Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/4vZS89rtmhu1y88C1R2LZLVn1S0.roa
File: 4vZS89rtmhu1y88C1R2LZLVn1S0.roa (raw, json)
Hash identifier: s7UvleG521/zn6QP/vpsZKOLOiqumdQSWjg+P4oVWs0=
Subject key identifier: E2:F6:52:F3:DA:ED:9A:1B:B5:CB:CF:02:D5:1D:8B:64:B5:67:D5:2D
Certificate issuer: /CN=8ab5b9a9368797a86baebc81f623b3f4e786f51a
Certificate serial: 0184E6B45529A5AD22D12DD23C5BA2D8AB84
Authority key identifier: 8A:B5:B9:A9:36:87:97:A8:6B:AE:BC:81:F6:23:B3:F4:E7:86:F5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irW5qTaHl6hrrryB9iOz9OeG9Ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/4vZS89rtmhu1y88C1R2LZLVn1S0.roa
Signing time: Tue 06 Dec 2022 09:11:28 +0000
ROA not before: Tue 06 Dec 2022 09:11:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9150
IP address blocks: 185.65.124.0/24 maxlen: 24
2a04:f840::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:b4:55:29:a5:ad:22:d1:2d:d2:3c:5b:a2:d8:ab:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab5b9a9368797a86baebc81f623b3f4e786f51a
Validity
Not Before: Dec 6 09:11:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2f652f3daed9a1bb5cbcf02d51d8b64b567d52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:08:e3:c8:ae:e5:a1:11:90:1c:8c:96:42:
40:3e:d2:32:50:b2:44:67:14:6b:cc:fb:cb:07:ab:
85:a5:5b:09:e0:de:d5:5e:75:ce:26:aa:e9:d5:e4:
3d:8a:b6:7f:61:3f:a8:e1:a9:cf:22:e0:08:11:c8:
fe:48:a7:76:90:64:02:26:28:10:7e:14:bf:b1:84:
a4:70:51:da:a7:45:30:e5:b3:8b:aa:c0:68:42:f8:
93:23:a3:43:e4:4d:d9:1d:ac:23:22:15:ac:5d:65:
6e:3e:e4:cc:c4:c8:1e:de:58:8f:03:11:a3:ff:b5:
32:6e:60:6e:74:02:8e:e1:7b:9a:17:58:1c:22:17:
9e:d2:d0:26:4d:2d:0c:56:55:20:fa:57:e8:2c:41:
0a:3e:52:13:11:04:0d:da:05:22:b7:e3:81:ec:67:
62:4d:e3:7b:2a:b9:68:e3:c7:4f:e2:7f:f2:bb:65:
74:c3:1e:16:ca:ad:2d:ec:f0:24:67:2e:18:4f:9e:
9d:25:fa:9e:9b:a7:24:74:df:1e:5c:1b:12:23:5b:
21:ed:7a:2c:23:73:b8:4d:e7:8d:04:b8:f8:8b:c2:
d8:7a:04:bf:4c:90:0d:72:2f:78:f0:70:fa:82:91:
20:72:f9:cb:33:f1:95:dd:b8:bb:36:f2:ff:53:e7:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F6:52:F3:DA:ED:9A:1B:B5:CB:CF:02:D5:1D:8B:64:B5:67:D5:2D
X509v3 Authority Key Identifier:
keyid:8A:B5:B9:A9:36:87:97:A8:6B:AE:BC:81:F6:23:B3:F4:E7:86:F5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irW5qTaHl6hrrryB9iOz9OeG9Ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/4vZS89rtmhu1y88C1R2LZLVn1S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/irW5qTaHl6hrrryB9iOz9OeG9Ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.124.0/24
IPv6:
2a04:f840::/40
Signature Algorithm: sha256WithRSAEncryption
3b:1a:7e:4d:2a:cd:bc:0c:02:2d:a7:8f:28:8e:3e:20:10:96:
1a:80:45:13:1f:5d:0f:0e:d9:a8:0b:3e:06:d8:b8:e0:9f:c8:
d8:f8:36:07:f2:93:9d:91:d3:25:5f:f2:2a:ee:ad:41:ca:1f:
70:43:ed:e7:88:49:45:16:91:dc:ad:58:62:1c:ea:e9:9c:92:
c5:c2:4f:e8:28:17:c2:14:8a:b7:76:e4:9c:63:59:05:d8:b0:
50:2e:96:c6:6b:ad:e9:b2:e2:25:bf:fb:40:ac:2b:41:1c:82:
fa:8f:3e:84:54:be:30:a6:bd:9d:3b:7b:7c:df:6f:23:18:be:
b9:7f:b4:a2:a5:d5:27:7a:0d:06:f8:13:e6:40:10:ed:28:7a:
f7:2e:ee:60:b2:c1:ac:43:1d:b6:49:1a:e3:87:30:74:e6:97:
d9:71:e1:98:b8:c4:da:2a:b9:63:fb:e2:21:3d:49:00:b4:58:
1b:76:83:9f:32:f2:e7:cd:f5:be:c8:59:b3:d6:83:ea:6e:96:
bd:8b:32:c7:12:b9:a7:e4:ea:0a:6c:c3:e3:86:af:8e:b1:84:
8d:2d:2b:b5:08:a6:84:c2:7c:bb:ae:72:f1:48:c2:26:a5:32:
55:2e:c6:00:79:d3:f1:f5:04:e5:b6:a0:66:c2:99:cb:c7:51:
37:51:fc:4b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYTmtFUppa0i0S3SPFui2KuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjViOWE5MzY4Nzk3YTg2YmFlYmM4MWY2MjNiM2Y0ZTc4
NmY1MWEwHhcNMjIxMjA2MDkxMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmY2NTJmM2RhZWQ5YTFiYjVjYmNmMDJkNTFkOGI2NGI1NjdkNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnygI48iu5aERkByMlkJAPtIyULJE
ZxRrzPvLB6uFpVsJ4N7VXnXOJqrp1eQ9irZ/YT+o4anPIuAIEcj+SKd2kGQCJigQ
fhS/sYSkcFHap0Uw5bOLqsBoQviTI6ND5E3ZHawjIhWsXWVuPuTMxMge3liPAxGj
/7UybmBudAKO4XuaF1gcIhee0tAmTS0MVlUg+lfoLEEKPlITEQQN2gUit+OB7Gdi
TeN7Krlo48dP4n/yu2V0wx4Wyq0t7PAkZy4YT56dJfqem6ckdN8eXBsSI1sh7Xos
I3O4TeeNBLj4i8LYegS/TJANci948HD6gpEgcvnLM/GV3bi7NvL/U+fGkwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOL2UvPa7ZobtcvPAtUdi2S1Z9UtMB8GA1UdIwQY
MBaAFIq1uak2h5eoa668gfYjs/TnhvUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJXNXFUYUhsNmhycnJ5QjlpT3o5T2VHOVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NGM0MzEtNTMzMC00MzdiLWIyMDct
MjhmZWNjNjMzOThjLzEvNHZaUzg5cnRtaHUxeTg4QzFSMkxaTFZuMVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NGM0MzEtNTMzMC00MzdiLWIyMDctMjhmZWNjNjMzOThj
LzEvaXJXNXFUYUhsNmhycnJ5QjlpT3o5T2VHOVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuUF8MA4E
AgACMAgDBgAqBPhAADANBgkqhkiG9w0BAQsFAAOCAQEAOxp+TSrNvAwCLaePKI4+
IBCWGoBFEx9dDw7ZqAs+Bti44J/I2Pg2B/KTnZHTJV/yKu6tQcofcEPt54hJRRaR
3K1YYhzq6ZySxcJP6CgXwhSKt3bknGNZBdiwUC6Wxmut6bLiJb/7QKwrQRyC+o8+
hFS+MKa9nTt7fN9vIxi+uX+0oqXVJ3oNBvgT5kAQ7Sh69y7uYLLBrEMdtkka44cw
dOaX2XHhmLjE2iq5Y/viIT1JALRYG3aDnzLy5831vshZs9aD6m6WvYsyxxK5p+Tq
CmzD44avjrGEjS0rtQimhMJ8u65y8UjCJqUyVS7GAHnT8fUE5bagZsKZy8dRN1H8
Sw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:13 2023 by rpki-client on console.sobornost.net