Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/90VPsNZw1eBgSpMgBz_eVXhZRIY.roa
File: 90VPsNZw1eBgSpMgBz_eVXhZRIY.roa (raw, json)
Hash identifier: c/IUXweB8Q0knC0M1TWQOTv2SQwfWEaQ2YEVYb4haUQ=
Subject key identifier: F7:45:4F:B0:D6:70:D5:E0:60:4A:93:20:07:3F:DE:55:78:59:44:86
Certificate issuer: /CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Certificate serial: 018570DE3989DFF828A1E3578444CF4CD380
Authority key identifier: A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/90VPsNZw1eBgSpMgBz_eVXhZRIY.roa
Signing time: Mon 02 Jan 2023 05:04:49 +0000
ROA not before: Mon 02 Jan 2023 05:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197883
IP address blocks: 195.144.23.0/24 maxlen: 24
195.137.186.0/24 maxlen: 24
195.137.188.0/24 maxlen: 24
185.136.40.0/24 maxlen: 24
185.136.41.0/24 maxlen: 24
185.136.42.0/24 maxlen: 24
185.136.43.0/24 maxlen: 24
185.8.145.0/24 maxlen: 24
185.8.144.0/24 maxlen: 24
185.8.146.0/24 maxlen: 24
185.8.147.0/24 maxlen: 24
176.57.240.0/24 maxlen: 24
176.57.243.0/24 maxlen: 24
176.57.244.0/24 maxlen: 24
176.57.241.0/24 maxlen: 24
176.57.242.0/24 maxlen: 24
176.57.245.0/24 maxlen: 24
176.57.246.0/24 maxlen: 24
176.57.247.0/24 maxlen: 24
195.138.220.0/24 maxlen: 24
194.53.4.0/24 maxlen: 24
194.53.5.0/24 maxlen: 24
194.53.6.0/24 maxlen: 24
194.53.7.0/24 maxlen: 24
2a01:9d80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:39:89:df:f8:28:a1:e3:57:84:44:cf:4c:d3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Validity
Not Before: Jan 2 05:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7454fb0d670d5e0604a9320073fde5578594486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:23:10:b3:60:c6:3f:30:83:73:60:ad:22:ca:
7c:ac:55:ce:db:ac:18:b6:f9:96:69:78:ab:82:e6:
7b:7e:75:23:d5:e5:94:75:7d:d0:87:f2:77:d6:5d:
69:97:fe:ef:a0:39:ac:df:b5:62:bd:01:2c:29:47:
c9:ce:d5:f9:f6:88:0e:42:0b:ed:01:80:04:d5:0d:
6a:6c:76:b0:fc:2e:13:d2:f9:d1:cc:20:5b:6a:c0:
ee:72:73:51:87:39:df:a5:0c:39:01:10:c2:f5:f5:
b7:13:62:1a:10:63:0a:7d:30:e4:4e:47:97:2a:ce:
c7:07:30:52:0d:db:dc:ab:ac:10:18:38:40:6e:68:
87:ac:28:e7:83:aa:3f:fb:b5:ff:28:08:6e:12:1f:
3e:a2:cd:54:34:51:7a:45:c2:e4:9a:bf:a9:48:de:
93:7f:46:88:cd:f2:6b:03:d1:73:8a:11:65:cd:c2:
d7:e2:af:51:2b:96:e2:2a:c8:c2:77:8b:92:99:95:
6b:89:0e:f0:66:8b:da:8b:b1:f6:67:be:2c:49:64:
47:66:fe:3b:e2:41:52:ab:fb:18:43:59:66:44:4d:
3a:8a:8f:70:86:03:cd:b3:95:85:61:31:29:21:48:
e3:c3:50:f4:31:2d:a2:0f:b9:6e:5b:81:86:da:e4:
e2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:45:4F:B0:D6:70:D5:E0:60:4A:93:20:07:3F:DE:55:78:59:44:86
X509v3 Authority Key Identifier:
keyid:A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/90VPsNZw1eBgSpMgBz_eVXhZRIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.240.0/21
185.8.144.0/22
185.136.40.0/22
194.53.4.0/22
195.137.186.0/24
195.137.188.0/24
195.138.220.0/24
195.144.23.0/24
IPv6:
2a01:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
0f:5d:42:63:5f:27:36:fe:86:a2:97:b7:59:b5:d3:83:44:80:
c1:db:54:82:22:86:14:a2:9c:b0:b7:82:77:75:4c:55:80:1b:
4d:16:5e:68:22:98:df:50:c8:15:a0:55:6f:af:ae:5c:eb:51:
cb:2f:47:53:9d:b3:58:c9:f1:f2:b6:91:75:98:fe:95:e0:f7:
f6:79:85:38:13:a7:6b:46:c0:f9:0b:b1:d9:14:f3:76:d5:86:
2a:bb:f4:50:66:cd:fa:99:f4:d8:a3:c5:ef:9b:0e:39:e7:d0:
f2:71:06:5b:61:86:a5:f9:b0:67:68:d9:3d:60:44:ff:17:24:
ad:45:00:35:3d:0f:0d:db:f8:48:0b:01:31:c0:8b:30:63:dd:
9c:7b:9f:f2:f8:24:f3:3f:25:6d:de:77:d2:ed:cf:da:4f:3e:
1e:60:1b:c9:2c:89:c4:76:52:26:54:9f:c1:28:35:c6:5a:5b:
9c:0a:35:57:4c:9d:81:03:e1:7c:cf:5e:4d:3e:67:5e:7c:f7:
40:7e:40:1b:df:ab:79:4d:54:38:d1:9a:57:50:44:1f:3f:a5:
b8:f1:a8:67:17:62:4d:0f:05:1b:6a:98:a1:28:74:fe:2a:fe:
bb:bd:19:66:af:96:95:5d:0d:ee:0b:28:ef:98:d2:ef:07:27:
d8:62:f5:0b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVw3jmJ3/gooeNXhETPTNOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMGNiNGI4ZDU2OTQ3NzUxMmNlNTc4ODViYTZhMjg5OGZi
YzJkOTUwHhcNMjMwMTAyMDUwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQ1NGZiMGQ2NzBkNWUwNjA0YTkzMjAwNzNmZGU1NTc4NTk0NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiMQs2DGPzCDc2CtIsp8rFXO26wY
tvmWaXirguZ7fnUj1eWUdX3Qh/J31l1pl/7voDms37VivQEsKUfJztX59ogOQgvt
AYAE1Q1qbHaw/C4T0vnRzCBbasDucnNRhznfpQw5ARDC9fW3E2IaEGMKfTDkTkeX
Ks7HBzBSDdvcq6wQGDhAbmiHrCjng6o/+7X/KAhuEh8+os1UNFF6RcLkmr+pSN6T
f0aIzfJrA9FzihFlzcLX4q9RK5biKsjCd4uSmZVriQ7wZovai7H2Z74sSWRHZv47
4kFSq/sYQ1lmRE06io9whgPNs5WFYTEpIUjjw1D0MS2iD7luW4GG2uTiAQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPdFT7DWcNXgYEqTIAc/3lV4WUSGMB8GA1UdIwQY
MBaAFKAMtLjVaUd1Es5XiFumoomPvC2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUt
MThjNzBlYmY2ODFhLzEvOTBWUHNOWncxZUJnU3BNZ0J6X2VWWGhaUklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUtMThjNzBlYmY2ODFh
LzEvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDsDnwAwQC
uQiQAwQCuYgoAwQCwjUEAwQAw4m6AwQAw4m8AwQAw4rcAwQAw5AXMA0EAgACMAcD
BQAqAZ2AMA0GCSqGSIb3DQEBCwUAA4IBAQAPXUJjXyc2/oail7dZtdODRIDB21SC
IoYUopywt4J3dUxVgBtNFl5oIpjfUMgVoFVvr65c61HLL0dTnbNYyfHytpF1mP6V
4Pf2eYU4E6drRsD5C7HZFPN21YYqu/RQZs36mfTYo8Xvmw4559DycQZbYYal+bBn
aNk9YET/FyStRQA1PQ8N2/hICwExwIswY92ce5/y+CTzPyVt3nfS7c/aTz4eYBvJ
LInEdlImVJ/BKDXGWlucCjVXTJ2BA+F8z15NPmdefPdAfkAb36t5TVQ40ZpXUEQf
P6W48ahnF2JNDwUbapihKHT+Kv67vRlmr5aVXQ3uCyjvmNLvByfYYvUL
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:45 2025 by rpki-client