Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/0jRw5wlnnGThvRWHf1gquh_KqTM.roa
File: 0jRw5wlnnGThvRWHf1gquh_KqTM.roa (raw, json)
Hash identifier: nk+hGLxJtAVmMYFi+aI9Qd6Eu6VXtjosdQ5Dntb67/4=
Subject key identifier: D2:34:70:E7:09:67:9C:64:E1:BD:15:87:7F:58:2A:BA:1F:CA:A9:33
Certificate issuer: /CN=36c7b44e7c5f29b9dea402ac805160b298cf0da6
Certificate serial: 15B41141
Authority key identifier: 36:C7:B4:4E:7C:5F:29:B9:DE:A4:02:AC:80:51:60:B2:98:CF:0D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/0jRw5wlnnGThvRWHf1gquh_KqTM.roa
Signing time: Sat 01 Jan 2022 08:53:41 +0000
ROA not before: Sat 01 Jan 2022 08:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200941
IP address blocks: 185.90.172.0/24 maxlen: 24
185.90.173.0/24 maxlen: 24
185.90.175.0/24 maxlen: 24
185.90.174.0/24 maxlen: 24
2a05:e181::/32 maxlen: 32
2a05:e187::/32 maxlen: 32
2a05:e180::/32 maxlen: 32
2a05:e186::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 364122433 (0x15b41141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c7b44e7c5f29b9dea402ac805160b298cf0da6
Validity
Not Before: Jan 1 08:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d23470e709679c64e1bd15877f582aba1fcaa933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:34:02:d3:eb:23:0b:52:3c:08:0d:3f:24:b0:
d3:bb:b0:5e:dc:54:c7:28:a5:3e:4a:40:30:a1:98:
73:69:cf:2a:65:a6:6a:37:5d:43:e5:49:fb:69:ae:
4d:0c:3c:55:20:d5:35:48:5b:8b:88:a1:b9:dd:45:
0d:36:48:23:b3:8f:2a:83:c6:d4:12:e8:22:91:42:
2d:e1:f9:ee:b4:8a:dc:d5:50:b8:2e:ce:07:4e:2d:
03:6c:96:27:2c:94:a1:6b:2b:0b:bc:da:d6:e1:c4:
4e:24:2c:25:fa:3c:44:1d:8e:2a:2b:a5:37:91:0d:
77:e5:a6:e6:25:88:27:fe:90:c5:f1:2a:ec:c1:30:
08:ae:9e:4d:82:9c:de:75:ee:7c:9d:66:92:c0:16:
ed:2b:6b:1e:9a:fe:d8:d4:d7:9b:b4:3d:1a:b7:50:
f6:b2:9f:8f:b0:ef:43:51:89:64:e5:33:46:ea:91:
38:6c:a2:34:88:87:2f:db:fa:5b:fb:8a:64:85:8a:
b7:f4:0e:e9:40:19:ef:12:15:8b:98:16:fc:df:fa:
10:a3:09:e8:32:fb:57:1a:45:e7:c5:c5:64:6c:b0:
88:fa:69:6e:42:2b:fd:4a:ba:1c:bf:d2:70:af:f3:
bd:9a:2a:3f:03:23:ef:ef:94:12:d0:6e:f2:08:72:
e3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:34:70:E7:09:67:9C:64:E1:BD:15:87:7F:58:2A:BA:1F:CA:A9:33
X509v3 Authority Key Identifier:
keyid:36:C7:B4:4E:7C:5F:29:B9:DE:A4:02:AC:80:51:60:B2:98:CF:0D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/0jRw5wlnnGThvRWHf1gquh_KqTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/Nse0TnxfKbnepAKsgFFgspjPDaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.172.0/22
IPv6:
2a05:e180::/31
2a05:e186::/31
Signature Algorithm: sha256WithRSAEncryption
49:5c:31:4e:56:8a:7e:90:35:c0:3b:2b:05:49:24:ba:da:82:
4c:32:b2:1e:28:b2:13:e0:2b:83:d1:c4:64:66:4a:7e:62:2a:
e4:95:18:48:a2:4e:45:c8:70:ee:a5:5a:ec:26:d0:8a:97:bf:
9e:62:c1:d4:c8:0d:53:49:d6:a8:0a:22:44:eb:2b:bb:7c:9d:
5e:04:8a:34:25:9f:50:53:3d:b7:36:08:e4:1b:9f:45:67:e3:
12:8c:ab:2d:7b:82:f1:2d:7c:ab:0c:65:4d:fe:54:54:3f:0f:
b4:48:ba:2b:0e:39:81:a1:d9:21:c2:52:e9:34:12:49:ac:1d:
a4:fa:f1:99:57:6e:1b:1c:a0:3a:ef:e0:00:1f:ef:ff:1d:53:
17:f5:f9:79:b1:a8:fe:7a:c7:09:d0:0f:33:ca:9d:83:d1:c6:
fb:00:a4:a1:fe:66:e7:35:74:93:85:1a:9b:e2:6e:3e:c8:97:
df:a2:b4:b7:7f:f8:8f:a8:ad:0d:13:8a:e1:1a:ad:be:a6:43:
59:00:21:0d:18:f1:2e:b8:77:59:43:85:d0:5e:36:fb:5b:5a:
2a:ab:d7:0f:38:29:7e:3c:fa:e0:7d:8c:06:0d:65:d6:58:07:
3a:8c:8d:07:89:44:a4:c8:a2:42:5f:11:3a:2e:a7:0e:8b:11:
bf:17:16:5a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEFbQRQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmM3YjQ0ZTdjNWYyOWI5ZGVhNDAyYWM4MDUxNjBiMjk4Y2YwZGE2MB4XDTIyMDEw
MTA4NTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIzNDcwZTcwOTY3
OWM2NGUxYmQxNTg3N2Y1ODJhYmExZmNhYTkzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIc0AtPrIwtSPAgNPySw07uwXtxUxyilPkpAMKGYc2nPKmWm
ajddQ+VJ+2muTQw8VSDVNUhbi4ihud1FDTZII7OPKoPG1BLoIpFCLeH57rSK3NVQ
uC7OB04tA2yWJyyUoWsrC7za1uHETiQsJfo8RB2OKiulN5ENd+Wm5iWIJ/6QxfEq
7MEwCK6eTYKc3nXufJ1mksAW7StrHpr+2NTXm7Q9GrdQ9rKfj7DvQ1GJZOUzRuqR
OGyiNIiHL9v6W/uKZIWKt/QO6UAZ7xIVi5gW/N/6EKMJ6DL7VxpF58XFZGywiPpp
bkIr/Uq6HL/ScK/zvZoqPwMj7++UEtBu8ghy4z0CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTSNHDnCWecZOG9FYd/WCq6H8qpMzAfBgNVHSMEGDAWgBQ2x7ROfF8pud6k
AqyAUWCymM8NpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zZTBUbnhmS2JuZXBBS3NnRkZnc3BqUERhWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvOGY3MTM4LTQ2ZDktNDk4Yi1hZjZkLTZkNjU4MmIyYjViNi8x
LzBqUnc1d2xubkdUaHZSV0hmMWdxdWhfS3FUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
OGY3MTM4LTQ2ZDktNDk4Yi1hZjZkLTZkNjU4MmIyYjViNi8xL05zZTBUbnhmS2Ju
ZXBBS3NnRkZnc3BqUERhWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEArlarDAUBAIAAjAOAwUBKgXhgAMF
ASoF4YYwDQYJKoZIhvcNAQELBQADggEBAElcMU5Win6QNcA7KwVJJLragkwysh4o
shPgK4PRxGRmSn5iKuSVGEiiTkXIcO6lWuwm0IqXv55iwdTIDVNJ1qgKIkTrK7t8
nV4EijQln1BTPbc2COQbn0Vn4xKMqy17gvEtfKsMZU3+VFQ/D7RIuisOOYGh2SHC
Uuk0EkmsHaT68ZlXbhscoDrv4AAf7/8dUxf1+XmxqP56xwnQDzPKnYPRxvsApKH+
Zuc1dJOFGpvibj7Il9+itLd/+I+orQ0TiuEarb6mQ1kAIQ0Y8S64d1lDhdBeNvtb
Wiqr1w84KX48+uB9jAYNZdZYBzqMjQeJRKTIokJfEToupw6LEb8XFlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org