Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/oCEDyznmHG102ArUd0dgAqHgwZA.roa
File: oCEDyznmHG102ArUd0dgAqHgwZA.roa (raw, json)
Hash identifier: X+boE+TGr/voHx3jTIRH99xY7F8anNbQDBq1W3C+BA8=
Subject key identifier: A0:21:03:CB:39:E6:1C:6D:74:D8:0A:D4:77:47:60:02:A1:E0:C1:90
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01852910F997A68E2AAC875A20CB9E40DA2D
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/oCEDyznmHG102ArUd0dgAqHgwZA.roa
Signing time: Mon 19 Dec 2022 06:27:36 +0000
ROA not before: Mon 19 Dec 2022 06:27:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48716
IP address blocks: 90.156.230.0/24 maxlen: 24
217.151.230.0/24 maxlen: 24
2a03:6f06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:10:f9:97:a6:8e:2a:ac:87:5a:20:cb:9e:40:da:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Dec 19 06:27:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a02103cb39e61c6d74d80ad477476002a1e0c190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:90:7e:c4:4f:80:0e:ea:fe:eb:e9:50:c1:0c:
27:90:89:0c:ef:ee:c3:e0:f2:a7:91:97:64:65:e4:
ec:bc:2d:b8:7d:9c:f6:4d:7f:48:1f:b3:85:92:f6:
5c:07:98:3a:43:4f:42:c1:d3:c3:e4:e4:df:6b:41:
1a:92:39:7d:a7:4c:45:4b:fb:85:83:6f:c8:a9:6f:
58:b2:65:b0:4a:7e:b4:ef:a2:6b:5b:ba:64:2f:ca:
0a:eb:f3:94:20:f9:e5:46:c0:43:f1:b9:36:d7:d4:
42:44:e5:e0:2a:24:e5:dc:a7:76:83:d0:8d:3e:b9:
ca:a1:71:c3:55:8e:d6:56:82:d1:6d:87:de:fe:da:
27:32:01:fe:48:74:3a:31:ab:db:60:a5:a0:68:a1:
7a:93:70:26:28:e3:71:a0:31:e0:0c:62:3e:3b:86:
3d:52:66:b8:17:bf:94:63:26:bd:4e:b3:84:1e:16:
5f:47:3f:e3:fe:66:50:55:7e:12:06:64:18:c8:1f:
69:74:c1:b4:64:31:4e:94:f0:d5:79:8f:62:cd:29:
b8:52:04:98:b7:44:3b:c1:d4:85:93:1a:1d:be:a8:
31:de:01:e8:8b:4a:fd:79:0a:53:1a:7e:f4:c0:f7:
77:e6:0f:07:16:1f:b1:b0:ac:18:44:f1:c4:87:b5:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:21:03:CB:39:E6:1C:6D:74:D8:0A:D4:77:47:60:02:A1:E0:C1:90
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/oCEDyznmHG102ArUd0dgAqHgwZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.156.230.0/24
217.151.230.0/24
IPv6:
2a03:6f06::/32
Signature Algorithm: sha256WithRSAEncryption
7b:f3:aa:14:19:e7:42:fe:80:d9:fd:a2:93:98:76:26:89:9d:
a1:71:e7:c0:f2:41:4a:7c:e6:38:50:08:20:ce:be:da:56:c9:
2c:51:f8:d0:f3:6f:d4:d6:63:08:4b:cb:48:a6:a6:d3:c1:89:
57:24:e5:ab:91:42:18:7f:88:0c:e4:93:71:ce:67:f6:56:a6:
df:18:e1:f9:5e:e5:69:30:9f:69:1e:b7:e4:1e:38:bb:1d:7f:
01:36:99:77:fa:3f:b1:2f:cf:a3:d4:9a:f3:51:19:5b:31:04:
a8:f9:d3:76:c3:7d:ac:d6:34:c3:04:8e:a9:b9:d6:35:e4:05:
23:4d:94:a8:a3:95:74:d8:62:75:63:34:1e:8e:11:e3:4b:4c:
3a:74:50:8e:b2:cb:ba:cd:05:f4:ab:95:8f:8a:55:19:0e:df:
5d:55:49:49:41:bb:32:d5:80:f2:9e:63:43:d2:28:40:4b:8d:
db:a3:7d:98:37:08:d2:7d:01:15:66:24:98:40:0d:3e:c6:24:
0e:ea:57:05:c1:07:fc:7e:da:f6:8a:80:66:9b:ca:01:6a:e3:
26:c6:e0:e8:5f:55:aa:d5:3c:1c:07:b6:81:75:d8:3a:fb:1e:
54:a2:f1:54:bc:3a:67:ba:15:5e:9e:38:b9:89:5d:8d:f6:69:
7f:2c:f2:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUpEPmXpo4qrIdaIMueQNotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMjE5MDYyNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIxMDNjYjM5ZTYxYzZkNzRkODBhZDQ3NzQ3NjAwMmExZTBjMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpB+xE+ADur+6+lQwQwnkIkM7+7D
4PKnkZdkZeTsvC24fZz2TX9IH7OFkvZcB5g6Q09CwdPD5OTfa0Eakjl9p0xFS/uF
g2/IqW9YsmWwSn6076JrW7pkL8oK6/OUIPnlRsBD8bk219RCROXgKiTl3Kd2g9CN
PrnKoXHDVY7WVoLRbYfe/tonMgH+SHQ6MavbYKWgaKF6k3AmKONxoDHgDGI+O4Y9
Uma4F7+UYya9TrOEHhZfRz/j/mZQVX4SBmQYyB9pdMG0ZDFOlPDVeY9izSm4UgSY
t0Q7wdSFkxodvqgx3gHoi0r9eQpTGn70wPd35g8HFh+xsKwYRPHEh7VGGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKAhA8s55hxtdNgK1HdHYAKh4MGQMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvb0NFRHl6bm1IRzEwMkFyVWQwZGdBcUhnd1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWpzmAwQA
2ZfmMA0EAgACMAcDBQAqA28GMA0GCSqGSIb3DQEBCwUAA4IBAQB786oUGedC/oDZ
/aKTmHYmiZ2hcefA8kFKfOY4UAggzr7aVsksUfjQ82/U1mMIS8tIpqbTwYlXJOWr
kUIYf4gM5JNxzmf2VqbfGOH5XuVpMJ9pHrfkHji7HX8BNpl3+j+xL8+j1JrzURlb
MQSo+dN2w32s1jTDBI6pudY15AUjTZSoo5V02GJ1YzQejhHjS0w6dFCOssu6zQX0
q5WPilUZDt9dVUlJQbsy1YDynmND0ihAS43bo32YNwjSfQEVZiSYQA0+xiQO6lcF
wQf8ftr2ioBmm8oBauMmxuDoX1Wq1TwcB7aBddg6+x5UovFUvDpnuhVenji5iV2N
9ml/LPJb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:41 2023 by rpki-client on console-ams.rpki-client.org