Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/2P90hJ-wWl-frIFufsYuvg2Osy0.roa
File: 2P90hJ-wWl-frIFufsYuvg2Osy0.roa (raw, json)
Hash identifier: nQsxEf6W56FFPpWuEyGQ1OF2cg5+kDiM0XiU8/x0ods=
Subject key identifier: D8:FF:74:84:9F:B0:5A:5F:9F:AC:81:6E:7E:C6:2E:BE:0D:8E:B3:2D
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 01854FC2250914A86D4D5DDD643842561989
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/2P90hJ-wWl-frIFufsYuvg2Osy0.roa
Signing time: Mon 26 Dec 2022 18:46:41 +0000
ROA not before: Mon 26 Dec 2022 18:46:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 194.110.171.0/24 maxlen: 24
194.110.170.0/24 maxlen: 24
194.110.168.0/24 maxlen: 24
185.84.183.0/24 maxlen: 24
185.84.182.0/24 maxlen: 24
185.84.181.0/24 maxlen: 24
185.84.180.0/24 maxlen: 24
2a05:a740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:c2:25:09:14:a8:6d:4d:5d:dd:64:38:42:56:19:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Dec 26 18:46:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8ff74849fb05a5f9fac816e7ec62ebe0d8eb32d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:20:5d:79:f6:9e:25:6b:2a:54:19:2c:d0:
61:a7:15:49:c4:c4:c8:fb:42:e5:ca:1c:f9:66:c5:
6a:bb:5e:e0:b9:1d:08:7a:52:fd:bc:ca:63:a5:d0:
d9:a7:4c:27:ab:0d:92:10:d8:ca:93:5b:6d:84:b6:
12:39:42:64:aa:39:ee:cd:36:ee:f0:e6:eb:28:3b:
e5:48:9d:87:c1:38:99:1c:3e:63:3a:fc:96:91:51:
ce:5d:1b:a9:b1:96:1f:38:bd:25:c2:4e:16:ce:29:
aa:39:9a:b8:75:e7:a6:cb:d0:de:c7:a5:d4:e9:66:
01:3b:b7:b9:1f:54:86:a9:92:09:42:f5:43:1a:98:
8b:8f:e3:62:e2:98:2e:5b:6f:38:7f:9a:dc:c3:bb:
fb:3f:d2:ac:ad:1d:42:29:4d:13:5e:82:75:a1:74:
b6:2c:58:6c:52:c6:51:e1:16:fb:28:3e:3f:5f:f5:
61:68:3b:00:3d:83:35:52:15:6f:d3:57:ee:34:8e:
f0:2e:7e:53:b2:14:07:e1:b5:af:04:fd:e9:c6:44:
46:fc:a5:0c:bd:06:46:6d:21:7b:b1:38:d7:40:2f:
e5:ab:9c:50:8a:6c:a8:12:94:b3:62:e4:f0:20:0c:
a7:44:33:21:f8:a0:e7:43:af:d3:8e:10:67:0c:de:
7a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FF:74:84:9F:B0:5A:5F:9F:AC:81:6E:7E:C6:2E:BE:0D:8E:B3:2D
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/2P90hJ-wWl-frIFufsYuvg2Osy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.180.0/22
194.110.168.0/24
194.110.170.0/23
IPv6:
2a05:a740::/29
Signature Algorithm: sha256WithRSAEncryption
0d:2f:cd:95:38:3b:dd:03:1c:99:5d:57:22:ee:9a:d9:c8:5e:
54:54:7c:4f:8b:2a:2d:93:0e:39:f1:b6:33:ba:db:c0:31:d6:
90:18:10:04:b4:53:bf:3a:4e:67:58:08:8b:a5:6b:92:22:69:
59:e3:84:b0:8f:12:67:35:96:23:30:18:a6:34:6f:68:d2:c0:
a4:1e:a6:b7:d5:c0:81:d4:4d:ee:28:b2:d4:98:62:ce:a3:3f:
af:95:a9:52:e2:4a:b0:9c:f3:9b:fb:e0:b2:6d:d1:ab:ec:df:
32:11:77:73:3a:8e:82:e5:08:91:33:3c:d2:18:20:58:19:65:
01:af:d7:68:f9:74:a6:75:4f:88:2d:47:64:e4:26:3f:2c:aa:
65:e1:12:df:8e:af:56:cd:a3:9b:eb:20:3b:24:d7:3b:a8:23:
9d:d9:97:70:e4:cd:8c:c9:0e:d6:ee:15:97:bf:77:f1:46:e6:
f9:26:43:bf:0b:8d:d4:90:8c:57:4b:1d:0f:4d:f5:9f:31:52:
75:7f:86:a8:d0:b6:09:95:bb:d9:39:8c:eb:e9:8c:7c:c9:2e:
ff:19:4b:a3:c1:5f:db:cd:34:fc:5e:a8:37:d6:16:f8:6d:af:
6e:f8:07:18:e8:6c:74:87:6e:4c:da:fc:98:50:06:89:36:94:
82:0b:45:da
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVPwiUJFKhtTV3dZDhCVhmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjIxMjI2MTg0NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZmNzQ4NDlmYjA1YTVmOWZhYzgxNmU3ZWM2MmViZTBkOGViMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve0gXXn2niVrKlQZLNBhpxVJxMTI
+0Llyhz5ZsVqu17guR0IelL9vMpjpdDZp0wnqw2SENjKk1tthLYSOUJkqjnuzTbu
8ObrKDvlSJ2HwTiZHD5jOvyWkVHOXRupsZYfOL0lwk4WzimqOZq4deemy9Dex6XU
6WYBO7e5H1SGqZIJQvVDGpiLj+Ni4pguW284f5rcw7v7P9KsrR1CKU0TXoJ1oXS2
LFhsUsZR4Rb7KD4/X/VhaDsAPYM1UhVv01fuNI7wLn5TshQH4bWvBP3pxkRG/KUM
vQZGbSF7sTjXQC/lq5xQimyoEpSzYuTwIAynRDMh+KDnQ6/TjhBnDN56eQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNj/dISfsFpfn6yBbn7GLr4NjrMtMB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvMlA5MGhKLXdXbC1mcklGdWZzWXV2ZzJPc3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVS0AwQA
wm6oAwQBwm6qMA0EAgACMAcDBQMqBadAMA0GCSqGSIb3DQEBCwUAA4IBAQANL82V
ODvdAxyZXVci7prZyF5UVHxPiyotkw458bYzutvAMdaQGBAEtFO/Ok5nWAiLpWuS
ImlZ44SwjxJnNZYjMBimNG9o0sCkHqa31cCB1E3uKLLUmGLOoz+vlalS4kqwnPOb
++CybdGr7N8yEXdzOo6C5QiRMzzSGCBYGWUBr9do+XSmdU+ILUdk5CY/LKpl4RLf
jq9WzaOb6yA7JNc7qCOd2Zdw5M2MyQ7W7hWXv3fxRub5JkO/C43UkIxXSx0PTfWf
MVJ1f4ao0LYJlbvZOYzr6Yx8yS7/GUujwV/bzTT8Xqg31hb4ba9u+AcY6Gx0h25M
2vyYUAaJNpSCC0Xa
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:09 2023 by rpki-client on console.sobornost.net