHFuI7PdI8LLsRf7D
FWp83AKPPhpCQOTU/aw78xPSuiC+NBvNNpzwGhoYVJxpZfbRFTwWsQdbSGtnKC9G
QBdety3ujJRftH7DIcirs6Sb92nL4uwog7i/tzdrllrntiFtn60yjDfKBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM7Qdy2rs1Npv2mc3JERyCmaAPJ2MB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvenRCM0xhdXpVMm1fYVp6Y2tSSElLWm9BOG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXyUAwQA
ueuNMA0EAgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQBs9OwOn3CQlmw2
t/q+xK+dCnYo/WRUHI3QQlTsWM/VFotl8eigHmwc7aiu3HHiSi7wG7oB5ygZlJHc
p++9tJUBsoxTdoLZVG9r2zoWd4YNJwHr7shJTBT+7OrlGAgokFtO8OSqkF/RAKgG
ATetC1Azjpp90BUcyc29zG+/HsEZcikhCBahGyUfL4DrB7ORgNQpfs14ctVzoo77
2RVqu2z2aFOjLGV03R/1YKBdpJmQblj5BaSVnAEVOoCd9pwMMG8RMHpH/nhaPyDB
LCWgYSYjpvoNyLoDrqz6sgKoq5hWVfa1HE8lf0duJPaNiTjusyPoCs+WuDTCWOEa
3B01vRoj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:20 2023 by rpki-client on console-fra.rpki-client.org