Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/90g1rtlb-hQ6vh_gBSU0htoHn5U.roa
File: 90g1rtlb-hQ6vh_gBSU0htoHn5U.roa (raw, json)
Hash identifier: BXf6S+wWA4LmZ7b/1Vj64KEYill3Zo9YFL0eg1Ax4tI=
Subject key identifier: F7:48:35:AE:D9:5B:FA:14:3A:BE:1F:E0:05:25:34:86:DA:07:9F:95
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183155DFB3B284E48677F2E229A4C12D4E2
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/90g1rtlb-hQ6vh_gBSU0htoHn5U.roa
Signing time: Wed 07 Sep 2022 00:33:44 +0000
ROA not before: Wed 07 Sep 2022 00:33:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49367
IP address blocks: 185.213.21.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
2a11:840:23::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:15:5d:fb:3b:28:4e:48:67:7f:2e:22:9a:4c:12:d4:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 7 00:33:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f74835aed95bfa143abe1fe005253486da079f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9c:df:3a:15:6f:0e:1f:34:cd:8d:95:7a:49:
a2:65:06:f5:ba:04:9d:0d:96:20:6d:77:88:a8:86:
12:be:f6:31:68:e6:7c:b5:df:82:dc:4b:2d:18:3d:
27:72:65:5c:06:39:9a:8c:86:43:59:99:00:fd:48:
fe:d7:b3:d2:17:f9:f4:bd:3b:cc:e7:b6:3b:9c:f0:
11:0b:cb:30:31:0c:be:cf:11:6b:51:e5:b7:ec:52:
5b:a6:d7:a4:d2:08:59:de:14:e7:d4:e8:45:d7:2a:
ca:e1:a1:53:89:99:c7:85:d0:86:0b:b2:01:b6:13:
50:de:9b:00:ea:84:7d:5f:48:1f:d1:c3:d4:54:a0:
cd:6a:33:13:c4:91:9d:5d:8d:b0:15:d6:e2:a5:80:
d9:f2:31:c2:76:48:12:67:13:c1:f0:92:42:35:fb:
76:48:4a:d3:6a:42:f4:12:a8:f7:30:54:a3:0a:5a:
6f:0a:5a:b0:eb:08:0e:3f:26:b5:e3:b9:2a:26:78:
05:e0:67:e4:56:20:23:fd:de:04:9f:64:20:4a:d5:
d6:dd:60:f9:93:72:40:d7:a7:07:e9:f5:61:ab:f8:
67:6d:0e:24:84:a6:6f:24:fe:23:6a:fe:5b:b7:7d:
a1:02:c3:b7:f3:a1:d9:a6:1c:7d:5e:82:12:48:12:
c6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:48:35:AE:D9:5B:FA:14:3A:BE:1F:E0:05:25:34:86:DA:07:9F:95
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/90g1rtlb-hQ6vh_gBSU0htoHn5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.20.0/23
IPv6:
2a11:840:23::/48
Signature Algorithm: sha256WithRSAEncryption
92:20:9a:7f:f9:a7:61:1e:e4:57:aa:f5:db:13:d3:2e:34:19:
4b:b4:a0:f7:8a:62:b8:4d:7c:8c:d1:a0:bb:86:08:52:86:f8:
a0:d2:b9:41:a1:75:38:2d:0e:1a:d3:c1:20:f4:5f:2f:58:7a:
ff:33:4b:33:f7:92:fe:9e:26:3c:78:84:cc:93:a4:91:62:61:
9f:70:08:ec:e3:14:b9:dc:b5:fb:16:37:0a:e2:5e:0d:bb:cc:
c7:20:37:a2:83:54:19:79:79:50:b1:ca:3f:2f:6e:18:a1:43:
64:81:5a:a3:0f:37:d3:9e:7f:6c:73:34:ab:93:0c:4e:65:90:
f7:7f:76:4d:f8:02:d2:b3:ba:65:51:55:37:96:a9:20:fb:31:
4d:f2:2b:48:ea:a9:7e:ce:61:21:99:32:99:04:92:5c:35:9f:
ed:12:74:d2:6f:16:0d:5b:19:6f:36:da:c0:d9:3c:78:20:a7:
dd:26:64:da:26:be:07:20:84:26:85:ba:bd:db:3b:3f:5a:82:
f4:26:8d:a6:21:3f:79:23:43:04:aa:6b:2b:af:8c:6d:2e:85:
94:1a:c4:e1:19:57:5b:7b:eb:9c:b5:62:4a:88:51:53:56:27:
35:7a:dc:e7:2e:a0:cb:15:96:fc:32:81:0f:73:17:86:41:da:
31:39:33:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMVXfs7KE5IZ38uIppMEtTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA3MDAzMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQ4MzVhZWQ5NWJmYTE0M2FiZTFmZTAwNTI1MzQ4NmRhMDc5Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZzfOhVvDh80zY2VekmiZQb1ugSd
DZYgbXeIqIYSvvYxaOZ8td+C3EstGD0ncmVcBjmajIZDWZkA/Uj+17PSF/n0vTvM
57Y7nPARC8swMQy+zxFrUeW37FJbptek0ghZ3hTn1OhF1yrK4aFTiZnHhdCGC7IB
thNQ3psA6oR9X0gf0cPUVKDNajMTxJGdXY2wFdbipYDZ8jHCdkgSZxPB8JJCNft2
SErTakL0Eqj3MFSjClpvClqw6wgOPya147kqJngF4GfkViAj/d4En2QgStXW3WD5
k3JA16cH6fVhq/hnbQ4khKZvJP4jav5bt32hAsO386HZphx9XoISSBLGGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPdINa7ZW/oUOr4f4AUlNIbaB5+VMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvOTBnMXJ0bGItaFE2dmhfZ0JTVTBodG9IbjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBudUUMA8E
AgACMAkDBwAqEQhAACMwDQYJKoZIhvcNAQELBQADggEBAJIgmn/5p2Ee5Feq9dsT
0y40GUu0oPeKYrhNfIzRoLuGCFKG+KDSuUGhdTgtDhrTwSD0Xy9Yev8zSzP3kv6e
Jjx4hMyTpJFiYZ9wCOzjFLnctfsWNwriXg27zMcgN6KDVBl5eVCxyj8vbhihQ2SB
WqMPN9Oef2xzNKuTDE5lkPd/dk34AtKzumVRVTeWqSD7MU3yK0jqqX7OYSGZMpkE
klw1n+0SdNJvFg1bGW822sDZPHggp90mZNomvgcghCaFur3bOz9agvQmjaYhP3kj
QwSqayuvjG0uhZQaxOEZV1t765y1YkqIUVNWJzV63OcuoMsVlvwygQ9zF4ZB2jE5
M4U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org