Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/mH7YbY8-z0xfD_jZXdwdGglc2I0.roa
File: mH7YbY8-z0xfD_jZXdwdGglc2I0.roa (raw, json)
Hash identifier: R/KAl/ImC7KHu5FRgrQpSv8RocUyth8kA3SN8+bDBIc=
Subject key identifier: 98:7E:D8:6D:8F:3E:CF:4C:5F:0F:F8:D9:5D:DC:1D:1A:09:5C:D8:8D
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 01856D8AAFCB4070A727B689761DCFB95A18
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/mH7YbY8-z0xfD_jZXdwdGglc2I0.roa
Signing time: Sun 01 Jan 2023 13:34:43 +0000
ROA not before: Sun 01 Jan 2023 13:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.55.220.0/22 maxlen: 22
87.237.216.0/21 maxlen: 21
206.195.32.0/19 maxlen: 19
2a04:5780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:af:cb:40:70:a7:27:b6:89:76:1d:cf:b9:5a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 13:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=987ed86d8f3ecf4c5f0ff8d95ddc1d1a095cd88d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f7:23:74:f1:11:ba:3c:69:22:46:71:53:5b:
71:33:ac:e9:04:c9:cd:97:fe:54:be:73:af:95:63:
a3:4c:4b:2f:cb:56:e9:39:2f:d5:7c:f4:9e:f0:31:
b6:96:82:c5:77:3a:90:a5:e0:22:3e:ed:cf:f5:97:
7b:63:1d:bc:1c:05:45:6f:64:25:21:dd:b8:32:4d:
2b:16:a8:9f:e0:e6:93:8a:5b:a1:ba:34:2e:c1:9f:
fe:7d:97:02:78:0a:51:02:2f:6d:27:63:93:b1:c9:
7c:c2:f5:f8:ef:22:2d:bb:8f:46:f1:fc:c6:7f:68:
be:91:1f:db:9f:4b:a6:8a:d4:75:a8:94:31:99:c1:
96:51:75:3e:0a:e7:a3:34:69:ae:08:97:ee:2e:8a:
a7:43:94:b7:38:44:0e:30:23:40:60:41:76:37:36:
42:4c:ba:36:06:af:01:be:bc:0a:a8:0c:93:7a:c5:
00:53:d8:26:f6:e0:39:48:36:76:d8:59:45:ca:65:
53:85:13:cd:8f:c9:ff:aa:e5:d5:b6:7f:8b:d6:ee:
af:16:ae:e9:62:fe:58:cf:17:49:6c:ec:d2:de:f0:
d8:e8:6e:6f:2b:2c:31:de:46:67:c4:1f:76:15:ef:
a8:01:6c:6d:ea:0c:13:3e:0a:3d:51:e2:68:93:f1:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:7E:D8:6D:8F:3E:CF:4C:5F:0F:F8:D9:5D:DC:1D:1A:09:5C:D8:8D
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/mH7YbY8-z0xfD_jZXdwdGglc2I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.216.0/21
185.55.220.0/22
206.195.32.0/19
IPv6:
2a04:5780::/29
Signature Algorithm: sha256WithRSAEncryption
a2:5e:a3:fa:29:22:1e:ae:06:b6:e2:aa:72:64:2b:ba:6e:b7:
f1:c0:e6:4a:e1:9b:9e:42:59:f0:91:9e:32:64:5a:fd:90:e4:
0a:99:0d:c3:42:16:8c:a9:51:b3:28:f1:5f:a7:6e:76:ee:59:
e6:0f:25:8e:d6:83:8f:bd:d4:86:11:7f:81:6a:83:a7:0b:81:
9a:e7:2d:d4:96:ce:c5:14:1b:74:1c:15:99:2d:d0:b9:eb:ce:
7f:12:1d:14:aa:f1:14:7d:9a:41:72:89:30:9a:6c:4b:5e:ac:
36:46:86:bf:06:3b:6d:1c:e2:ae:f7:c6:c1:be:c6:94:bd:3d:
3c:57:b0:64:eb:af:8f:af:3a:e6:fd:15:02:09:ac:4e:22:65:
cb:d9:f3:88:5f:12:93:7e:22:bf:e8:08:3d:4a:23:fa:1f:02:
19:b9:1f:1c:4d:3c:2e:32:fa:dc:33:54:07:f0:0e:1b:c8:4b:
d1:25:63:b4:9e:37:c0:cf:71:e6:dd:ba:91:87:d0:f9:39:e5:
68:6e:0c:d7:0b:e8:5f:72:d3:9c:c1:22:a9:82:86:b5:bd:88:
99:82:db:12:0d:71:5f:8a:36:d1:bc:23:a0:fa:57:08:f9:12:
22:df:fd:74:3f:0c:20:68:b3:81:20:c6:e7:40:d8:63:2d:da:
fa:7c:bd:6b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtiq/LQHCnJ7aJdh3PuVoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjMwMTAxMTMzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODdlZDg2ZDhmM2VjZjRjNWYwZmY4ZDk1ZGRjMWQxYTA5NWNkODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfcjdPERujxpIkZxU1txM6zpBMnN
l/5UvnOvlWOjTEsvy1bpOS/VfPSe8DG2loLFdzqQpeAiPu3P9Zd7Yx28HAVFb2Ql
Id24Mk0rFqif4OaTiluhujQuwZ/+fZcCeApRAi9tJ2OTscl8wvX47yItu49G8fzG
f2i+kR/bn0umitR1qJQxmcGWUXU+CuejNGmuCJfuLoqnQ5S3OEQOMCNAYEF2NzZC
TLo2Bq8BvrwKqAyTesUAU9gm9uA5SDZ22FlFymVThRPNj8n/quXVtn+L1u6vFq7p
Yv5YzxdJbOzS3vDY6G5vKywx3kZnxB92Fe+oAWxt6gwTPgo9UeJok/F3jwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJh+2G2PPs9MXw/42V3cHRoJXNiNMB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvbUg3WWJZOC16MHhmRF9qWlhkd2RHZ2xjMkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDV+3YAwQC
uTfcAwQFzsMgMA0EAgACMAcDBQMqBFeAMA0GCSqGSIb3DQEBCwUAA4IBAQCiXqP6
KSIerga24qpyZCu6brfxwOZK4ZueQlnwkZ4yZFr9kOQKmQ3DQhaMqVGzKPFfp252
7lnmDyWO1oOPvdSGEX+BaoOnC4Ga5y3Uls7FFBt0HBWZLdC5685/Eh0UqvEUfZpB
cokwmmxLXqw2Roa/BjttHOKu98bBvsaUvT08V7Bk66+Przrm/RUCCaxOImXL2fOI
XxKTfiK/6Ag9SiP6HwIZuR8cTTwuMvrcM1QH8A4byEvRJWO0njfAz3Hm3bqRh9D5
OeVobgzXC+hfctOcwSKpgoa1vYiZgtsSDXFfijbRvCOg+lcI+RIi3/10PwwgaLOB
IMbnQNhjLdr6fL1r
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:48 2025 by rpki-client