Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/90xpMbFmfG945h42W-pAsUaGOlI.roa
File: 90xpMbFmfG945h42W-pAsUaGOlI.roa (raw, json)
Hash identifier: MJXom195784OlbcgZYTPVxIRe65XUHJUpiw1vnzPkiU=
Subject key identifier: F7:4C:69:31:B1:66:7C:6F:78:E6:1E:36:5B:EA:40:B1:46:86:3A:52
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 018330D18F56923014671E796BF2D67D1EC5
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/90xpMbFmfG945h42W-pAsUaGOlI.roa
Signing time: Mon 12 Sep 2022 08:29:43 +0000
ROA not before: Mon 12 Sep 2022 08:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207990
IP address blocks: 185.4.226.0/24 maxlen: 32
80.240.98.0/23 maxlen: 32
193.31.56.0/22 maxlen: 32
31.40.228.0/22 maxlen: 32
212.107.0.0/22 maxlen: 32
91.196.180.0/22 maxlen: 32
194.31.176.0/22 maxlen: 32
195.3.136.0/22 maxlen: 32
194.187.36.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:d1:8f:56:92:30:14:67:1e:79:6b:f2:d6:7d:1e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Sep 12 08:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f74c6931b1667c6f78e61e365bea40b146863a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:16:8a:8e:68:c9:61:4b:78:ae:04:0b:54:90:
c7:93:45:1b:5e:94:ae:f9:08:f3:dd:40:24:0c:c1:
47:5d:02:f5:3c:a1:c9:6f:8e:e0:a0:62:30:a8:d8:
9b:dc:bf:f4:a2:da:83:fe:f1:c0:9e:2a:85:84:b0:
36:52:6e:35:b0:d2:b7:1c:74:05:53:f5:f8:ab:a1:
a4:61:85:0b:37:51:d2:d8:05:8d:17:d5:cf:a8:f9:
ef:4d:f5:9e:8d:f2:51:29:12:38:b0:1c:59:61:ae:
2f:db:5e:af:60:e9:53:a0:ab:d8:a6:9d:6a:63:b6:
3a:13:b0:53:62:5b:50:c8:cd:e7:ae:9f:dc:47:54:
6b:8c:35:92:b6:ca:5a:45:58:6c:95:99:f9:72:6b:
04:72:0a:53:ef:91:34:19:8d:c4:35:13:b7:20:5b:
d7:7c:08:49:7a:14:d1:2a:ee:a5:68:1e:4c:97:90:
c6:71:80:06:3c:14:c3:8e:75:4b:4e:9b:b0:e0:2f:
0c:66:42:63:65:18:18:9e:86:2b:1f:39:32:7b:33:
09:42:13:22:5d:c0:ce:fe:d1:ed:9e:5a:57:88:a4:
e1:22:0d:30:36:9b:80:05:a9:de:ce:df:2e:c6:fd:
fd:dc:6f:95:12:1d:ac:a6:01:ee:3e:24:5f:3a:17:
9b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4C:69:31:B1:66:7C:6F:78:E6:1E:36:5B:EA:40:B1:46:86:3A:52
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/90xpMbFmfG945h42W-pAsUaGOlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.228.0/22
80.240.98.0/23
91.196.180.0/22
185.4.226.0/24
193.31.56.0/22
194.31.176.0/22
194.187.36.0/22
195.3.136.0/22
212.107.0.0/22
Signature Algorithm: sha256WithRSAEncryption
81:af:a1:7a:12:e4:14:3d:ed:dd:43:35:ca:1d:1e:b1:f5:b4:
a3:df:b6:c2:00:6d:e6:8c:c2:68:f6:8d:fd:89:06:1a:fd:5c:
ae:ff:39:73:ab:4a:0e:30:c3:9b:dc:f1:48:6c:73:e2:08:fa:
ce:d8:94:5d:f9:05:08:44:6b:ec:06:3f:40:36:cf:19:db:a2:
2b:93:4e:17:d7:72:20:61:72:a0:32:de:1e:b0:9e:1d:24:e2:
e5:10:73:e9:b3:7c:aa:d1:f3:b4:7e:6a:73:35:14:b0:e6:f5:
c6:70:26:ca:0e:f1:81:18:47:be:34:dc:d0:3e:20:9b:40:89:
93:c3:fd:94:6e:53:d4:9a:5a:c3:1d:67:0d:f3:ac:21:eb:01:
89:7f:8b:94:9f:62:77:ab:2d:84:08:ab:bc:56:dc:d8:4b:f9:
34:56:35:7f:23:4f:7f:ed:81:0f:5d:2a:cf:b8:fc:fb:62:3e:
fd:9a:a0:bd:53:c7:74:01:0b:12:4f:4f:ef:ea:94:d5:4d:1b:
ee:e5:d0:19:38:8f:c0:1d:2b:61:13:7f:93:45:64:9a:de:75:
6a:0a:23:3b:c6:f2:e3:1c:5e:da:cc:60:24:b0:c7:c1:7c:fb:
61:47:ea:61:03:5a:62:92:92:95:4a:aa:f4:1d:60:1a:02:21:
ec:5f:c6:a0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYMw0Y9WkjAUZx55a/LWfR7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjIwOTEyMDgyOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRjNjkzMWIxNjY3YzZmNzhlNjFlMzY1YmVhNDBiMTQ2ODYzYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BaKjmjJYUt4rgQLVJDHk0UbXpSu
+Qjz3UAkDMFHXQL1PKHJb47goGIwqNib3L/0otqD/vHAniqFhLA2Um41sNK3HHQF
U/X4q6GkYYULN1HS2AWNF9XPqPnvTfWejfJRKRI4sBxZYa4v216vYOlToKvYpp1q
Y7Y6E7BTYltQyM3nrp/cR1RrjDWStspaRVhslZn5cmsEcgpT75E0GY3ENRO3IFvX
fAhJehTRKu6laB5Ml5DGcYAGPBTDjnVLTpuw4C8MZkJjZRgYnoYrHzkyezMJQhMi
XcDO/tHtnlpXiKThIg0wNpuABanezt8uxv393G+VEh2spgHuPiRfOhebZQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPdMaTGxZnxveOYeNlvqQLFGhjpSMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvOTB4cE1iRm1mRzk0NWg0MlctcEFzVWFHT2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCHyjkAwQB
UPBiAwQCW8S0AwQAuQTiAwQCwR84AwQCwh+wAwQCwrskAwQCwwOIAwQC1GsAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBr6F6EuQUPe3dQzXKHR6x9bSj37bCAG3mjMJo9o39
iQYa/Vyu/zlzq0oOMMOb3PFIbHPiCPrO2JRd+QUIRGvsBj9ANs8Z26Irk04X13Ig
YXKgMt4esJ4dJOLlEHPps3yq0fO0fmpzNRSw5vXGcCbKDvGBGEe+NNzQPiCbQImT
w/2UblPUmlrDHWcN86wh6wGJf4uUn2J3qy2ECKu8VtzYS/k0VjV/I09/7YEPXSrP
uPz7Yj79mqC9U8d0AQsST0/v6pTVTRvu5dAZOI/AHSthE3+TRWSa3nVqCiM7xvLj
HF7azGAksMfBfPthR+phA1pikpKVSqr0HWAaAiHsX8ag
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:42 2023 by rpki-client on console-fra.rpki-client.org