Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/7jvO9fi45Lqn3FctWwPRKtGwSJg.roa
File: 7jvO9fi45Lqn3FctWwPRKtGwSJg.roa (raw, json)
Hash identifier: iDG4hOHlWDHPqLi1vVc+Uc7m4gVQ07zHcYEvc5RJjz4=
Subject key identifier: EE:3B:CE:F5:F8:B8:E4:BA:A7:DC:57:2D:5B:03:D1:2A:D1:B0:48:98
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 01849E82641F148FC5E097F3C0A8B7CFEF0C
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/7jvO9fi45Lqn3FctWwPRKtGwSJg.roa
Signing time: Tue 22 Nov 2022 08:44:16 +0000
ROA not before: Tue 22 Nov 2022 08:44:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202196
IP address blocks: 185.150.60.0/22 maxlen: 22
185.150.60.0/23 maxlen: 23
185.150.60.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
185.150.62.0/24 maxlen: 24
185.150.62.0/23 maxlen: 23
185.150.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:82:64:1f:14:8f:c5:e0:97:f3:c0:a8:b7:cf:ef:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Nov 22 08:44:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee3bcef5f8b8e4baa7dc572d5b03d12ad1b04898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2e:6c:56:3f:b5:0d:43:cd:1e:4c:19:62:fb:
3e:bd:a6:fa:d4:4e:aa:73:aa:de:e1:19:ab:8f:ed:
bd:5a:ad:5b:7f:37:fe:7b:73:9c:d7:84:da:f9:ee:
a8:09:5e:66:7a:31:41:a0:79:96:34:8b:30:69:b6:
23:cd:37:50:6f:ec:56:ab:de:08:b0:b7:6e:6f:95:
3b:47:48:7d:4b:bc:a4:7f:11:9c:2c:90:c7:5f:e4:
45:b0:dc:78:6e:72:ac:b7:eb:f5:71:9f:b5:c7:1c:
10:1f:25:0c:36:be:df:aa:b3:9c:7a:40:99:7a:f1:
31:7c:98:7e:ff:e1:b4:1f:2a:98:5a:22:05:76:37:
98:23:e8:7d:34:ff:53:a4:c8:c0:e5:cc:86:09:d6:
ff:6e:1d:99:eb:fe:15:16:7f:6a:c7:ea:e8:6c:4a:
5f:e6:18:40:5f:01:c8:8f:f6:37:ea:0f:01:1e:1e:
3b:fd:39:28:83:98:7d:49:a6:47:0f:f5:58:0a:bd:
0b:0c:84:f8:aa:0f:f3:a5:24:38:79:a2:95:7d:37:
6d:dd:35:cf:99:49:da:2d:7c:92:f1:24:b9:36:4b:
70:a0:ec:6a:f9:dc:9e:1a:27:33:2e:14:2e:da:bb:
78:05:ee:f5:c4:6f:ae:5d:a0:70:97:a4:a5:8e:9a:
eb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3B:CE:F5:F8:B8:E4:BA:A7:DC:57:2D:5B:03:D1:2A:D1:B0:48:98
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/7jvO9fi45Lqn3FctWwPRKtGwSJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/22
Signature Algorithm: sha256WithRSAEncryption
77:ea:86:ab:d8:67:9d:68:30:e3:0f:64:2f:27:c5:8e:64:5c:
6e:1a:70:f1:7f:cb:a8:ed:dd:f5:af:33:cc:54:ce:16:1d:f7:
30:ac:c5:97:10:c6:a8:dd:9a:44:09:05:72:8f:dc:f5:0b:0e:
72:e4:f1:fa:00:4f:b3:40:35:64:eb:8b:87:0a:3b:bd:5a:18:
87:bc:c4:5c:06:6d:8a:c3:fa:b3:19:48:bc:ca:33:5f:41:4e:
b2:0c:15:59:75:72:96:d0:83:b6:35:83:c7:30:90:17:f3:05:
fa:80:b1:02:1c:12:ca:2b:77:b8:fb:d0:bd:3f:2e:4a:5f:e2:
b2:ad:5f:7b:c6:5f:f0:cb:55:e9:15:17:5f:7f:7f:6e:77:8f:
ed:8e:b3:ca:09:aa:67:d5:77:01:fe:d8:51:b9:80:5e:7c:4a:
24:b9:ad:34:75:6d:a1:d1:93:08:e5:df:7a:a3:cc:21:15:03:
e1:f7:8c:42:a9:d1:5d:99:74:f3:b7:73:ef:ed:19:9e:6a:cc:
4a:0f:9a:ea:e0:4b:bc:fb:bd:9d:a2:6a:ad:ae:d5:4b:10:f7:
10:92:b4:ef:95:5f:d2:40:14:15:e3:37:4c:48:63:01:90:73:
5a:e6:ff:00:18:a8:b3:da:fd:09:cd:30:ea:59:b0:22:06:23:
38:aa:be:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSegmQfFI/F4JfzwKi3z+8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjIxMTIyMDg0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNiY2VmNWY4YjhlNGJhYTdkYzU3MmQ1YjAzZDEyYWQxYjA0ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1C5sVj+1DUPNHkwZYvs+vab61E6q
c6re4Rmrj+29Wq1bfzf+e3Oc14Ta+e6oCV5mejFBoHmWNIswabYjzTdQb+xWq94I
sLdub5U7R0h9S7ykfxGcLJDHX+RFsNx4bnKst+v1cZ+1xxwQHyUMNr7fqrOcekCZ
evExfJh+/+G0HyqYWiIFdjeYI+h9NP9TpMjA5cyGCdb/bh2Z6/4VFn9qx+robEpf
5hhAXwHIj/Y36g8BHh47/Tkog5h9SaZHD/VYCr0LDIT4qg/zpSQ4eaKVfTdt3TXP
mUnaLXyS8SS5NktwoOxq+dyeGiczLhQu2rt4Be71xG+uXaBwl6SljprrBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO47zvX4uOS6p9xXLVsD0SrRsEiYMB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvN2p2TzlmaTQ1THFuM0ZjdFd3UFJLdEd3U0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZY8MA0G
CSqGSIb3DQEBCwUAA4IBAQB36oar2GedaDDjD2QvJ8WOZFxuGnDxf8uo7d31rzPM
VM4WHfcwrMWXEMao3ZpECQVyj9z1Cw5y5PH6AE+zQDVk64uHCju9WhiHvMRcBm2K
w/qzGUi8yjNfQU6yDBVZdXKW0IO2NYPHMJAX8wX6gLECHBLKK3e4+9C9Py5KX+Ky
rV97xl/wy1XpFRdff39ud4/tjrPKCapn1XcB/thRuYBefEokua00dW2h0ZMI5d96
o8whFQPh94xCqdFdmXTzt3Pv7RmeasxKD5rq4Eu8+72domqtrtVLEPcQkrTvlV/S
QBQV4zdMSGMBkHNa5v8AGKiz2v0JzTDqWbAiBiM4qr4W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org