Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/iDsCc2RIQ5KSfPZNJJW3U_PxdSE.roa
File: iDsCc2RIQ5KSfPZNJJW3U_PxdSE.roa (raw, json)
Hash identifier: b1dMG7qPr4SW3ypdgABCFoN2C2ZrWkCPxlk6OeX/HNI=
Subject key identifier: 88:3B:02:73:64:48:43:92:92:7C:F6:4D:24:95:B7:53:F3:F1:75:21
Certificate issuer: /CN=66f983138969f8da674f7b5c0133e0c2d029b4c8
Certificate serial: 10DFB408
Authority key identifier: 66:F9:83:13:89:69:F8:DA:67:4F:7B:5C:01:33:E0:C2:D0:29:B4:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvmDE4lp-NpnT3tcATPgwtAptMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/iDsCc2RIQ5KSfPZNJJW3U_PxdSE.roa
Signing time: Sat 01 Jan 2022 16:03:24 +0000
ROA not before: Sat 01 Jan 2022 16:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61417
IP address blocks: 185.90.124.0/22 maxlen: 22
2a03:87a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283096072 (0x10dfb408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f983138969f8da674f7b5c0133e0c2d029b4c8
Validity
Not Before: Jan 1 16:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=883b027364484392927cf64d2495b753f3f17521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:07:b0:24:9d:14:10:8d:78:56:10:83:a0:a6:
5c:10:d1:26:13:71:c9:07:1c:2a:aa:18:cc:9f:ea:
dc:e4:db:8e:b2:b9:09:48:a3:0f:30:21:45:bf:56:
43:12:10:dc:b2:6e:a3:f8:f8:87:2d:0a:18:b9:1c:
f5:23:67:71:75:0e:a6:73:2e:d6:b3:80:ee:21:e4:
da:2a:49:8b:74:e8:20:ac:56:51:14:4f:9a:18:1d:
69:2a:bf:af:20:06:90:29:18:3d:94:61:db:82:13:
30:93:a2:57:02:87:b0:40:73:78:18:f4:3c:17:a8:
fc:5e:9d:b6:31:c9:21:d4:65:e4:02:a1:06:8a:c2:
f5:92:ff:e0:f0:9a:a8:57:e6:0f:1f:28:0c:ce:51:
91:84:03:3f:ae:51:79:c0:cc:aa:01:fe:77:2d:55:
73:ff:80:18:12:76:cf:cb:fe:bb:ed:11:7b:bf:bb:
41:c7:4f:9f:14:99:3e:2b:21:65:54:9f:42:e7:a5:
9e:32:67:7e:49:03:27:37:d4:6d:c0:3d:ad:54:f2:
52:30:c3:cd:7b:20:ec:d8:e5:31:f9:94:c2:ee:b0:
40:06:5d:a1:5f:98:7e:12:86:5d:63:b5:1b:ea:f0:
81:58:22:4b:ce:31:72:eb:ce:b9:c8:aa:12:4c:70:
09:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3B:02:73:64:48:43:92:92:7C:F6:4D:24:95:B7:53:F3:F1:75:21
X509v3 Authority Key Identifier:
keyid:66:F9:83:13:89:69:F8:DA:67:4F:7B:5C:01:33:E0:C2:D0:29:B4:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvmDE4lp-NpnT3tcATPgwtAptMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/iDsCc2RIQ5KSfPZNJJW3U_PxdSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/ZvmDE4lp-NpnT3tcATPgwtAptMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.124.0/22
IPv6:
2a03:87a0::/32
Signature Algorithm: sha256WithRSAEncryption
70:2d:97:4d:1e:28:04:cc:42:54:64:4a:eb:d9:5c:03:e5:7e:
44:8b:43:88:43:50:85:6a:f2:3b:79:cc:09:f4:60:2d:6b:54:
32:d9:ce:25:64:6e:16:90:68:e5:ee:e1:81:34:73:25:ec:29:
7d:69:64:20:91:cf:ee:e9:69:27:55:ff:da:31:51:b4:31:5c:
f4:71:37:8e:c5:0a:45:de:34:63:90:40:1a:17:4f:82:f4:41:
a0:1f:6a:69:43:ad:71:49:9c:d0:df:0a:9f:3f:11:49:24:85:
87:53:3a:18:53:a7:8c:5b:46:37:e5:a5:c1:76:97:45:74:8b:
19:ce:40:33:97:44:43:71:2d:67:10:7b:a8:4a:68:0d:e2:a4:
01:23:22:47:cc:c8:e4:a5:79:36:2d:cc:0a:a3:d6:77:d3:5c:
15:b7:8c:97:0d:c3:95:3d:52:9b:ee:05:89:39:a1:0f:ad:41:
4d:0e:1d:3a:e2:41:7b:7a:fe:bc:c0:9f:45:86:08:ea:a9:07:
22:3f:93:7f:c3:c2:57:bc:75:03:51:68:36:b3:78:26:a8:94:
1e:f4:72:26:31:98:2c:7c:39:99:63:d7:35:1f:88:48:3e:4a:
9e:c0:09:3b:47:d3:13:c8:48:83:2e:00:49:0c:fc:8d:26:c2:
92:21:f7:7e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEN+0CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmY5ODMxMzg5NjlmOGRhNjc0ZjdiNWMwMTMzZTBjMmQwMjliNGM4MB4XDTIyMDEw
MTE2MDMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgzYjAyNzM2NDQ4
NDM5MjkyN2NmNjRkMjQ5NWI3NTNmM2YxNzUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoHsCSdFBCNeFYQg6CmXBDRJhNxyQccKqoYzJ/q3OTbjrK5
CUijDzAhRb9WQxIQ3LJuo/j4hy0KGLkc9SNncXUOpnMu1rOA7iHk2ipJi3ToIKxW
URRPmhgdaSq/ryAGkCkYPZRh24ITMJOiVwKHsEBzeBj0PBeo/F6dtjHJIdRl5AKh
BorC9ZL/4PCaqFfmDx8oDM5RkYQDP65RecDMqgH+dy1Vc/+AGBJ2z8v+u+0Re7+7
QcdPnxSZPishZVSfQuelnjJnfkkDJzfUbcA9rVTyUjDDzXsg7NjlMfmUwu6wQAZd
oV+YfhKGXWO1G+rwgVgiS84xcuvOuciqEkxwCYkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSIOwJzZEhDkpJ89k0klbdT8/F1ITAfBgNVHSMEGDAWgBRm+YMTiWn42mdP
e1wBM+DC0Cm0yDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p2bURFNGxwLU5wblQzdGNBVFBnd3RBcHRNZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvYjgxNjliLThiZmQtNDBmZi1iOWJhLTQwMzA0MzA0ODExOC8x
L2lEc0NjMlJJUTVLU2ZQWk5KSlczVV9QeGRTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
YjgxNjliLThiZmQtNDBmZi1iOWJhLTQwMzA0MzA0ODExOC8xL1p2bURFNGxwLU5w
blQzdGNBVFBnd3RBcHRNZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlafDANBAIAAjAHAwUAKgOHoDAN
BgkqhkiG9w0BAQsFAAOCAQEAcC2XTR4oBMxCVGRK69lcA+V+RItDiENQhWryO3nM
CfRgLWtUMtnOJWRuFpBo5e7hgTRzJewpfWlkIJHP7ulpJ1X/2jFRtDFc9HE3jsUK
Rd40Y5BAGhdPgvRBoB9qaUOtcUmc0N8Knz8RSSSFh1M6GFOnjFtGN+WlwXaXRXSL
Gc5AM5dEQ3EtZxB7qEpoDeKkASMiR8zI5KV5Ni3MCqPWd9NcFbeMlw3DlT1Sm+4F
iTmhD61BTQ4dOuJBe3r+vMCfRYYI6qkHIj+Tf8PCV7x1A1FoNrN4JqiUHvRyJjGY
LHw5mWPXNR+ISD5KnsAJO0fTE8hIgy4ASQz8jSbCkiH3fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org