Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/S90Q_bpQgcnpijOPVsM5a03n1cM.roa
File: S90Q_bpQgcnpijOPVsM5a03n1cM.roa (raw, json)
Hash identifier: UowYvyNMxAi2KHlMp6xJLrh6P7kQbr8QqNbvRktcJDE=
Subject key identifier: 4B:DD:10:FD:BA:50:81:C9:E9:8A:33:8F:56:C3:39:6B:4D:E7:D5:C3
Certificate issuer: /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial: 0184EB9A36A9EF3AC7F77D92966AE0549CFE
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/S90Q_bpQgcnpijOPVsM5a03n1cM.roa
Signing time: Wed 07 Dec 2022 08:01:03 +0000
ROA not before: Wed 07 Dec 2022 08:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134963
IP address blocks: 212.31.96.0/24 maxlen: 24
31.153.230.0/23 maxlen: 23
195.14.157.0/24 maxlen: 24
195.14.154.0/24 maxlen: 24
212.31.123.0/24 maxlen: 24
212.31.124.0/24 maxlen: 24
212.31.125.0/24 maxlen: 24
212.31.127.0/24 maxlen: 24
128.0.107.0/24 maxlen: 24
81.4.190.0/23 maxlen: 24
46.199.88.0/24 maxlen: 24
195.14.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:9a:36:a9:ef:3a:c7:f7:7d:92:96:6a:e0:54:9c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Validity
Not Before: Dec 7 08:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bdd10fdba5081c9e98a338f56c3396b4de7d5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2d:3a:21:55:3c:79:89:2f:93:c2:86:0a:b6:
76:17:08:7d:d8:a5:0b:da:1b:58:b3:4a:5c:53:22:
34:06:a9:03:94:c6:42:6c:93:45:9c:af:98:aa:e4:
26:54:3c:3f:c6:8e:b4:4c:29:fd:97:c4:53:43:3c:
c1:d4:45:a6:5a:18:e6:89:50:bf:37:ea:74:59:f7:
f1:93:08:84:50:5a:e0:9f:12:ec:4a:bc:62:5c:2f:
e0:b4:b7:bd:71:1a:03:57:6e:e9:e1:35:d6:55:df:
f9:83:9a:cb:bc:d7:70:6b:dc:be:98:e0:94:e6:73:
ea:d9:05:62:df:ac:c0:29:9b:c5:ee:c8:f5:dd:0f:
b6:eb:56:14:d9:57:2a:bd:c2:ed:7c:7e:69:03:a2:
0c:94:5a:31:5b:47:42:7f:1c:05:37:76:29:ef:34:
70:21:45:26:55:7f:3b:a5:7c:87:9a:b5:71:f9:61:
b5:2c:8e:4a:91:27:53:81:d7:c5:f5:22:e8:ce:28:
92:e0:d8:9d:44:3f:b3:12:4a:e8:cf:7a:0f:12:79:
ab:06:5e:df:ca:8f:cd:dd:df:af:9f:9d:7e:49:fa:
35:1c:6e:2a:ee:55:0d:60:60:bf:66:7b:68:5f:28:
89:3b:fc:9f:cb:d4:ad:6d:7f:91:aa:93:ce:41:12:
37:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DD:10:FD:BA:50:81:C9:E9:8A:33:8F:56:C3:39:6B:4D:E7:D5:C3
X509v3 Authority Key Identifier:
keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/S90Q_bpQgcnpijOPVsM5a03n1cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.153.230.0/23
46.199.88.0/24
81.4.190.0/23
128.0.107.0/24
195.14.130.0/24
195.14.154.0/24
195.14.157.0/24
212.31.96.0/24
212.31.123.0-212.31.125.255
212.31.127.0/24
Signature Algorithm: sha256WithRSAEncryption
39:aa:2a:63:c8:10:70:90:93:dd:98:90:11:d4:ac:d0:62:b3:
ba:42:ac:6d:34:b7:b9:0f:45:55:ba:e2:78:08:9c:63:2d:14:
90:fd:16:ee:5b:59:0f:ba:8a:6e:ac:26:49:84:1c:91:e2:46:
8d:79:85:35:c4:36:e4:55:ca:65:6f:e9:7a:cc:30:2b:4f:25:
94:35:ec:57:95:73:33:c0:2a:12:8c:c9:79:41:10:73:ca:1a:
1f:2b:17:5f:38:2a:16:f9:33:47:42:01:0d:7a:4e:a9:e1:4c:
da:7c:e5:12:8d:15:63:4c:a4:cc:14:df:2f:72:13:4a:d0:c5:
62:c7:40:c6:ee:d3:80:3b:4e:6f:ee:60:da:3b:3e:9d:b2:3f:
a4:8d:9b:55:23:99:0c:fc:18:79:fe:11:a5:fb:f9:9c:05:53:
4b:5f:08:95:b6:d1:58:d1:e3:e8:2a:0d:4a:27:d0:cd:00:c5:
23:b5:a4:3d:b9:1e:e9:44:5e:05:e6:52:74:39:09:e4:bc:0c:
38:e4:59:6b:c1:5f:82:fe:cf:e2:0d:88:fb:fa:ee:8e:b9:9f:
89:35:3b:a3:5f:c0:eb:6d:b9:db:6c:cf:6f:1f:46:54:23:d3:
94:12:7b:e6:13:6a:45:de:56:83:6b:89:ce:2e:56:a7:9b:ef:
ef:45:13:70
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYTrmjap7zrH932SlmrgVJz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjIxMjA3MDgwMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRkMTBmZGJhNTA4MWM5ZTk4YTMzOGY1NmMzMzk2YjRkZTdkNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS06IVU8eYkvk8KGCrZ2Fwh92KUL
2htYs0pcUyI0BqkDlMZCbJNFnK+YquQmVDw/xo60TCn9l8RTQzzB1EWmWhjmiVC/
N+p0WffxkwiEUFrgnxLsSrxiXC/gtLe9cRoDV27p4TXWVd/5g5rLvNdwa9y+mOCU
5nPq2QVi36zAKZvF7sj13Q+261YU2VcqvcLtfH5pA6IMlFoxW0dCfxwFN3Yp7zRw
IUUmVX87pXyHmrVx+WG1LI5KkSdTgdfF9SLoziiS4NidRD+zEkroz3oPEnmrBl7f
yo/N3d+vn51+Sfo1HG4q7lUNYGC/ZntoXyiJO/yfy9StbX+RqpPOQRI3xQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEvdEP26UIHJ6Yozj1bDOWtN59XDMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvUzkwUV9icFFnY25waWpPUFZzTTVhMDNuMWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBH5nmAwQA
LsdYAwQBUQS+AwQAgABrAwQAww6CAwQAww6aAwQAww6dAwQA1B9gMAwDBADUH3sD
BAHUH3wDBADUH38wDQYJKoZIhvcNAQELBQADggEBADmqKmPIEHCQk92YkBHUrNBi
s7pCrG00t7kPRVW64ngInGMtFJD9Fu5bWQ+6im6sJkmEHJHiRo15hTXENuRVymVv
6XrMMCtPJZQ17FeVczPAKhKMyXlBEHPKGh8rF184Khb5M0dCAQ16TqnhTNp85RKN
FWNMpMwU3y9yE0rQxWLHQMbu04A7Tm/uYNo7Pp2yP6SNm1UjmQz8GHn+EaX7+ZwF
U0tfCJW20VjR4+gqDUon0M0AxSO1pD25HulEXgXmUnQ5CeS8DDjkWWvBX4L+z+IN
iPv67o65n4k1O6NfwOttudtsz28fRlQj05QSe+YTakXeVoNric4uVqeb7+9FE3A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:21 2023 by rpki-client on console-ams.rpki-client.org