Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/6GkZbB_zEaBaEF5kOOoLJOr3R8c.roa
File: 6GkZbB_zEaBaEF5kOOoLJOr3R8c.roa (raw, json)
Hash identifier: fTPQORhAzw42Ym4g8cC1gVvLhdDaexdx7tIgo9ZjGvE=
Subject key identifier: E8:69:19:6C:1F:F3:11:A0:5A:10:5E:64:38:EA:0B:24:EA:F7:47:C7
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 44E1B498
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/6GkZbB_zEaBaEF5kOOoLJOr3R8c.roa
Signing time: Mon 24 Jan 2022 10:50:34 +0000
ROA not before: Mon 24 Jan 2022 10:50:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2280
IP address blocks: 90.84.154.0/24 maxlen: 24
90.84.155.0/24 maxlen: 24
90.84.154.0/23 maxlen: 23
90.84.11.0/24 maxlen: 24
90.84.10.0/24 maxlen: 24
90.84.16.0/21 maxlen: 24
90.84.15.0/24 maxlen: 24
90.84.14.0/24 maxlen: 24
90.84.240.0/21 maxlen: 24
90.84.251.0/24 maxlen: 24
90.84.253.0/24 maxlen: 24
90.84.252.0/24 maxlen: 24
90.84.40.0/21 maxlen: 24
90.84.254.0/24 maxlen: 24
90.84.39.0/24 maxlen: 24
90.84.168.0/21 maxlen: 24
90.84.176.0/21 maxlen: 24
90.84.184.0/24 maxlen: 24
90.84.184.0/21 maxlen: 24
90.84.192.0/21 maxlen: 24
2a01:c9c0:8000::/48 maxlen: 48
2a01:c9c0:800f::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1155642520 (0x44e1b498)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 24 10:50:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e869196c1ff311a05a105e6438ea0b24eaf747c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:08:03:19:6d:4a:08:6e:1e:0b:e5:1a:70:
42:a3:f2:bc:d2:42:01:08:59:87:0e:83:f0:8d:6a:
56:32:03:c4:73:f4:07:a8:7d:d9:91:dd:38:2c:6e:
ab:11:3f:c2:38:2f:2d:3c:3a:3c:a6:95:d7:5e:5e:
54:24:8c:ef:15:3e:10:ac:70:31:d6:d8:99:17:4e:
11:78:9f:c7:89:c7:bb:e1:87:63:7b:5f:b8:76:90:
d0:54:31:c7:b1:b2:1e:fa:bb:ff:65:44:c1:26:fa:
e7:e4:5b:98:2f:e6:79:89:67:59:fa:53:8c:a2:26:
cc:a8:70:75:47:58:1b:42:ee:51:b3:80:77:ab:bb:
4e:5e:fd:82:82:6b:44:3c:12:74:de:7c:13:98:ee:
2c:e1:cc:81:87:d1:14:b6:9f:52:ca:92:8f:2d:1a:
11:16:d2:ef:87:f1:46:08:b4:2c:84:94:56:0d:26:
98:44:ae:b1:32:5c:c9:6c:3a:8a:6c:5e:b1:4a:24:
86:1d:1a:83:84:a5:56:4c:29:e6:8e:df:27:c0:0b:
a8:3d:7e:53:9a:e5:69:d1:22:fd:88:f7:da:83:42:
f7:b2:86:fc:93:3f:b2:87:3a:dc:14:46:a4:2c:16:
b9:ff:8e:4e:f2:ae:90:aa:ce:80:bc:b2:10:fd:e5:
69:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:69:19:6C:1F:F3:11:A0:5A:10:5E:64:38:EA:0B:24:EA:F7:47:C7
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/6GkZbB_zEaBaEF5kOOoLJOr3R8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.10.0/23
90.84.14.0-90.84.23.255
90.84.39.0-90.84.47.255
90.84.154.0/23
90.84.168.0-90.84.199.255
90.84.240.0/21
90.84.251.0-90.84.254.255
IPv6:
2a01:c9c0:8000::/48
2a01:c9c0:800f::/48
Signature Algorithm: sha256WithRSAEncryption
4c:e0:9d:7e:75:29:e5:c5:42:c0:9b:d6:dd:7e:ea:aa:37:b1:
0a:f6:77:c8:eb:ec:98:ce:e6:52:4b:0a:15:0c:f0:da:47:30:
d1:bb:e4:3c:40:9b:04:f0:6a:ee:83:8c:41:5d:ec:83:d0:d7:
2a:9d:ba:c0:3c:b5:94:fc:1a:40:0a:2b:4e:6c:68:e8:31:6f:
5d:bb:86:bd:c4:26:6c:8b:7e:a6:e8:e6:34:b6:30:4f:8c:c7:
2c:fc:fc:0a:bb:5d:04:61:27:ae:9e:01:58:5f:46:59:82:5e:
7a:22:1b:72:c3:5f:81:aa:54:c5:4c:8e:ce:cc:f9:85:ba:61:
b9:12:27:91:d4:38:7b:1c:25:bd:e6:b5:eb:23:7b:46:39:ae:
7a:81:0a:46:79:76:90:6f:16:31:6d:d4:ea:b9:8a:d2:90:54:
00:74:fe:d3:a7:6e:1e:ad:22:d1:63:9b:2a:ba:aa:d5:66:98:
56:90:ce:32:7a:9b:63:6e:e2:3c:ad:2a:98:7a:38:2b:46:d5:
e6:25:b9:b3:83:09:a1:7b:f3:ad:60:01:0c:48:f2:f6:72:a1:
53:59:1a:dd:ab:97:33:52:fe:13:da:96:6d:ee:d2:f1:a6:77:
fb:be:7e:78:b2:4e:23:f1:47:ec:c4:23:6c:b9:03:32:d1:ae:
66:ea:37:ae
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEROG0mDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEy
NDEwNTAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg2OTE5NmMxZmYz
MTFhMDVhMTA1ZTY0MzhlYTBiMjRlYWY3NDdjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlkCAMZbUoIbh4L5RpwQqPyvNJCAQhZhw6D8I1qVjIDxHP0
B6h92ZHdOCxuqxE/wjgvLTw6PKaV115eVCSM7xU+EKxwMdbYmRdOEXifx4nHu+GH
Y3tfuHaQ0FQxx7GyHvq7/2VEwSb65+RbmC/meYlnWfpTjKImzKhwdUdYG0LuUbOA
d6u7Tl79goJrRDwSdN58E5juLOHMgYfRFLafUsqSjy0aERbS74fxRgi0LISUVg0m
mESusTJcyWw6imxesUokhh0ag4SlVkwp5o7fJ8ALqD1+U5rladEi/Yj32oNC97KG
/JM/soc63BRGpCwWuf+OTvKukKrOgLyyEP3laWkCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBToaRlsH/MRoFoQXmQ46gsk6vdHxzAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
LzZHa1piQl96RWFCYUVGNWtPT29MSk9yM1I4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwUAQCAAEwSgMEAVpUCjAMAwQBWlQOAwQDWlQQMAwD
BABaVCcDBARaVCADBAFaVJowDAMEA1pUqAMEA1pUwAMEA1pU8DAMAwQAWlT7AwQA
WlT+MBgEAgACMBIDBwAqAcnAgAADBwAqAcnAgA8wDQYJKoZIhvcNAQELBQADggEB
AEzgnX51KeXFQsCb1t1+6qo3sQr2d8jr7JjO5lJLChUM8NpHMNG75DxAmwTwau6D
jEFd7IPQ1yqdusA8tZT8GkAKK05saOgxb127hr3EJmyLfqbo5jS2ME+Mxyz8/Aq7
XQRhJ66eAVhfRlmCXnoiG3LDX4GqVMVMjs7M+YW6YbkSJ5HUOHscJb3mtesje0Y5
rnqBCkZ5dpBvFjFt1Oq5itKQVAB0/tOnbh6tItFjmyq6qtVmmFaQzjJ6m2Nu4jyt
Kph6OCtG1eYlubODCaF7861gAQxI8vZyoVNZGt2rlzNS/hPalm3u0vGmd/u+fniy
TiPxR+zEI2y5AzLRrmbqN64=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org