Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/wASBwGji3DE9U6ZrhzdJvqP9v2c.roa
File: wASBwGji3DE9U6ZrhzdJvqP9v2c.roa (raw, json)
Hash identifier: 86mw2czmXWI6yaEJJKPPr+2pXKBEIz91hQst66y/cqE=
Subject key identifier: C0:04:81:C0:68:E2:DC:31:3D:53:A6:6B:87:37:49:BE:A3:FD:BF:67
Certificate issuer: /CN=b7a86cc334c6e0eab83f252bd83eee956925ca40
Certificate serial: 018572BA92EF594F8EF4C7C4933B86F5BB49
Authority key identifier: B7:A8:6C:C3:34:C6:E0:EA:B8:3F:25:2B:D8:3E:EE:95:69:25:CA:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6hswzTG4Oq4PyUr2D7ulWklykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/wASBwGji3DE9U6ZrhzdJvqP9v2c.roa
Signing time: Mon 02 Jan 2023 13:45:07 +0000
ROA not before: Mon 02 Jan 2023 13:45:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200962
IP address blocks: 185.90.72.0/22 maxlen: 22
185.90.73.0/24 maxlen: 24
185.90.74.0/24 maxlen: 24
185.90.75.0/24 maxlen: 24
185.90.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:92:ef:59:4f:8e:f4:c7:c4:93:3b:86:f5:bb:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a86cc334c6e0eab83f252bd83eee956925ca40
Validity
Not Before: Jan 2 13:45:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00481c068e2dc313d53a66b873749bea3fdbf67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:29:87:51:55:24:72:a8:a0:e8:a3:ac:fc:fb:
82:ef:56:0c:93:94:c0:40:04:84:b3:6b:90:f8:da:
05:4a:f7:90:0e:f2:36:98:ba:42:a6:bb:0b:84:a4:
16:43:51:5d:7d:4b:02:36:bc:f8:66:4e:ad:b4:07:
04:8c:fe:c1:02:57:b0:5a:ec:64:2d:05:b1:9b:7f:
d2:9b:95:c6:31:77:65:26:1e:b4:22:7f:f7:ef:4a:
8f:07:33:6d:d7:d2:94:f3:bd:da:83:99:c7:11:5d:
d4:57:c8:9d:44:21:13:4f:d3:c1:65:1d:e1:49:b1:
6e:d1:0c:90:6b:db:69:8e:37:e1:f5:7d:cb:4c:03:
f5:50:2d:7a:bd:27:a7:b6:c0:71:a6:3e:72:49:53:
63:3e:75:2b:c7:39:86:07:6e:cd:a4:11:24:26:c7:
b1:0d:30:b2:0c:2b:52:57:60:ef:9f:c2:48:55:76:
9f:9e:12:c4:55:15:14:28:7e:52:3a:76:87:e7:42:
88:a1:c2:01:60:29:c7:36:1b:ba:be:9d:4f:99:05:
ff:cd:1a:70:2b:35:a7:3e:26:a1:6d:27:42:1d:92:
a2:6b:6c:46:c3:b7:66:bd:f3:d9:3c:23:48:f3:3f:
8c:c9:1c:7a:78:cc:6a:09:f9:48:b3:dd:ea:09:d6:
76:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:04:81:C0:68:E2:DC:31:3D:53:A6:6B:87:37:49:BE:A3:FD:BF:67
X509v3 Authority Key Identifier:
keyid:B7:A8:6C:C3:34:C6:E0:EA:B8:3F:25:2B:D8:3E:EE:95:69:25:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6hswzTG4Oq4PyUr2D7ulWklykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/wASBwGji3DE9U6ZrhzdJvqP9v2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.72.0/22
Signature Algorithm: sha256WithRSAEncryption
99:35:18:d9:c6:87:32:da:57:d3:d6:35:6c:64:bc:d8:13:2e:
a5:65:42:7d:f0:38:57:db:92:7a:b4:3d:6a:ea:fa:bf:cb:9d:
3b:dd:3e:d9:c6:23:d2:ae:65:05:9c:8b:8c:70:90:d8:20:4b:
90:70:c5:97:d1:2a:36:5c:f8:b4:f2:2a:f6:df:a3:62:1a:7b:
3a:9f:24:41:bc:5f:3a:57:95:c3:e8:de:c2:2f:51:01:94:82:
df:07:8c:f2:20:6f:e5:d0:92:50:2a:cb:48:fb:b0:4d:fa:23:
eb:73:96:79:7d:5b:25:91:5a:6e:49:e8:93:06:6e:26:f2:7e:
ec:83:64:4a:69:00:96:33:60:36:d7:c3:57:56:8e:5d:6d:78:
f8:3b:fe:ad:4d:c2:d3:96:0a:04:21:ae:f7:9b:c3:c8:f8:1a:
f4:a7:f2:4e:f5:bd:4e:8c:29:f1:69:bf:cd:ff:77:68:94:bc:
c5:ca:40:3a:6d:c3:b7:78:5b:ca:91:70:9a:32:9a:e7:ef:fc:
92:10:6f:b9:e8:29:af:2f:52:ff:86:fd:c1:bf:16:85:a2:b7:
ea:36:0d:d3:75:d3:bf:1f:3a:a8:00:82:41:87:1a:d1:14:41:
a7:0c:89:70:72:98:05:ea:d6:1c:36:92:e2:f9:cf:50:d2:a7:
95:4e:32:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyupLvWU+O9MfEkzuG9btJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTg2Y2MzMzRjNmUwZWFiODNmMjUyYmQ4M2VlZTk1Njky
NWNhNDAwHhcNMjMwMTAyMTM0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA0ODFjMDY4ZTJkYzMxM2Q1M2E2NmI4NzM3NDliZWEzZmRiZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwimHUVUkcqig6KOs/PuC71YMk5TA
QASEs2uQ+NoFSveQDvI2mLpCprsLhKQWQ1FdfUsCNrz4Zk6ttAcEjP7BAlewWuxk
LQWxm3/Sm5XGMXdlJh60In/370qPBzNt19KU873ag5nHEV3UV8idRCETT9PBZR3h
SbFu0QyQa9tpjjfh9X3LTAP1UC16vSentsBxpj5ySVNjPnUrxzmGB27NpBEkJsex
DTCyDCtSV2Dvn8JIVXafnhLEVRUUKH5SOnaH50KIocIBYCnHNhu6vp1PmQX/zRpw
KzWnPiahbSdCHZKia2xGw7dmvfPZPCNI8z+MyRx6eMxqCflIs93qCdZ22wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAEgcBo4twxPVOma4c3Sb6j/b9nMB8GA1UdIwQY
MBaAFLeobMM0xuDquD8lK9g+7pVpJcpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZoc3d6VEc0T3E0UHlVcjJEN3VsV2tseWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81MDM2YmUtMTM4Yi00NDJlLTk2M2Yt
NTdjZDcyOTU3Yjg5LzEvd0FTQndHamkzREU5VTZacmh6ZEp2cVA5djJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81MDM2YmUtMTM4Yi00NDJlLTk2M2YtNTdjZDcyOTU3Yjg5
LzEvdDZoc3d6VEc0T3E0UHlVcjJEN3VsV2tseWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVpIMA0G
CSqGSIb3DQEBCwUAA4IBAQCZNRjZxocy2lfT1jVsZLzYEy6lZUJ98DhX25J6tD1q
6vq/y5073T7ZxiPSrmUFnIuMcJDYIEuQcMWX0So2XPi08ir236NiGns6nyRBvF86
V5XD6N7CL1EBlILfB4zyIG/l0JJQKstI+7BN+iPrc5Z5fVslkVpuSeiTBm4m8n7s
g2RKaQCWM2A218NXVo5dbXj4O/6tTcLTlgoEIa73m8PI+Br0p/JO9b1OjCnxab/N
/3dolLzFykA6bcO3eFvKkXCaMprn7/ySEG+56CmvL1L/hv3BvxaForfqNg3TddO/
HzqoAIJBhxrRFEGnDIlwcpgF6tYcNpLi+c9Q0qeVTjIW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:41 2025 by rpki-client