Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/zivOBTtUy1pmQVUAgkF-G2qYTdA.roa
File: zivOBTtUy1pmQVUAgkF-G2qYTdA.roa (raw, json)
Hash identifier: py5UfOY+1fwCF+nNErrvtF/7q6WR+x8HfJTXLLEq8ZE=
Subject key identifier: CE:2B:CE:05:3B:54:CB:5A:66:41:55:00:82:41:7E:1B:6A:98:4D:D0
Certificate issuer: /CN=ac7be92dbfe3856156406fa725e15df5988e5c10
Certificate serial: 01856DE66A87D4FBFCAFE0ED43FE4BA87C4E
Authority key identifier: AC:7B:E9:2D:BF:E3:85:61:56:40:6F:A7:25:E1:5D:F5:98:8E:5C:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/zivOBTtUy1pmQVUAgkF-G2qYTdA.roa
Signing time: Sun 01 Jan 2023 15:14:54 +0000
ROA not before: Sun 01 Jan 2023 15:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60999
IP address blocks: 185.90.169.0/24 maxlen: 24
185.90.168.0/24 maxlen: 24
185.90.171.0/24 maxlen: 24
185.90.168.0/22 maxlen: 22
185.90.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:6a:87:d4:fb:fc:af:e0:ed:43:fe:4b:a8:7c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7be92dbfe3856156406fa725e15df5988e5c10
Validity
Not Before: Jan 1 15:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce2bce053b54cb5a6641550082417e1b6a984dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:32:2b:47:8b:74:a3:7a:dd:4f:c7:fd:33:
d7:7b:51:f2:bd:5b:84:29:2a:99:b8:84:c4:d0:ec:
ec:6a:bc:27:20:f1:4e:5b:46:c7:3a:5a:b5:7e:6a:
fc:1d:aa:2a:ea:c5:aa:0c:b1:c8:b9:ef:8b:61:9d:
e3:ed:06:42:34:5c:04:27:c4:68:f1:26:76:1f:1b:
d8:63:b4:ac:a0:6d:8d:a9:fd:0c:46:70:e0:7b:ab:
a0:9e:8d:d6:1d:c5:5b:45:6c:54:0f:83:ff:eb:61:
ab:a7:37:b4:a7:c4:19:fd:7a:5c:af:17:b8:8b:72:
86:02:9f:80:0f:b8:91:32:72:30:23:dd:b0:13:0e:
9c:2d:ab:d2:b9:4d:55:22:1c:0f:7c:20:e2:65:72:
64:95:b7:24:f6:07:30:dd:a7:2a:54:23:0e:a4:6c:
09:35:ad:36:e5:5b:99:bb:1f:a6:a2:0b:19:82:09:
17:fe:69:09:8a:35:f2:bc:1d:ee:f9:ef:3f:ea:9c:
03:3a:f9:33:21:c6:3e:d0:43:df:9c:8c:2e:6f:d1:
cb:f7:6f:78:64:0d:99:45:cc:86:e8:30:2b:02:e6:
c8:ac:f0:2b:11:8c:40:fd:90:34:96:ed:64:76:6f:
5d:87:1e:d4:c4:fe:b6:7c:db:b8:0c:17:5f:13:5c:
da:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2B:CE:05:3B:54:CB:5A:66:41:55:00:82:41:7E:1B:6A:98:4D:D0
X509v3 Authority Key Identifier:
keyid:AC:7B:E9:2D:BF:E3:85:61:56:40:6F:A7:25:E1:5D:F5:98:8E:5C:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/zivOBTtUy1pmQVUAgkF-G2qYTdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.168.0/22
Signature Algorithm: sha256WithRSAEncryption
96:79:5f:f3:f5:29:e4:eb:46:f6:4f:6e:9b:5b:89:e8:bc:89:
bf:44:5d:0f:0d:03:17:5a:6a:27:27:4b:3e:77:a9:cf:a5:df:
cb:8f:6b:ef:b0:d1:52:90:55:23:6f:b7:a5:72:34:61:c7:b9:
b7:c4:c3:39:44:b6:8d:41:9f:03:e5:00:0d:de:03:25:41:1f:
77:46:d2:c5:7f:ab:f7:3e:5a:bf:8b:7b:5b:ad:c3:b6:5e:75:
d2:36:05:d4:2f:03:a6:a0:46:ff:db:64:cf:83:c3:32:ff:28:
26:69:71:b4:cc:d8:9d:75:3e:90:6b:eb:f5:a5:84:87:7d:9b:
9e:cf:ad:fc:77:55:93:71:1d:03:f6:58:a0:0f:c9:9d:61:26:
07:a1:fd:cd:a6:30:5d:fd:9b:3d:46:48:9a:b9:40:91:3e:cd:
3d:62:03:eb:3c:ef:e2:1c:81:6b:32:fb:3e:cf:e0:71:5e:21:
c0:a7:f1:66:44:fe:98:31:04:e2:b1:22:f5:19:5a:7a:95:a3:
05:e4:4c:d2:2e:29:47:9f:a4:1b:ad:2a:fb:5a:13:0e:7e:55:
9e:cd:bc:9e:42:5a:44:34:ce:f7:70:75:1a:b1:be:de:9b:c2:
63:26:1c:1c:5e:e9:0b:6b:0e:13:93:c9:33:bc:09:b2:bd:47:
d9:b6:c4:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5mqH1Pv8r+DtQ/5LqHxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2JlOTJkYmZlMzg1NjE1NjQwNmZhNzI1ZTE1ZGY1OTg4
ZTVjMTAwHhcNMjMwMTAxMTUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTJiY2UwNTNiNTRjYjVhNjY0MTU1MDA4MjQxN2UxYjZhOTg0ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxUyK0eLdKN63U/H/TPXe1HyvVuE
KSqZuITE0OzsarwnIPFOW0bHOlq1fmr8Haoq6sWqDLHIue+LYZ3j7QZCNFwEJ8Ro
8SZ2HxvYY7SsoG2Nqf0MRnDge6ugno3WHcVbRWxUD4P/62Grpze0p8QZ/Xpcrxe4
i3KGAp+AD7iRMnIwI92wEw6cLavSuU1VIhwPfCDiZXJklbck9gcw3acqVCMOpGwJ
Na025VuZux+mogsZggkX/mkJijXyvB3u+e8/6pwDOvkzIcY+0EPfnIwub9HL9294
ZA2ZRcyG6DArAubIrPArEYxA/ZA0lu1kdm9dhx7UxP62fNu4DBdfE1za2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4rzgU7VMtaZkFVAIJBfhtqmE3QMB8GA1UdIwQY
MBaAFKx76S2/44VhVkBvpyXhXfWYjlwQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh2cExiX2poV0ZXUUctbkplRmQ5WmlPWEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmFlMmYtMjY5MS00YzdlLWEwMTgt
OTlkNzI1MmY1YmUwLzEveml2T0JUdFV5MXBtUVZVQWdrRi1HMnFZVGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmFlMmYtMjY5MS00YzdlLWEwMTgtOTlkNzI1MmY1YmUw
LzEvckh2cExiX2poV0ZXUUctbkplRmQ5WmlPWEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVqoMA0G
CSqGSIb3DQEBCwUAA4IBAQCWeV/z9Snk60b2T26bW4novIm/RF0PDQMXWmonJ0s+
d6nPpd/Lj2vvsNFSkFUjb7elcjRhx7m3xMM5RLaNQZ8D5QAN3gMlQR93RtLFf6v3
Plq/i3tbrcO2XnXSNgXULwOmoEb/22TPg8My/ygmaXG0zNiddT6Qa+v1pYSHfZue
z638d1WTcR0D9ligD8mdYSYHof3NpjBd/Zs9RkiauUCRPs09YgPrPO/iHIFrMvs+
z+BxXiHAp/FmRP6YMQTisSL1GVp6laMF5EzSLilHn6QbrSr7WhMOflWezbyeQlpE
NM73cHUasb7em8JjJhwcXukLaw4Tk8kzvAmyvUfZtsQP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:50 2025 by rpki-client