Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/aV6P-ssb7UN6rFMz31qe6bmjhcU.roa
File: aV6P-ssb7UN6rFMz31qe6bmjhcU.roa (raw, json)
Hash identifier: oMhtUeoGOD5oarEhNojbmqx0aXf1aN4kaiW+tw3c7sE=
Subject key identifier: 69:5E:8F:FA:CB:1B:ED:43:7A:AC:53:33:DF:5A:9E:E9:B9:A3:85:C5
Certificate issuer: /CN=3bdfd7604dfa0eb8ae20e90fcf130393b8a8564a
Certificate serial: 064A4A49
Authority key identifier: 3B:DF:D7:60:4D:FA:0E:B8:AE:20:E9:0F:CF:13:03:93:B8:A8:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/aV6P-ssb7UN6rFMz31qe6bmjhcU.roa
Signing time: Sat 01 Jan 2022 00:56:52 +0000
ROA not before: Sat 01 Jan 2022 00:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34987
IP address blocks: 185.90.4.0/24 maxlen: 24
185.90.6.0/24 maxlen: 24
185.90.7.0/24 maxlen: 24
185.90.5.0/24 maxlen: 24
2a05:dd00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105531977 (0x64a4a49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bdfd7604dfa0eb8ae20e90fcf130393b8a8564a
Validity
Not Before: Jan 1 00:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=695e8ffacb1bed437aac5333df5a9ee9b9a385c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a9:17:2a:00:42:7d:cc:81:51:cd:cd:c6:85:
b0:a4:32:da:b5:f2:aa:6d:24:71:38:fa:e4:10:51:
c5:9f:61:1c:a2:3e:5d:b3:7e:2a:32:eb:f7:f0:df:
1b:f3:7c:63:5d:a2:83:56:0c:2d:ed:96:20:c9:12:
76:55:45:e3:5b:e2:43:c6:fc:af:e5:3c:d7:d8:a8:
59:47:ae:65:1b:5e:32:db:08:d6:0c:7c:11:41:04:
4a:09:f4:b4:47:d7:b7:87:fc:3f:6b:7e:fa:95:2e:
6a:cd:c0:e1:83:ef:eb:04:2b:9d:eb:e5:21:a1:1a:
8c:55:a3:3c:98:02:d2:ef:9e:7f:4a:e6:b4:21:76:
e0:5b:cd:b5:5a:53:a8:34:8a:8d:f7:5f:54:e8:6f:
ea:d3:82:2c:02:a8:95:8e:70:e2:6d:af:e2:da:ac:
8a:62:cc:5e:29:4b:01:14:f1:fe:d1:44:1e:aa:4e:
7d:25:1a:a6:d8:b4:48:80:bb:0e:47:24:45:65:66:
7b:0c:d7:5f:ad:ad:30:bf:98:54:ea:8c:b8:3d:07:
57:19:a8:4a:d8:40:5e:8d:92:77:00:97:80:13:53:
64:36:a3:fa:42:3c:71:a7:a9:6b:8b:5d:85:2a:b5:
8a:9a:98:07:c8:d1:5b:9c:b6:df:27:09:a6:8e:67:
e1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5E:8F:FA:CB:1B:ED:43:7A:AC:53:33:DF:5A:9E:E9:B9:A3:85:C5
X509v3 Authority Key Identifier:
keyid:3B:DF:D7:60:4D:FA:0E:B8:AE:20:E9:0F:CF:13:03:93:B8:A8:56:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/aV6P-ssb7UN6rFMz31qe6bmjhcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/O9_XYE36DriuIOkPzxMDk7ioVko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.4.0/22
IPv6:
2a05:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
48:07:a4:98:bb:89:79:88:79:4b:c7:a5:49:dd:61:08:3a:09:
52:e1:bb:4d:0b:35:98:c6:5f:7d:c2:52:fd:58:94:13:16:31:
85:e7:04:7e:07:4f:99:9a:b7:38:d1:1c:be:c2:fb:18:55:b1:
47:93:e5:bc:4b:ab:7c:9e:0c:35:cc:02:78:8f:93:ca:f4:d4:
13:17:24:65:75:e7:44:24:37:9f:63:a0:0f:71:09:47:06:65:
f8:aa:66:2a:24:83:90:0b:2c:c3:c3:5c:f0:a4:c8:68:c9:12:
60:1d:79:49:64:1f:0f:f7:f0:31:69:e4:5d:f1:e6:11:5e:5a:
77:04:6c:5c:6c:b4:ff:b6:7c:51:bc:99:ae:58:8f:64:44:ad:
a8:85:2d:cd:2d:dd:47:7c:17:a4:cc:88:69:e6:72:14:12:df:
9e:a3:55:9e:ed:07:1b:14:3f:7b:eb:dd:13:43:b9:b4:68:47:
20:b4:e0:7c:13:bd:da:30:6a:da:3b:d2:83:4c:b4:2b:c1:b8:
f1:8b:f8:17:61:cf:de:b7:98:50:af:04:8f:32:c8:b2:33:06:
ba:5e:3d:ec:c5:fa:d6:17:fe:4f:0b:b6:a6:7d:2f:45:69:fb:
75:15:76:83:66:93:e3:17:05:e8:c1:65:f4:c9:2d:38:0b:a6:
fd:cd:12:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBkpKSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmRmZDc2MDRkZmEwZWI4YWUyMGU5MGZjZjEzMDM5M2I4YTg1NjRhMB4XDTIyMDEw
MTAwNTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk1ZThmZmFjYjFi
ZWQ0MzdhYWM1MzMzZGY1YTllZTliOWEzODVjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2pFyoAQn3MgVHNzcaFsKQy2rXyqm0kcTj65BBRxZ9hHKI+
XbN+KjLr9/DfG/N8Y12ig1YMLe2WIMkSdlVF41viQ8b8r+U819ioWUeuZRteMtsI
1gx8EUEESgn0tEfXt4f8P2t++pUuas3A4YPv6wQrnevlIaEajFWjPJgC0u+ef0rm
tCF24FvNtVpTqDSKjfdfVOhv6tOCLAKolY5w4m2v4tqsimLMXilLARTx/tFEHqpO
fSUapti0SIC7DkckRWVmewzXX62tML+YVOqMuD0HVxmoSthAXo2SdwCXgBNTZDaj
+kI8caepa4tdhSq1ipqYB8jRW5y23ycJpo5n4acCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRpXo/6yxvtQ3qsUzPfWp7puaOFxTAfBgNVHSMEGDAWgBQ739dgTfoOuK4g
6Q/PEwOTuKhWSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L085X1hZRTM2RHJpdUlPa1B6eE1Eazdpb1Zrby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvOGRjMmM3LTNmYzAtNDQ2ZC04MDdjLWVmNmM5ZWFkNjExYy8x
L2FWNlAtc3NiN1VONnJGTXozMXFlNmJtamhjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
OGRjMmM3LTNmYzAtNDQ2ZC04MDdjLWVmNmM5ZWFkNjExYy8xL085X1hZRTM2RHJp
dUlPa1B6eE1Eazdpb1Zrby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlaBDANBAIAAjAHAwUDKgXdADAN
BgkqhkiG9w0BAQsFAAOCAQEASAekmLuJeYh5S8elSd1hCDoJUuG7TQs1mMZffcJS
/ViUExYxhecEfgdPmZq3ONEcvsL7GFWxR5PlvEurfJ4MNcwCeI+TyvTUExckZXXn
RCQ3n2OgD3EJRwZl+KpmKiSDkAssw8Nc8KTIaMkSYB15SWQfD/fwMWnkXfHmEV5a
dwRsXGy0/7Z8UbyZrliPZEStqIUtzS3dR3wXpMyIaeZyFBLfnqNVnu0HGxQ/e+vd
E0O5tGhHILTgfBO92jBq2jvSg0y0K8G48Yv4F2HP3reYUK8EjzLIsjMGul497MX6
1hf+Twu2pn0vRWn7dRV2g2aT4xcF6MFl9MktOAum/c0SOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:25 2024 by rpki-client on console-ams.rpki-client.org