Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/AHAicwR1UrbOd90MQubh9XAdwwM.roa
File: AHAicwR1UrbOd90MQubh9XAdwwM.roa (raw, json)
Hash identifier: +IRbgma06Md/3+Taz651tuE4ZZOt1zqBbvHf8rzDLc4=
Subject key identifier: 00:70:22:73:04:75:52:B6:CE:77:DD:0C:42:E6:E1:F5:70:1D:C3:03
Certificate issuer: /CN=94ca595385505455b8cb1d90e946ef7b0b6f5d3f
Certificate serial: 01857195780EFBE4F9F9EDEB8148DD88C6B7
Authority key identifier: 94:CA:59:53:85:50:54:55:B8:CB:1D:90:E9:46:EF:7B:0B:6F:5D:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lMpZU4VQVFW4yx2Q6UbvewtvXT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/AHAicwR1UrbOd90MQubh9XAdwwM.roa
Signing time: Mon 02 Jan 2023 08:24:59 +0000
ROA not before: Mon 02 Jan 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212637
IP address blocks: 185.190.90.0/24 maxlen: 24
2a13:500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:78:0e:fb:e4:f9:f9:ed:eb:81:48:dd:88:c6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94ca595385505455b8cb1d90e946ef7b0b6f5d3f
Validity
Not Before: Jan 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00702273047552b6ce77dd0c42e6e1f5701dc303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:58:b9:c4:42:94:20:da:65:37:cd:22:2f:
da:44:c5:3f:9a:6d:18:97:da:fc:78:06:c8:07:83:
33:88:8d:36:36:5d:de:51:41:ce:2b:61:80:58:e9:
58:8f:22:ae:13:24:d8:a0:40:06:ca:07:4f:28:44:
23:8b:f1:d7:48:bf:25:ed:a3:b2:ac:77:a5:f3:cb:
02:e7:92:4a:32:2b:d6:61:fa:49:23:41:05:56:9f:
80:29:92:ad:e9:c5:e8:30:8b:d3:f7:23:0e:ba:97:
61:3d:cc:d4:e6:20:97:7f:6e:46:42:ee:ee:19:65:
ce:32:fd:87:3a:cc:93:5b:a3:4e:3a:e0:e5:c5:66:
1d:b4:75:af:23:89:9c:aa:f3:a7:42:1f:6c:da:a2:
27:49:f3:8f:25:30:7c:9c:7f:95:7f:ef:5b:05:05:
75:b9:c4:58:a2:55:5e:19:76:cb:5c:8e:08:e1:91:
17:e3:3b:1c:98:0e:9c:57:a6:ed:68:08:68:b8:58:
ca:29:e0:65:b1:1a:f2:de:67:3b:d7:e7:92:8e:6e:
b9:3e:46:1e:12:3c:2d:e8:f3:c0:c0:97:e1:12:6d:
47:c0:26:ff:d7:19:79:e9:a1:d6:b5:11:6d:f9:96:
6b:cf:4f:de:1c:7e:cb:75:45:d2:69:6d:f9:34:e8:
5c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:70:22:73:04:75:52:B6:CE:77:DD:0C:42:E6:E1:F5:70:1D:C3:03
X509v3 Authority Key Identifier:
keyid:94:CA:59:53:85:50:54:55:B8:CB:1D:90:E9:46:EF:7B:0B:6F:5D:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lMpZU4VQVFW4yx2Q6UbvewtvXT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/AHAicwR1UrbOd90MQubh9XAdwwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5892d1-6f51-4cb3-93e2-0f0494ca6d2c/1/lMpZU4VQVFW4yx2Q6UbvewtvXT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.90.0/24
IPv6:
2a13:500::/32
Signature Algorithm: sha256WithRSAEncryption
07:a5:24:fe:92:2b:47:c1:b1:af:c5:0d:7d:22:1d:d6:5c:13:
d1:a2:86:42:85:09:81:85:0a:b2:b3:e6:b8:8e:ff:fe:a9:3e:
c0:4b:be:a1:a4:a8:e1:7d:75:0a:ea:6c:18:c9:99:74:95:d5:
9c:c2:47:5f:04:fb:74:39:2a:48:75:e2:8a:f4:59:c1:55:af:
26:2f:23:01:a6:17:04:7c:9d:e3:81:79:4c:ba:00:bc:fb:b6:
66:db:83:1e:4f:d0:5a:0d:41:a5:f8:67:50:6b:01:4b:6a:8a:
8e:b2:70:12:b5:8e:91:b6:94:f3:5a:e8:67:40:c4:bc:8e:89:
79:29:46:b3:29:eb:c4:ee:d3:48:e0:13:50:ea:f3:7c:66:7e:
06:3e:b7:e8:42:e3:4c:0b:90:28:ae:8f:c1:05:a8:e9:a5:2c:
a2:ba:c0:8c:69:c5:ad:5b:49:31:67:4d:99:97:84:a4:05:ea:
f0:72:4a:c1:d4:24:ad:60:79:19:f8:94:18:93:a5:7b:7a:67:
fb:a4:f3:3d:9b:cf:88:e3:3a:8e:92:80:76:ab:01:00:0f:c7:
31:69:15:06:c4:12:37:bd:7b:d0:39:75:02:a5:5a:6f:ed:6b:
3b:0d:80:19:9d:29:d4:c1:0d:66:73:f3:87:fe:67:56:93:27:
6e:50:1e:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxlXgO++T5+e3rgUjdiMa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2E1OTUzODU1MDU0NTViOGNiMWQ5MGU5NDZlZjdiMGI2
ZjVkM2YwHhcNMjMwMTAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcwMjI3MzA0NzU1MmI2Y2U3N2RkMGM0MmU2ZTFmNTcwMWRjMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb5YucRClCDaZTfNIi/aRMU/mm0Y
l9r8eAbIB4MziI02Nl3eUUHOK2GAWOlYjyKuEyTYoEAGygdPKEQji/HXSL8l7aOy
rHel88sC55JKMivWYfpJI0EFVp+AKZKt6cXoMIvT9yMOupdhPczU5iCXf25GQu7u
GWXOMv2HOsyTW6NOOuDlxWYdtHWvI4mcqvOnQh9s2qInSfOPJTB8nH+Vf+9bBQV1
ucRYolVeGXbLXI4I4ZEX4zscmA6cV6btaAhouFjKKeBlsRry3mc71+eSjm65PkYe
Ejwt6PPAwJfhEm1HwCb/1xl56aHWtRFt+ZZrz0/eHH7LdUXSaW35NOhcZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABwInMEdVK2znfdDELm4fVwHcMDMB8GA1UdIwQY
MBaAFJTKWVOFUFRVuMsdkOlG73sLb10/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE1wWlU0VlFWRlc0eXgyUTZVYnZld3R2WFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81ODkyZDEtNmY1MS00Y2IzLTkzZTIt
MGYwNDk0Y2E2ZDJjLzEvQUhBaWN3UjFVcmJPZDkwTVF1Ymg5WEFkd3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS81ODkyZDEtNmY1MS00Y2IzLTkzZTItMGYwNDk0Y2E2ZDJj
LzEvbE1wWlU0VlFWRlc0eXgyUTZVYnZld3R2WFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAub5aMA0E
AgACMAcDBQAqEwUAMA0GCSqGSIb3DQEBCwUAA4IBAQAHpST+kitHwbGvxQ19Ih3W
XBPRooZChQmBhQqys+a4jv/+qT7AS76hpKjhfXUK6mwYyZl0ldWcwkdfBPt0OSpI
deKK9FnBVa8mLyMBphcEfJ3jgXlMugC8+7Zm24MeT9BaDUGl+GdQawFLaoqOsnAS
tY6RtpTzWuhnQMS8jol5KUazKevE7tNI4BNQ6vN8Zn4GPrfoQuNMC5Aoro/BBajp
pSyiusCMacWtW0kxZ02Zl4SkBerwckrB1CStYHkZ+JQYk6V7emf7pPM9m8+I4zqO
koB2qwEAD8cxaRUGxBI3vXvQOXUCpVpv7Ws7DYAZnSnUwQ1mc/OH/mdWkyduUB7d
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:22 2025 by rpki-client