Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/PhVTizg0lri2Stzh0Pv9GkdRVX8.roa
File: PhVTizg0lri2Stzh0Pv9GkdRVX8.roa (raw, json)
Hash identifier: GMN3sfcQ/7C2PlADJkOih3tcScpDi2IXkyc772fDL2k=
Subject key identifier: 3E:15:53:8B:38:34:96:B8:B6:4A:DC:E1:D0:FB:FD:1A:47:51:55:7F
Certificate issuer: /CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Certificate serial: 0185700B982E17FF590F51B7DEBEC4567BE1
Authority key identifier: AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/PhVTizg0lri2Stzh0Pv9GkdRVX8.roa
Signing time: Mon 02 Jan 2023 01:14:46 +0000
ROA not before: Mon 02 Jan 2023 01:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58075
IP address blocks: 185.114.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:98:2e:17:ff:59:0f:51:b7:de:be:c4:56:7b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Validity
Not Before: Jan 2 01:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e15538b383496b8b64adce1d0fbfd1a4751557f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:82:44:51:c1:8e:72:08:42:0c:9e:6b:d1:
56:be:d8:60:ef:66:b0:45:f6:76:d4:ee:86:d9:5a:
55:49:d4:2d:c8:18:17:eb:54:f4:66:c1:42:b1:eb:
bc:d4:dd:7c:99:c1:22:09:79:8e:ff:c3:73:c6:15:
49:58:e3:7f:28:05:2f:a7:bd:08:8c:cf:53:70:44:
7b:f7:c1:a2:7e:48:5a:e2:d5:1d:21:36:3e:f8:e2:
16:7e:07:e6:ff:b5:61:e2:01:54:4e:38:5c:38:37:
6c:43:35:15:7f:f1:49:7f:94:45:2d:ea:b5:e7:65:
87:18:e7:18:67:40:a0:27:cb:3a:05:22:5b:8e:75:
50:0b:91:80:40:cc:3a:53:59:bf:d4:d4:9c:95:ce:
a0:d2:af:2a:2f:5b:6e:45:8f:ed:e2:8e:56:4e:6a:
b7:58:fb:ea:24:a1:5d:3d:af:30:7d:a9:9a:94:fa:
04:39:12:1f:1a:04:fc:ae:2f:20:62:11:cc:61:55:
31:1e:ce:46:2e:b9:43:6e:e3:16:e3:29:99:4a:2e:
ea:e8:f4:b5:0d:9a:95:57:62:59:6a:3c:2d:09:a2:
7c:fa:c5:14:d0:27:40:b2:5e:65:7e:72:4c:56:a8:
8c:68:c2:99:2a:c8:61:01:26:02:8c:bb:cc:20:9e:
d2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:15:53:8B:38:34:96:B8:B6:4A:DC:E1:D0:FB:FD:1A:47:51:55:7F
X509v3 Authority Key Identifier:
keyid:AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/PhVTizg0lri2Stzh0Pv9GkdRVX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.236.0/22
Signature Algorithm: sha256WithRSAEncryption
42:4e:96:af:59:1c:7a:40:d4:2d:6b:97:94:96:47:27:d9:e8:
ea:35:73:de:75:6d:22:a4:56:81:8f:57:d2:30:ac:87:6e:bf:
6d:28:02:c9:26:73:98:df:57:29:b4:33:08:69:db:05:b4:f1:
16:48:a3:7a:29:17:a7:87:35:50:24:2c:bf:c4:54:b3:53:65:
2f:61:b7:81:d0:c6:a0:89:7f:bf:89:6e:a6:53:03:d2:c5:59:
55:e2:35:dd:04:d2:6e:87:65:09:97:2d:f5:94:e9:d9:26:45:
f0:17:71:79:93:4f:71:16:df:d0:8f:71:64:0d:94:da:35:1f:
a8:c6:78:bd:a0:da:f7:21:c8:29:c6:bb:d2:35:7a:44:c1:c1:
2e:91:74:a3:35:99:96:81:b3:e3:a1:31:af:1f:5d:b6:4b:4c:
a7:65:44:9a:a2:fa:53:c5:2f:71:b2:32:25:c9:b2:01:e0:cd:
93:1d:d3:85:b0:29:8e:78:43:56:41:97:fe:e0:4f:db:2b:da:
07:13:ea:78:87:46:f0:a9:9f:66:fe:d4:22:9e:c4:3f:23:58:
76:70:90:9a:bf:c5:a4:fb:e5:b1:23:19:e2:c5:04:02:b1:fb:
13:c9:e5:bc:2f:94:e8:86:f6:41:15:ce:82:e8:a2:82:b2:10:
cc:82:84:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwC5guF/9ZD1G33r7EVnvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWU4NmE3NmJkZGMxMjAzYTAyOWQzMTQ3NWQzZWJjNTdk
OTBhNDEwHhcNMjMwMTAyMDExNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTE1NTM4YjM4MzQ5NmI4YjY0YWRjZTFkMGZiZmQxYTQ3NTE1NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoWCRFHBjnIIQgyea9FWvthg72aw
RfZ21O6G2VpVSdQtyBgX61T0ZsFCseu81N18mcEiCXmO/8NzxhVJWON/KAUvp70I
jM9TcER798Gifkha4tUdITY++OIWfgfm/7Vh4gFUTjhcODdsQzUVf/FJf5RFLeq1
52WHGOcYZ0CgJ8s6BSJbjnVQC5GAQMw6U1m/1NSclc6g0q8qL1tuRY/t4o5WTmq3
WPvqJKFdPa8wfamalPoEORIfGgT8ri8gYhHMYVUxHs5GLrlDbuMW4ymZSi7q6PS1
DZqVV2JZajwtCaJ8+sUU0CdAsl5lfnJMVqiMaMKZKshhASYCjLvMIJ7SJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4VU4s4NJa4tkrc4dD7/RpHUVV/MB8GA1UdIwQY
MBaAFKqehqdr3cEgOgKdMUddPrxX2QpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQt
MDNiMGVlYzdmZjI5LzEvUGhWVGl6ZzBscmkyU3R6aDBQdjlHa2RSVlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQtMDNiMGVlYzdmZjI5
LzEvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXLsMA0G
CSqGSIb3DQEBCwUAA4IBAQBCTpavWRx6QNQta5eUlkcn2ejqNXPedW0ipFaBj1fS
MKyHbr9tKALJJnOY31cptDMIadsFtPEWSKN6KRenhzVQJCy/xFSzU2UvYbeB0Mag
iX+/iW6mUwPSxVlV4jXdBNJuh2UJly31lOnZJkXwF3F5k09xFt/Qj3FkDZTaNR+o
xni9oNr3IcgpxrvSNXpEwcEukXSjNZmWgbPjoTGvH122S0ynZUSaovpTxS9xsjIl
ybIB4M2THdOFsCmOeENWQZf+4E/bK9oHE+p4h0bwqZ9m/tQinsQ/I1h2cJCav8Wk
++WxIxnixQQCsfsTyeW8L5TohvZBFc6C6KKCshDMgoT3
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:47 2025 by rpki-client