Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/N2ED_fPdmHsPFNELD-71-mQqZZw.roa
File: N2ED_fPdmHsPFNELD-71-mQqZZw.roa (raw, json)
Hash identifier: Oq+UrYfU9DBjV5EY8NdSA783aOHAf0x7RcZmUprI9nk=
Subject key identifier: 37:61:03:FD:F3:DD:98:7B:0F:14:D1:0B:0F:EE:F5:FA:64:2A:65:9C
Certificate issuer: /CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Certificate serial: 0185115F8DF114529F78BA0CA37E8B6F2CFA
Authority key identifier: 76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/N2ED_fPdmHsPFNELD-71-mQqZZw.roa
Signing time: Wed 14 Dec 2022 16:02:32 +0000
ROA not before: Wed 14 Dec 2022 16:02:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207254
IP address blocks: 185.154.221.0/24 maxlen: 24
185.154.223.0/24 maxlen: 24
185.154.220.0/24 maxlen: 24
185.154.222.0/24 maxlen: 24
2a0b:6140:2::/48 maxlen: 48
2a0b:6140:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:5f:8d:f1:14:52:9f:78:ba:0c:a3:7e:8b:6f:2c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Validity
Not Before: Dec 14 16:02:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=376103fdf3dd987b0f14d10b0feef5fa642a659c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8f:77:9a:eb:b6:ec:e5:29:6d:16:f1:b2:65:
11:67:3c:28:86:f8:e1:3f:b1:a2:62:b9:81:e9:c8:
45:b0:48:f8:26:9b:40:f9:4d:0c:3f:37:bc:d5:2c:
90:88:44:41:45:0d:eb:14:ba:49:5d:b4:77:11:91:
1d:07:71:b9:9f:c0:fc:fb:88:54:48:47:2e:8e:0f:
e2:dc:fd:0d:66:4e:06:ba:af:67:3d:3e:15:e2:58:
ed:b1:26:34:b5:ee:9f:d8:d2:39:64:ff:ad:e5:8d:
18:31:ab:1e:f8:55:39:f8:69:fa:20:40:49:f3:1f:
fc:8f:2d:2c:1b:43:9b:1d:7a:0b:f4:be:29:19:10:
27:7d:88:43:f9:95:81:b1:37:70:78:5e:5b:5f:56:
80:84:da:33:ba:61:5d:db:2a:cc:48:30:ec:47:c6:
f4:9e:6d:28:f4:87:3b:f5:c6:fd:81:1f:f1:98:3f:
b4:f7:fd:86:a8:9a:f2:7d:cb:ec:5f:4f:a8:36:ed:
be:24:40:68:c9:ba:ea:2f:91:5c:17:26:ce:51:b9:
d8:33:c2:f3:53:04:1d:ef:93:34:a6:9f:4f:55:15:
2e:0b:45:27:2f:93:dc:b0:59:96:d1:23:3b:5b:71:
18:c8:8d:d3:15:bd:3b:bb:5a:93:e2:70:61:56:20:
72:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:61:03:FD:F3:DD:98:7B:0F:14:D1:0B:0F:EE:F5:FA:64:2A:65:9C
X509v3 Authority Key Identifier:
keyid:76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/N2ED_fPdmHsPFNELD-71-mQqZZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.220.0/22
IPv6:
2a0b:6140:1::-2a0b:6140:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:bf:7a:70:b4:b7:b2:78:98:ae:28:58:ad:fc:e0:8e:4b:3f:
26:12:88:f7:ae:e2:2f:13:09:b2:f5:0e:c6:f3:69:64:37:ed:
e4:6d:2c:fa:0f:e0:9f:a0:55:2f:25:5d:e0:20:79:1b:30:2e:
1a:61:49:aa:08:73:38:ff:23:0e:da:1c:d1:a9:23:59:9a:71:
6a:e2:45:bf:37:6e:c9:e2:99:8f:bb:db:18:e5:30:c3:d0:7c:
93:e8:67:e8:53:2f:52:74:a4:fb:d2:47:85:f5:f7:25:8e:77:
28:ca:d0:fa:a4:fd:f8:c8:22:9b:0d:b0:72:1d:4a:1f:ab:d8:
b1:7a:d0:b5:5a:2f:1d:e6:71:c5:11:1d:05:3a:d6:05:cf:ed:
ec:8e:38:35:0c:51:1e:90:43:55:c4:f1:a2:ca:87:77:26:36:
16:43:90:0e:8d:82:90:46:b9:08:c0:dd:0c:59:a1:45:62:91:
fe:86:80:5a:3d:e6:8e:26:66:d9:dd:de:ed:83:a1:ca:d7:0d:
d4:11:d6:e3:2f:e0:00:d7:3f:4c:e8:78:50:8e:58:e2:0e:e6:
47:f7:f7:8b:9e:a6:a1:ed:2e:b4:0c:44:aa:54:d9:77:2e:58:
7d:ce:d6:c2:8b:58:ab:8c:29:86:a7:94:b4:18:36:cd:63:62:
ef:68:f4:dd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYURX43xFFKfeLoMo36Lbyz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NWVhMzQwMGEzNzQ4YzNiNmM2MTI2OGQ0OTJmOGJmMGE5
MDgyMzkwHhcNMjIxMjE0MTYwMjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzYxMDNmZGYzZGQ5ODdiMGYxNGQxMGIwZmVlZjVmYTY0MmE2NTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI93muu27OUpbRbxsmURZzwohvjh
P7GiYrmB6chFsEj4JptA+U0MPze81SyQiERBRQ3rFLpJXbR3EZEdB3G5n8D8+4hU
SEcujg/i3P0NZk4Guq9nPT4V4ljtsSY0te6f2NI5ZP+t5Y0YMase+FU5+Gn6IEBJ
8x/8jy0sG0ObHXoL9L4pGRAnfYhD+ZWBsTdweF5bX1aAhNozumFd2yrMSDDsR8b0
nm0o9Ic79cb9gR/xmD+09/2GqJryfcvsX0+oNu2+JEBoybrqL5FcFybOUbnYM8Lz
UwQd75M0pp9PVRUuC0UnL5PcsFmW0SM7W3EYyI3TFb07u1qT4nBhViBy3QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDdhA/3z3Zh7DxTRCw/u9fpkKmWcMB8GA1UdIwQY
MBaAFHZeo0AKN0jDtsYSaNSS+L8KkII5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQt
MGZjNThlNThjYWM5LzEvTjJFRF9mUGRtSHNQRk5FTEQtNzEtbVFxWlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQtMGZjNThlNThjYWM5
LzEvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuZrcMBoE
AgACMBQwEgMHACoLYUAAAQMHACoLYUAAAjANBgkqhkiG9w0BAQsFAAOCAQEAKL96
cLS3sniYrihYrfzgjks/JhKI967iLxMJsvUOxvNpZDft5G0s+g/gn6BVLyVd4CB5
GzAuGmFJqghzOP8jDtoc0akjWZpxauJFvzduyeKZj7vbGOUww9B8k+hn6FMvUnSk
+9JHhfX3JY53KMrQ+qT9+Mgimw2wch1KH6vYsXrQtVovHeZxxREdBTrWBc/t7I44
NQxRHpBDVcTxosqHdyY2FkOQDo2CkEa5CMDdDFmhRWKR/oaAWj3mjiZm2d3e7YOh
ytcN1BHW4y/gANc/TOh4UI5Y4g7mR/f3i56moe0utAxEqlTZdy5Yfc7WwotYq4wp
hqeUtBg2zWNi72j03Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:33 2023 by rpki-client on console.sobornost.net