Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/F2_LU3rt6HGnAnhruVHHmWUVBR0.roa
File: F2_LU3rt6HGnAnhruVHHmWUVBR0.roa (raw, json)
Hash identifier: lsk4risfE6gm4TzR0PKzlAh/10iACLCyFYKiPFxL4x0=
Subject key identifier: 17:6F:CB:53:7A:ED:E8:71:A7:02:78:6B:B9:51:C7:99:65:15:05:1D
Certificate issuer: /CN=3fd4d2fdbee3aa3e121428ea7050c9439d8886a9
Certificate serial: 01856C1371EC69C1DC25DBE1F87E5CECE312
Authority key identifier: 3F:D4:D2:FD:BE:E3:AA:3E:12:14:28:EA:70:50:C9:43:9D:88:86:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/F2_LU3rt6HGnAnhruVHHmWUVBR0.roa
Signing time: Sun 01 Jan 2023 06:44:51 +0000
ROA not before: Sun 01 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50254
IP address blocks: 185.145.124.0/22 maxlen: 22
185.145.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:71:ec:69:c1:dc:25:db:e1:f8:7e:5c:ec:e3:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd4d2fdbee3aa3e121428ea7050c9439d8886a9
Validity
Not Before: Jan 1 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=176fcb537aede871a702786bb951c7996515051d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8f:e1:ac:a8:07:fd:0e:c9:55:98:62:5c:a5:
69:92:90:77:f8:90:76:ce:13:96:e2:be:19:d4:f1:
9b:80:17:67:f1:b3:14:45:8a:12:d3:68:88:58:0d:
ba:83:41:a3:41:d4:fd:63:ac:4e:e1:92:52:27:b7:
2b:65:b9:32:4b:40:1a:ae:d4:6a:9f:b0:07:f6:42:
31:18:73:27:3e:49:db:a3:b7:d8:6e:d2:d1:a0:41:
33:cd:ad:d8:20:56:95:fc:b8:fc:f8:3d:95:0f:c2:
b9:c8:9f:e3:44:80:88:2a:d8:e2:d8:9f:50:7b:47:
45:7d:b5:32:cf:b4:d4:af:c4:e3:25:ea:19:05:37:
a9:16:17:2a:3f:b5:4e:f3:c0:8f:c3:cd:04:50:2b:
57:58:90:1d:1c:f7:ba:88:a0:57:25:ae:d1:64:17:
c3:5a:84:29:69:67:5c:62:70:6e:2d:0d:53:be:28:
a8:d5:df:81:5a:5e:52:03:60:cb:ca:90:f6:d4:48:
a7:96:34:9c:f7:9d:86:e4:81:b2:a3:dc:c5:bc:f2:
a7:cd:46:18:1d:ea:f3:2e:f1:03:e8:e0:e3:ba:54:
60:8a:59:ee:de:7f:d0:eb:dd:64:82:db:06:e7:72:
9d:ec:53:b9:77:37:2f:5b:96:6f:df:3a:63:38:0e:
ff:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6F:CB:53:7A:ED:E8:71:A7:02:78:6B:B9:51:C7:99:65:15:05:1D
X509v3 Authority Key Identifier:
keyid:3F:D4:D2:FD:BE:E3:AA:3E:12:14:28:EA:70:50:C9:43:9D:88:86:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/F2_LU3rt6HGnAnhruVHHmWUVBR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:9a:1d:2d:5b:c7:97:b0:d6:bf:ab:37:3f:cb:3d:49:45:68:
42:04:11:34:57:67:6f:fd:c0:3a:03:5e:84:11:2a:2e:07:8b:
d3:f4:63:dd:3a:53:77:2d:5d:f4:17:2b:6a:84:4e:55:f2:1c:
e5:46:89:f3:0a:5d:41:e7:05:f9:d3:14:c4:a0:4a:ba:aa:23:
5d:10:83:33:55:3c:16:5d:c4:85:bd:0f:45:f0:cf:ee:f1:af:
85:b2:36:41:97:91:21:bb:c9:ee:c4:0a:6d:72:98:bc:26:1d:
c8:60:a1:99:23:be:b6:d6:b7:e6:00:08:06:32:65:05:74:b5:
b5:63:ef:23:f8:96:58:86:80:05:39:39:cc:2a:90:59:58:ba:
e1:cc:9f:28:b8:84:80:43:5d:ea:67:2b:ec:83:30:99:b2:86:
02:2b:82:e7:c9:91:54:1b:1f:0f:fe:0e:72:cb:74:c1:ad:b0:
11:51:13:02:fe:60:66:42:7f:02:1a:e9:27:c3:bc:b5:fe:4d:
44:7d:d6:c7:80:40:6f:43:2a:9c:12:95:8c:ba:95:e8:e5:d2:
bf:a3:6e:ec:84:d3:e8:ea:3a:ae:ba:c5:21:a5:85:46:4a:01:
7e:c3:33:b8:e6:1d:40:08:6a:a1:f6:aa:e7:61:f2:8c:5c:10:
6c:f8:75:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE3HsacHcJdvh+H5c7OMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDRkMmZkYmVlM2FhM2UxMjE0MjhlYTcwNTBjOTQzOWQ4
ODg2YTkwHhcNMjMwMTAxMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZmY2I1MzdhZWRlODcxYTcwMjc4NmJiOTUxYzc5OTY1MTUwNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4/hrKgH/Q7JVZhiXKVpkpB3+JB2
zhOW4r4Z1PGbgBdn8bMURYoS02iIWA26g0GjQdT9Y6xO4ZJSJ7crZbkyS0AartRq
n7AH9kIxGHMnPknbo7fYbtLRoEEzza3YIFaV/Lj8+D2VD8K5yJ/jRICIKtji2J9Q
e0dFfbUyz7TUr8TjJeoZBTepFhcqP7VO88CPw80EUCtXWJAdHPe6iKBXJa7RZBfD
WoQpaWdcYnBuLQ1Tviio1d+BWl5SA2DLypD21EinljSc952G5IGyo9zFvPKnzUYY
HerzLvED6ODjulRgilnu3n/Q691kgtsG53Kd7FO5dzcvW5Zv3zpjOA7/nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdvy1N67ehxpwJ4a7lRx5llFQUdMB8GA1UdIwQY
MBaAFD/U0v2+46o+EhQo6nBQyUOdiIapMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlUU19iN2pxajRTRkNqcWNGREpRNTJJaHFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NmI2OTItNGJiMy00NzNlLTk0MTMt
NjI2MWU1YjFmYzIwLzEvRjJfTFUzcnQ2SEduQW5ocnVWSEhtV1VWQlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NmI2OTItNGJiMy00NzNlLTk0MTMtNjI2MWU1YjFmYzIw
LzEvUDlUU19iN2pxajRTRkNqcWNGREpRNTJJaHFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZF8MA0G
CSqGSIb3DQEBCwUAA4IBAQChmh0tW8eXsNa/qzc/yz1JRWhCBBE0V2dv/cA6A16E
ESouB4vT9GPdOlN3LV30FytqhE5V8hzlRonzCl1B5wX50xTEoEq6qiNdEIMzVTwW
XcSFvQ9F8M/u8a+FsjZBl5Ehu8nuxAptcpi8Jh3IYKGZI7621rfmAAgGMmUFdLW1
Y+8j+JZYhoAFOTnMKpBZWLrhzJ8ouISAQ13qZyvsgzCZsoYCK4LnyZFUGx8P/g5y
y3TBrbARURMC/mBmQn8CGuknw7y1/k1EfdbHgEBvQyqcEpWMupXo5dK/o27shNPo
6jquusUhpYVGSgF+wzO45h1ACGqh9qrnYfKMXBBs+HWi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:16 2025 by rpki-client