Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/ycILsiDi1Vn9cOlQVpeeP8sr-DM.roa
File: ycILsiDi1Vn9cOlQVpeeP8sr-DM.roa (raw, json)
Hash identifier: /PBPczMqEpgC/UuQF7uRxUUk2HlABjaiFbM4HoSyzIU=
Subject key identifier: C9:C2:0B:B2:20:E2:D5:59:FD:70:E9:50:56:97:9E:3F:CB:2B:F8:33
Certificate issuer: /CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Certificate serial: 0183F24F5FE1796E3FF823523A262A077EB9
Authority key identifier: 14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/ycILsiDi1Vn9cOlQVpeeP8sr-DM.roa
Signing time: Wed 19 Oct 2022 22:13:51 +0000
ROA not before: Wed 19 Oct 2022 22:13:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200944
IP address blocks: 185.90.117.0/24 maxlen: 24
185.90.116.0/22 maxlen: 22
185.90.116.0/24 maxlen: 24
185.90.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f2:4f:5f:e1:79:6e:3f:f8:23:52:3a:26:2a:07:7e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Validity
Not Before: Oct 19 22:13:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9c20bb220e2d559fd70e95056979e3fcb2bf833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:de:20:2f:4e:f1:94:8e:44:1e:de:4d:f4:
50:fb:e0:83:22:e8:4d:40:b6:bd:df:93:f5:4f:95:
17:a8:b4:5e:f2:4b:23:54:7e:0a:45:3c:ab:d6:ee:
a0:5d:84:75:49:d4:0e:7e:68:63:62:6c:63:d2:25:
3f:4b:ad:0b:59:e4:b9:1a:4d:4e:f0:30:8d:03:2c:
cc:2d:63:fb:0e:5d:ed:29:49:ea:cf:82:3b:6f:82:
4a:6e:c4:9a:73:af:7c:d0:8c:8c:d2:9c:7d:da:c0:
9a:ee:c6:6c:2c:24:16:bc:9d:16:86:ab:64:fa:d3:
c6:ad:ba:d5:db:1d:d3:0c:f1:8b:f6:f8:25:53:9d:
5d:53:a7:a9:5b:6e:e1:30:35:c8:7e:b8:73:52:aa:
89:a1:bc:09:cc:f0:11:3d:a7:12:14:41:97:e3:a9:
77:24:24:88:3e:96:8a:32:93:3d:bc:4f:95:4c:be:
4f:f3:29:fd:20:c8:4e:0a:36:a6:d5:c1:66:06:57:
fd:ac:bf:11:7a:5e:8b:5c:c9:0c:7b:d0:d5:f8:1a:
08:12:75:a9:3d:2f:8f:2b:3d:40:05:50:ad:f0:d7:
2f:91:b8:21:b4:7e:fc:60:e7:76:b8:ee:2d:46:cb:
97:a4:4d:e8:b5:26:7e:7d:61:03:a4:ed:93:63:bf:
29:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C2:0B:B2:20:E2:D5:59:FD:70:E9:50:56:97:9E:3F:CB:2B:F8:33
X509v3 Authority Key Identifier:
keyid:14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/ycILsiDi1Vn9cOlQVpeeP8sr-DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/FPt8Mzas1BidP6xjmigNmwAg8pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
59:95:61:50:4d:0b:f4:35:34:c3:49:e1:9e:27:d4:d6:bf:58:
1f:f6:7a:fc:fc:ff:b3:be:43:8e:ae:7d:b8:45:31:00:aa:4f:
0a:86:e5:ec:91:e5:ff:d4:86:fd:c0:85:61:e1:df:b0:97:97:
6c:43:1c:18:66:1b:e6:0f:ce:98:36:7d:17:73:81:49:80:e8:
61:fa:23:25:8f:87:40:ed:4b:6a:0c:0c:03:f9:5e:27:f0:d3:
3e:06:a7:56:8a:98:26:bf:5b:af:cf:20:e1:94:48:bb:f2:7b:
01:f2:87:91:1a:4c:27:7f:99:8b:93:99:1f:72:d2:ef:7a:d7:
b3:60:1a:34:f3:71:39:59:56:5f:ff:8b:b6:0c:65:d9:4e:d1:
a0:0d:e5:80:87:c9:a4:24:9c:e1:c5:9b:d6:59:bb:4c:b8:dc:
6e:32:62:83:7a:87:4e:c5:a6:d7:14:c3:96:96:50:35:78:86:
21:8f:23:d2:24:91:5a:5c:19:42:ab:5b:30:a8:de:ff:c9:45:
c2:9f:fb:9a:17:cd:4d:33:cd:b8:5c:3e:72:ce:a5:bc:2c:0c:
d3:fd:9e:01:44:85:2d:5b:10:23:64:4b:f8:de:0a:35:7c:82:
a5:92:d5:38:0b:5c:da:89:e3:56:7a:36:e2:75:bb:3a:ca:bd:
ce:26:f0:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPyT1/heW4/+CNSOiYqB365MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZmI3YzMzMzZhY2Q0MTg5ZDNmYWM2MzlhMjgwZDliMDAy
MGYyOTgwHhcNMjIxMDE5MjIxMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWMyMGJiMjIwZTJkNTU5ZmQ3MGU5NTA1Njk3OWUzZmNiMmJmODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraXeIC9O8ZSORB7eTfRQ++CDIuhN
QLa935P1T5UXqLRe8ksjVH4KRTyr1u6gXYR1SdQOfmhjYmxj0iU/S60LWeS5Gk1O
8DCNAyzMLWP7Dl3tKUnqz4I7b4JKbsSac6980IyM0px92sCa7sZsLCQWvJ0Whqtk
+tPGrbrV2x3TDPGL9vglU51dU6epW27hMDXIfrhzUqqJobwJzPARPacSFEGX46l3
JCSIPpaKMpM9vE+VTL5P8yn9IMhOCjam1cFmBlf9rL8Rel6LXMkMe9DV+BoIEnWp
PS+PKz1ABVCt8NcvkbghtH78YOd2uO4tRsuXpE3otSZ+fWEDpO2TY78pMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnCC7Ig4tVZ/XDpUFaXnj/LK/gzMB8GA1UdIwQY
MBaAFBT7fDM2rNQYnT+sY5ooDZsAIPKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0Njct
OTkzOWRmMWQwZDA5LzEveWNJTHNpRGkxVm45Y09sUVZwZWVQOHNyLURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0NjctOTkzOWRmMWQwZDA5
LzEvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVp0MA0G
CSqGSIb3DQEBCwUAA4IBAQBZlWFQTQv0NTTDSeGeJ9TWv1gf9nr8/P+zvkOOrn24
RTEAqk8KhuXskeX/1Ib9wIVh4d+wl5dsQxwYZhvmD86YNn0Xc4FJgOhh+iMlj4dA
7UtqDAwD+V4n8NM+BqdWipgmv1uvzyDhlEi78nsB8oeRGkwnf5mLk5kfctLvetez
YBo083E5WVZf/4u2DGXZTtGgDeWAh8mkJJzhxZvWWbtMuNxuMmKDeodOxabXFMOW
llA1eIYhjyPSJJFaXBlCq1swqN7/yUXCn/uaF81NM824XD5yzqW8LAzT/Z4BRIUt
WxAjZEv43go1fIKlktU4C1zaieNWejbidbs6yr3OJvAd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:46 2024 by rpki-client on console-ams.rpki-client.org