Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/oHBqAoCHiUVP40w7AvftvslVXCk.roa
File: oHBqAoCHiUVP40w7AvftvslVXCk.roa (raw, json)
Hash identifier: HeTBgKbvn3T6slJEPUHJnv8L2SkVUFDTLZ2yJbMdk6o=
Subject key identifier: A0:70:6A:02:80:87:89:45:4F:E3:4C:3B:02:F7:ED:BE:C9:55:5C:29
Certificate issuer: /CN=90a02705006532ef33a0064f875a100923509fd5
Certificate serial: 011EC92C
Authority key identifier: 90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/oHBqAoCHiUVP40w7AvftvslVXCk.roa
Signing time: Sat 01 Jan 2022 09:06:07 +0000
ROA not before: Sat 01 Jan 2022 09:06:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198380
IP address blocks: 185.154.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18794796 (0x11ec92c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a02705006532ef33a0064f875a100923509fd5
Validity
Not Before: Jan 1 09:06:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0706a02808789454fe34c3b02f7edbec9555c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fa:79:fa:2b:fa:dd:d8:a3:d4:a6:9f:1d:03:
68:2d:7f:54:05:cc:6f:70:47:eb:dc:f8:6a:6c:5d:
36:d8:33:99:b4:56:a2:44:c0:c2:71:7d:77:ac:47:
82:f2:66:25:86:7a:a7:cb:37:83:a5:13:e9:cf:4e:
a5:1c:ea:b4:ed:f9:c6:b5:47:42:c2:7e:ac:26:2a:
84:cd:ec:fc:5d:f3:54:f4:14:a7:d3:fa:07:5c:ca:
53:8e:fb:26:0c:b1:d3:47:9c:18:63:ba:3f:eb:70:
cd:e8:51:ae:7a:05:b1:bb:e8:46:bf:f1:e4:e7:16:
61:15:12:06:20:20:41:cf:f8:53:cb:fb:d4:a0:db:
8d:35:f8:01:cc:b6:78:5f:e2:ad:08:f8:09:8c:f1:
3c:e2:47:f7:a9:d9:e3:1e:bd:14:23:76:5f:0c:35:
5c:e5:fd:ec:37:6f:8a:bf:4a:81:6d:69:58:94:33:
fc:43:82:5b:73:da:81:a5:6b:e4:a2:b9:79:c9:b7:
8b:9d:82:d5:f5:82:78:69:a0:2c:ce:cf:de:56:9d:
b1:a7:76:ba:10:2d:30:ba:bd:a9:4d:d7:11:71:66:
86:f7:1c:41:24:df:64:e7:c4:6e:b4:75:8e:9b:20:
d0:1f:8e:f4:2d:3d:51:4e:82:c8:69:2a:5a:4d:4b:
2c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:70:6A:02:80:87:89:45:4F:E3:4C:3B:02:F7:ED:BE:C9:55:5C:29
X509v3 Authority Key Identifier:
keyid:90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/oHBqAoCHiUVP40w7AvftvslVXCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.236.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:55:8b:4e:5e:fc:ac:b7:aa:c9:d7:0c:a7:49:49:e0:91:04:
cf:0b:ba:2e:a6:2c:ef:5c:be:7c:83:75:c7:f4:e9:ff:62:51:
82:25:c7:19:a3:26:f5:0c:78:fc:22:e7:db:78:17:97:7a:f2:
e6:b4:4c:1a:d5:88:8d:21:1f:bf:ac:3e:2e:1e:85:26:4f:c5:
e9:34:a7:e6:26:61:ff:c1:e6:37:e8:cd:9d:c4:a4:4e:50:98:
0a:2c:25:50:79:e7:e2:c0:54:ec:3b:6b:b2:9f:95:16:18:27:
04:bb:33:2c:00:09:4a:b4:d9:e3:02:98:06:94:d6:c1:53:d3:
2d:41:1f:09:c4:d6:1f:a0:75:69:35:97:c2:bf:a2:a1:3b:5d:
7b:9c:3f:46:7f:ae:db:47:e1:34:dc:60:1e:ee:b7:66:d1:fb:
51:d5:2d:02:25:77:88:d6:ea:32:b2:e3:95:9c:e5:26:81:69:
2c:72:71:79:0f:a3:db:2b:35:00:60:68:85:02:5a:b9:9c:4f:
37:02:b3:3c:e3:3c:90:42:1d:96:ff:3c:2b:d4:9b:7b:fb:e8:
4e:04:db:48:77:86:12:b2:ae:9d:5b:cb:c5:9c:20:bc:26:fe:
5b:d7:5f:2b:5b:b2:bb:91:35:8d:d4:11:2e:57:19:da:df:78:
22:10:bb:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAR7JLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGEwMjcwNTAwNjUzMmVmMzNhMDA2NGY4NzVhMTAwOTIzNTA5ZmQ1MB4XDTIyMDEw
MTA5MDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA3MDZhMDI4MDg3
ODk0NTRmZTM0YzNiMDJmN2VkYmVjOTU1NWMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANH6efor+t3Yo9Smnx0DaC1/VAXMb3BH69z4amxdNtgzmbRW
okTAwnF9d6xHgvJmJYZ6p8s3g6UT6c9OpRzqtO35xrVHQsJ+rCYqhM3s/F3zVPQU
p9P6B1zKU477Jgyx00ecGGO6P+twzehRrnoFsbvoRr/x5OcWYRUSBiAgQc/4U8v7
1KDbjTX4Acy2eF/irQj4CYzxPOJH96nZ4x69FCN2Xww1XOX97Ddvir9KgW1pWJQz
/EOCW3PagaVr5KK5ecm3i52C1fWCeGmgLM7P3ladsad2uhAtMLq9qU3XEXFmhvcc
QSTfZOfEbrR1jpsg0B+O9C09UU6CyGkqWk1LLBMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgcGoCgIeJRU/jTDsC9+2+yVVcKTAfBgNVHSMEGDAWgBSQoCcFAGUy7zOg
Bk+HWhAJI1Cf1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tLQW5CUUJsTXU4em9BWlBoMW9RQ1NOUW45VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvZDlmNDgyLTEzNWUtNDdmNi05MzE3LTY3ODVhZGE1MjdjMS8x
L29IQnFBb0NIaVVWUDQwdzdBdmZ0dnNsVlhDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
ZDlmNDgyLTEzNWUtNDdmNi05MzE3LTY3ODVhZGE1MjdjMS8xL2tLQW5CUUJsTXU4
em9BWlBoMW9RQ1NOUW45VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArma7DANBgkqhkiG9w0BAQsFAAOC
AQEAi1WLTl78rLeqydcMp0lJ4JEEzwu6LqYs71y+fIN1x/Tp/2JRgiXHGaMm9Qx4
/CLn23gXl3ry5rRMGtWIjSEfv6w+Lh6FJk/F6TSn5iZh/8HmN+jNncSkTlCYCiwl
UHnn4sBU7Dtrsp+VFhgnBLszLAAJSrTZ4wKYBpTWwVPTLUEfCcTWH6B1aTWXwr+i
oTtde5w/Rn+u20fhNNxgHu63ZtH7UdUtAiV3iNbqMrLjlZzlJoFpLHJxeQ+j2ys1
AGBohQJauZxPNwKzPOM8kEIdlv88K9Sbe/voTgTbSHeGErKunVvLxZwgvCb+W9df
K1uyu5E1jdQRLlcZ2t94IhC72w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:18 2024 by rpki-client on console-fra.rpki-client.org