Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/5NwubsZcKB93g5eFeYt2xPIAFD0.roa
File: 5NwubsZcKB93g5eFeYt2xPIAFD0.roa (raw, json)
Hash identifier: GC5hII5qxeMyw3wpdKx+V2pPXt5WxddJyhs5ySQWCtQ=
Subject key identifier: E4:DC:2E:6E:C6:5C:28:1F:77:83:97:85:79:8B:76:C4:F2:00:14:3D
Certificate issuer: /CN=94ca595385505455b8cb1d90e946ef7b0b6f5d3f
Certificate serial: 0188B6A3F23A0F1E906313DF9611B100CBCC
Authority key identifier: 94:CA:59:53:85:50:54:55:B8:CB:1D:90:E9:46:EF:7B:0B:6F:5D:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lMpZU4VQVFW4yx2Q6UbvewtvXT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/5NwubsZcKB93g5eFeYt2xPIAFD0.roa
Signing time: Tue 13 Jun 2023 21:22:57 +0000
ROA not before: Tue 13 Jun 2023 21:22:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212637
IP address blocks: 185.190.90.0/24 maxlen: 24
2a13:500::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b6:a3:f2:3a:0f:1e:90:63:13:df:96:11:b1:00:cb:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94ca595385505455b8cb1d90e946ef7b0b6f5d3f
Validity
Not Before: Jun 13 21:22:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4dc2e6ec65c281f77839785798b76c4f200143d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b8:c8:b8:f7:49:8e:0e:d0:52:00:c4:e5:ea:
dc:f2:77:e6:1a:38:f1:46:9c:eb:ae:4c:6b:a1:77:
21:ba:95:63:a1:34:11:6f:36:7e:2b:fb:c4:1d:38:
d9:a7:b9:1c:3e:b6:c4:a8:46:d6:ca:a8:04:ce:ae:
71:b3:8a:b7:54:8c:88:5d:89:4f:e5:4e:ad:3d:9f:
25:76:95:24:a4:7a:23:a9:61:5e:74:87:4a:d8:a1:
0f:37:5f:26:95:d8:7d:7f:57:31:12:07:e0:e8:e6:
d9:3f:e8:ff:e0:42:fc:99:a9:1e:65:27:ae:4c:9f:
ae:a3:69:5d:3f:3f:6a:ea:0a:78:2c:cb:41:7f:1d:
95:90:73:4b:db:64:d4:86:64:07:76:f3:04:c6:12:
c2:24:19:b4:70:6c:38:b5:9d:97:76:15:8a:1c:20:
01:b4:47:a6:db:15:f6:ee:e3:96:fd:3c:8a:2d:44:
b1:98:20:62:b6:5a:10:b0:2f:a7:0b:f7:18:0b:21:
6b:0e:c8:5a:71:e6:7d:4e:09:78:e0:5c:7f:a8:d2:
bf:3b:24:ba:1c:a1:1a:1a:2f:bd:cb:a4:e2:26:37:
70:db:85:ce:5f:e7:35:4b:7f:9b:8b:fb:4b:20:8b:
c2:13:01:9d:2d:41:c9:8c:60:02:b1:72:98:57:37:
69:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DC:2E:6E:C6:5C:28:1F:77:83:97:85:79:8B:76:C4:F2:00:14:3D
X509v3 Authority Key Identifier:
keyid:94:CA:59:53:85:50:54:55:B8:CB:1D:90:E9:46:EF:7B:0B:6F:5D:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lMpZU4VQVFW4yx2Q6UbvewtvXT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/5NwubsZcKB93g5eFeYt2xPIAFD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/lMpZU4VQVFW4yx2Q6UbvewtvXT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.90.0/24
IPv6:
2a13:500::/32
Signature Algorithm: sha256WithRSAEncryption
5b:c4:ed:88:d0:bd:52:b2:56:63:8f:85:c9:4e:f9:e7:2a:72:
3a:45:f0:75:1c:e4:de:f4:a5:d5:81:2c:34:72:0d:f5:59:45:
7d:7d:10:6f:ab:9c:31:37:96:0f:11:82:7a:11:1c:20:b7:f6:
38:fa:5b:2d:7f:d1:be:00:f0:47:41:9e:58:b6:e5:e1:d6:5a:
45:08:98:1e:c3:0d:71:01:ed:d6:f8:f7:d6:c2:8f:26:f9:e5:
d1:0f:48:f4:ea:59:12:67:63:89:e1:e2:1a:38:02:ae:9c:4a:
79:0b:9d:d0:51:78:95:78:6c:42:15:0f:21:2e:f7:be:4f:00:
75:35:72:90:94:b6:a4:cf:02:97:12:a9:64:3c:3f:8b:2f:a0:
fa:d2:76:93:fb:82:4c:fd:bc:63:12:4b:a1:49:1d:25:c0:e6:
58:74:4d:d0:10:5c:02:eb:c6:37:3f:15:cb:83:f9:6b:2f:8e:
22:fe:ce:00:05:62:fc:59:03:43:04:16:8b:06:27:80:3b:e1:
67:03:c2:14:84:8c:d2:21:84:17:26:19:36:25:83:eb:c9:05:
f2:3b:1d:61:fb:72:bb:cc:a5:17:43:16:6c:dd:c5:d8:a9:80:
74:75:e3:8f:cf:3d:78:d7:68:f5:47:01:f8:19:56:09:ca:a8:
ce:96:99:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYi2o/I6Dx6QYxPflhGxAMvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2E1OTUzODU1MDU0NTViOGNiMWQ5MGU5NDZlZjdiMGI2
ZjVkM2YwHhcNMjMwNjEzMjEyMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRjMmU2ZWM2NWMyODFmNzc4Mzk3ODU3OThiNzZjNGYyMDAxNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLjIuPdJjg7QUgDE5erc8nfmGjjx
RpzrrkxroXchupVjoTQRbzZ+K/vEHTjZp7kcPrbEqEbWyqgEzq5xs4q3VIyIXYlP
5U6tPZ8ldpUkpHojqWFedIdK2KEPN18mldh9f1cxEgfg6ObZP+j/4EL8makeZSeu
TJ+uo2ldPz9q6gp4LMtBfx2VkHNL22TUhmQHdvMExhLCJBm0cGw4tZ2XdhWKHCAB
tEem2xX27uOW/TyKLUSxmCBitloQsC+nC/cYCyFrDshaceZ9Tgl44Fx/qNK/OyS6
HKEaGi+9y6TiJjdw24XOX+c1S3+bi/tLIIvCEwGdLUHJjGACsXKYVzdpfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOTcLm7GXCgfd4OXhXmLdsTyABQ9MB8GA1UdIwQY
MBaAFJTKWVOFUFRVuMsdkOlG73sLb10/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE1wWlU0VlFWRlc0eXgyUTZVYnZld3R2WFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81ODkyZDEtNmY1MS00Y2IzLTkzZTIt
MGYwNDk0Y2E2ZDJjLzEvNU53dWJzWmNLQjkzZzVlRmVZdDJ4UElBRkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS81ODkyZDEtNmY1MS00Y2IzLTkzZTItMGYwNDk0Y2E2ZDJj
LzEvbE1wWlU0VlFWRlc0eXgyUTZVYnZld3R2WFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAub5aMA0E
AgACMAcDBQAqEwUAMA0GCSqGSIb3DQEBCwUAA4IBAQBbxO2I0L1SslZjj4XJTvnn
KnI6RfB1HOTe9KXVgSw0cg31WUV9fRBvq5wxN5YPEYJ6ERwgt/Y4+lstf9G+APBH
QZ5YtuXh1lpFCJgeww1xAe3W+PfWwo8m+eXRD0j06lkSZ2OJ4eIaOAKunEp5C53Q
UXiVeGxCFQ8hLve+TwB1NXKQlLakzwKXEqlkPD+LL6D60naT+4JM/bxjEkuhSR0l
wOZYdE3QEFwC68Y3PxXLg/lrL44i/s4ABWL8WQNDBBaLBieAO+FnA8IUhIzSIYQX
Jhk2JYPryQXyOx1h+3K7zKUXQxZs3cXYqYB0deOPzz1412j1RwH4GVYJyqjOlpn9
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:35:41 2025 by rpki-client