Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/v0VUPrW4q-wVzW-Uvs74R5MFQps.roa
File: v0VUPrW4q-wVzW-Uvs74R5MFQps.roa (raw, json)
Hash identifier: xFi0FP66bfGT8DsXotoanOGL/teOGbCqyJer/HuKozY=
Subject key identifier: BF:45:54:3E:B5:B8:AB:EC:15:CD:6F:94:BE:CE:F8:47:93:05:42:9B
Certificate issuer: /CN=dd71a129c8b08995942199ea6d1b228265350d0b
Certificate serial: 19C22A86
Authority key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/v0VUPrW4q-wVzW-Uvs74R5MFQps.roa
Signing time: Sat 01 Jan 2022 03:55:04 +0000
ROA not before: Sat 01 Jan 2022 03:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200127
IP address blocks: 185.36.237.0/24 maxlen: 24
185.36.236.0/24 maxlen: 24
185.36.239.0/24 maxlen: 24
185.36.238.0/24 maxlen: 24
185.76.244.0/24 maxlen: 24
185.76.246.0/24 maxlen: 24
185.76.245.0/24 maxlen: 24
185.76.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 432155270 (0x19c22a86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd71a129c8b08995942199ea6d1b228265350d0b
Validity
Not Before: Jan 1 03:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf45543eb5b8abec15cd6f94becef8479305429b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:4a:04:d9:d1:3c:93:58:d5:21:57:f3:8b:
84:39:d7:ee:28:83:ae:2b:02:12:79:d3:08:75:f0:
60:4b:5f:d9:cf:cc:45:88:10:52:6f:f8:5a:c7:85:
b7:b5:c5:4d:94:d8:d9:90:61:42:ed:f6:54:60:ed:
84:98:e0:7f:a0:6e:ae:d9:88:42:15:ef:ab:f5:a2:
08:8e:9b:42:f9:2f:87:10:5e:f8:59:89:78:1d:98:
32:68:93:af:b2:b6:92:c0:42:62:0d:f0:dc:62:84:
57:90:31:c5:eb:13:99:13:07:43:e6:0c:66:b0:ad:
30:c5:78:f2:9b:f0:51:85:7c:0a:46:68:8b:fd:24:
11:b9:3e:8f:aa:eb:d1:66:6c:44:a5:f7:2a:b8:b5:
4d:e2:5a:92:29:64:07:2b:9c:60:76:2c:5c:29:06:
7e:8b:7b:33:7c:00:3a:80:46:69:f7:d3:b3:b3:82:
c8:b6:d7:28:5b:78:28:ef:3b:43:8d:37:ed:7c:e8:
9e:98:b8:14:5d:bc:c2:b5:fb:0d:af:40:59:04:9a:
c7:35:66:49:4f:35:74:71:c4:50:62:89:6e:e2:a7:
06:6c:cb:8a:38:01:2f:e0:9c:be:be:59:69:b7:2a:
e6:b3:51:fc:15:a5:77:52:03:69:24:95:e9:1e:8d:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:45:54:3E:B5:B8:AB:EC:15:CD:6F:94:BE:CE:F8:47:93:05:42:9B
X509v3 Authority Key Identifier:
keyid:DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/v0VUPrW4q-wVzW-Uvs74R5MFQps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.236.0/22
185.76.244.0/22
Signature Algorithm: sha256WithRSAEncryption
90:46:42:22:72:11:39:b4:6c:c1:e6:54:71:27:c9:77:6a:56:
7c:6e:a8:e6:70:fb:38:be:98:79:8b:72:ca:07:b2:94:4b:64:
9c:e9:cb:21:88:b7:01:40:13:5c:f5:c8:5e:a5:e4:9b:87:94:
67:21:84:da:14:d6:04:b3:51:1c:f5:26:f0:3f:68:b0:d7:c4:
10:d5:be:1f:b3:ac:dd:c8:a7:f7:7e:fc:ad:84:86:b8:c8:78:
ca:2a:2a:fd:33:f0:25:38:bb:2c:a1:4f:fc:16:b4:ac:55:43:
0c:de:3d:0b:10:44:e8:9f:8b:b1:90:30:61:df:f4:c1:fc:13:
5e:42:ad:d1:1a:65:54:f6:a1:f9:a8:f5:af:2f:f1:f5:88:42:
f2:7c:3d:2a:b8:07:6d:d3:b4:92:d1:6b:b2:42:19:77:06:1e:
a3:98:93:60:54:6a:ed:14:ac:98:23:98:70:11:3f:3d:bc:e6:
4d:c6:ea:24:20:86:41:6c:44:f3:91:bc:a1:a5:15:91:06:66:
c3:47:8e:51:ca:61:41:36:80:c5:42:38:87:13:e3:82:b6:6b:
37:21:81:a0:58:52:ef:ec:9e:36:8b:f6:c2:95:b9:0f:43:14:
51:9b:59:c4:d5:b1:14:6e:f6:8e:13:c5:da:f4:1a:13:f6:b5:
cc:81:60:f2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGcIqhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDcxYTEyOWM4YjA4OTk1OTQyMTk5ZWE2ZDFiMjI4MjY1MzUwZDBiMB4XDTIyMDEw
MTAzNTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY0NTU0M2ViNWI4
YWJlYzE1Y2Q2Zjk0YmVjZWY4NDc5MzA1NDI5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK09SgTZ0TyTWNUhV/OLhDnX7iiDrisCEnnTCHXwYEtf2c/M
RYgQUm/4WseFt7XFTZTY2ZBhQu32VGDthJjgf6BurtmIQhXvq/WiCI6bQvkvhxBe
+FmJeB2YMmiTr7K2ksBCYg3w3GKEV5AxxesTmRMHQ+YMZrCtMMV48pvwUYV8CkZo
i/0kEbk+j6rr0WZsRKX3Kri1TeJakilkByucYHYsXCkGfot7M3wAOoBGaffTs7OC
yLbXKFt4KO87Q4037Xzonpi4FF28wrX7Da9AWQSaxzVmSU81dHHEUGKJbuKnBmzL
ijgBL+Ccvr5Zabcq5rNR/BWld1IDaSSV6R6Nxm0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS/RVQ+tbir7BXNb5S+zvhHkwVCmzAfBgNVHSMEGDAWgBTdcaEpyLCJlZQh
meptGyKCZTUNCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNYR2hLY2l3aVpXVUlabnFiUnNpZ21VMURRcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvYjQ5OWI2LTAxZjQtNDQyYy1iZTc2LWMwZDhjODY2ODkzZi8x
L3YwVlVQclc0cS13VnpXLVV2czc0UjVNRlFwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
YjQ5OWI2LTAxZjQtNDQyYy1iZTc2LWMwZDhjODY2ODkzZi8xLzNYR2hLY2l3aVpX
VUlabnFiUnNpZ21VMURRcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkk7AMEArlM9DANBgkqhkiG9w0B
AQsFAAOCAQEAkEZCInIRObRsweZUcSfJd2pWfG6o5nD7OL6YeYtyygeylEtknOnL
IYi3AUATXPXIXqXkm4eUZyGE2hTWBLNRHPUm8D9osNfEENW+H7Os3cin9378rYSG
uMh4yioq/TPwJTi7LKFP/Ba0rFVDDN49CxBE6J+LsZAwYd/0wfwTXkKt0RplVPah
+aj1ry/x9YhC8nw9KrgHbdO0ktFrskIZdwYeo5iTYFRq7RSsmCOYcBE/PbzmTcbq
JCCGQWxE85G8oaUVkQZmw0eOUcphQTaAxUI4hxPjgrZrNyGBoFhS7+yeNov2wpW5
D0MUUZtZxNWxFG72jhPF2vQaE/a1zIFg8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:51 2024 by rpki-client on console-ams.rpki-client.org