Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/c7f05d-35f5-4115-9f7f-fcaaf2ef3601/1/ayJIXUZUKwCfyLRgWZOXvlDdWuA.roa
File: ayJIXUZUKwCfyLRgWZOXvlDdWuA.roa (raw, json)
Hash identifier: 2Thm6NbyEMepST4h0exKLF85Ha0urWQ7hALXk0YyTSo=
Subject key identifier: 6B:22:48:5D:46:54:2B:00:9F:C8:B4:60:59:93:97:BE:50:DD:5A:E0
Certificate issuer: /CN=b999dd5ac03225844b6b490f92f0347ccf096708
Certificate serial: 0185711E6E39524936CDC6E1AF877C22D5DA
Authority key identifier: B9:99:DD:5A:C0:32:25:84:4B:6B:49:0F:92:F0:34:7C:CF:09:67:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZndWsAyJYRLa0kPkvA0fM8JZwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/c7f05d-35f5-4115-9f7f-fcaaf2ef3601/1/ayJIXUZUKwCfyLRgWZOXvlDdWuA.roa
Signing time: Mon 02 Jan 2023 06:14:57 +0000
ROA not before: Mon 02 Jan 2023 06:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41071
IP address blocks: 185.90.11.0/24 maxlen: 24
185.90.8.0/23 maxlen: 23
185.90.8.0/22 maxlen: 22
185.90.10.0/24 maxlen: 24
2a05:db80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:6e:39:52:49:36:cd:c6:e1:af:87:7c:22:d5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b999dd5ac03225844b6b490f92f0347ccf096708
Validity
Not Before: Jan 2 06:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b22485d46542b009fc8b460599397be50dd5ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:06:53:a1:19:db:d6:7f:a2:76:32:4d:32:
85:77:8f:2a:a0:fd:c5:ac:6f:3b:0e:cc:83:61:b0:
b0:60:d7:5a:2d:bc:0c:13:ed:62:6c:04:ae:fa:a6:
b3:e3:be:2a:80:4a:5b:b0:60:9a:76:cb:2a:98:99:
8b:36:df:38:c6:ef:bd:7f:be:4b:e0:77:66:4d:75:
41:5c:ca:78:1f:ea:1b:b1:a8:73:4d:ca:da:07:5e:
a4:ac:7b:8f:c9:86:6c:aa:af:a3:72:9b:7b:ca:84:
36:dd:41:db:b8:4f:ee:00:5e:61:3c:a3:7e:c1:0e:
e5:65:25:b5:f9:0f:ff:b7:b0:c4:30:57:66:49:fb:
b2:61:f3:9f:f8:58:17:83:a5:c7:d4:01:37:09:0f:
ab:69:b0:0d:91:61:90:ad:34:ff:ef:24:1b:d1:7b:
0d:a7:79:25:ac:16:f6:a9:ff:00:b1:2e:88:42:aa:
2d:79:aa:ff:16:5b:a0:88:64:0b:38:4a:d3:46:a3:
40:7b:12:ad:be:2b:b5:73:b7:6d:43:76:62:ce:1d:
06:d2:35:b8:be:18:99:17:a3:b1:0f:49:8a:85:0c:
cd:8b:41:85:42:2d:27:61:59:a3:df:7e:30:e8:5e:
1e:84:19:59:8f:72:5c:64:53:b8:6b:0f:90:04:8b:
7e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:22:48:5D:46:54:2B:00:9F:C8:B4:60:59:93:97:BE:50:DD:5A:E0
X509v3 Authority Key Identifier:
keyid:B9:99:DD:5A:C0:32:25:84:4B:6B:49:0F:92:F0:34:7C:CF:09:67:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZndWsAyJYRLa0kPkvA0fM8JZwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/c7f05d-35f5-4115-9f7f-fcaaf2ef3601/1/ayJIXUZUKwCfyLRgWZOXvlDdWuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/c7f05d-35f5-4115-9f7f-fcaaf2ef3601/1/uZndWsAyJYRLa0kPkvA0fM8JZwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.8.0/22
IPv6:
2a05:db80::/29
Signature Algorithm: sha256WithRSAEncryption
8b:c5:da:88:c9:1f:04:84:81:2a:37:e6:70:e8:7d:e8:b0:0f:
8c:c3:e7:86:3f:1c:c1:d1:4b:5f:f8:56:f8:de:5f:77:f3:7d:
8f:df:6d:c3:44:2e:67:aa:32:9b:13:01:4c:9f:8a:b1:38:5c:
50:6d:00:5e:ee:8e:64:92:e1:b0:ad:ee:33:1a:95:e0:e4:b5:
37:b0:75:06:bd:ee:cf:91:76:28:c0:12:50:b1:14:e1:c9:26:
51:61:93:7f:de:10:3e:99:ac:4e:fe:3b:ec:a9:6a:23:a6:ad:
54:d2:6f:c9:bf:8a:3e:ba:b6:d4:39:c7:a8:0a:5e:a4:04:b8:
03:1d:28:94:63:5d:14:b1:50:e4:4e:0d:7e:cb:ce:94:2b:34:
72:57:2e:af:82:33:25:c2:bd:87:25:f5:b4:bb:bd:62:aa:91:
a3:f3:08:f7:c3:b3:93:97:43:a7:40:24:a7:f9:f1:3b:98:82:
aa:f8:34:c6:92:24:97:e9:82:62:c7:6a:2b:4d:67:96:42:53:
07:bf:f2:a8:2f:b6:01:a4:75:10:5a:ed:5c:6d:52:fd:04:69:
36:4b:d1:5b:a3:f7:57:02:f6:e3:c2:31:d1:76:11:44:1a:28:
36:01:e2:94:61:75:ec:18:00:cf:05:b7:24:3f:dc:56:e2:23:
f5:1e:dd:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHm45Ukk2zcbhr4d8ItXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTlkZDVhYzAzMjI1ODQ0YjZiNDkwZjkyZjAzNDdjY2Yw
OTY3MDgwHhcNMjMwMTAyMDYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIyNDg1ZDQ2NTQyYjAwOWZjOGI0NjA1OTkzOTdiZTUwZGQ1YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT8GU6EZ29Z/onYyTTKFd48qoP3F
rG87DsyDYbCwYNdaLbwME+1ibASu+qaz474qgEpbsGCadssqmJmLNt84xu+9f75L
4HdmTXVBXMp4H+obsahzTcraB16krHuPyYZsqq+jcpt7yoQ23UHbuE/uAF5hPKN+
wQ7lZSW1+Q//t7DEMFdmSfuyYfOf+FgXg6XH1AE3CQ+rabANkWGQrTT/7yQb0XsN
p3klrBb2qf8AsS6IQqotear/FlugiGQLOErTRqNAexKtviu1c7dtQ3Zizh0G0jW4
vhiZF6OxD0mKhQzNi0GFQi0nYVmj334w6F4ehBlZj3JcZFO4aw+QBIt+YQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGsiSF1GVCsAn8i0YFmTl75Q3VrgMB8GA1UdIwQY
MBaAFLmZ3VrAMiWES2tJD5LwNHzPCWcIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpuZFdzQXlKWVJMYTBrUGt2QTBmTThKWndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9jN2YwNWQtMzVmNS00MTE1LTlmN2Yt
ZmNhYWYyZWYzNjAxLzEvYXlKSVhVWlVLd0NmeUxSZ1daT1h2bERkV3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9jN2YwNWQtMzVmNS00MTE1LTlmN2YtZmNhYWYyZWYzNjAx
LzEvdVpuZFdzQXlKWVJMYTBrUGt2QTBmTThKWndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVoIMA0E
AgACMAcDBQMqBduAMA0GCSqGSIb3DQEBCwUAA4IBAQCLxdqIyR8EhIEqN+Zw6H3o
sA+Mw+eGPxzB0Utf+Fb43l93832P323DRC5nqjKbEwFMn4qxOFxQbQBe7o5kkuGw
re4zGpXg5LU3sHUGve7PkXYowBJQsRThySZRYZN/3hA+maxO/jvsqWojpq1U0m/J
v4o+urbUOceoCl6kBLgDHSiUY10UsVDkTg1+y86UKzRyVy6vgjMlwr2HJfW0u71i
qpGj8wj3w7OTl0OnQCSn+fE7mIKq+DTGkiSX6YJix2orTWeWQlMHv/KoL7YBpHUQ
Wu1cbVL9BGk2S9Fbo/dXAvbjwjHRdhFEGig2AeKUYXXsGADPBbckP9xW4iP1Ht2G
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:45:38 2025 by rpki-client