Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/pwx8IAJJRAvE5yCnbgNvIfiGX14.roa
File: pwx8IAJJRAvE5yCnbgNvIfiGX14.roa (raw, json)
Hash identifier: Owr1MEOq4ZoF6UVTn1ORK/zS99YPbmgMMwtlMCcnbUM=
Subject key identifier: A7:0C:7C:20:02:49:44:0B:C4:E7:20:A7:6E:03:6F:21:F8:86:5F:5E
Certificate issuer: /CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef
Certificate serial: 0BC415CA
Authority key identifier: 08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/pwx8IAJJRAvE5yCnbgNvIfiGX14.roa
Signing time: Sat 01 Jan 2022 14:07:54 +0000
ROA not before: Sat 01 Jan 2022 14:07:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42229
IP address blocks: 185.1.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197400010 (0xbc415ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef
Validity
Not Before: Jan 1 14:07:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a70c7c200249440bc4e720a76e036f21f8865f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4d:d4:26:7c:96:e2:a4:1f:55:57:24:16:5f:
d6:f2:95:0b:fa:c0:9f:d1:92:30:28:64:6f:37:be:
df:ea:f9:8c:ed:87:f9:b6:48:b2:e6:1a:0c:e4:3f:
04:fe:92:94:90:ce:35:fe:73:f4:39:61:d9:1a:74:
93:f9:ed:b3:b0:dc:24:c0:99:c3:04:b0:8f:2f:14:
75:bc:05:3f:9f:70:9a:db:05:c2:d2:91:45:1f:f6:
26:34:6d:f2:5d:01:b7:9a:a2:d7:85:ed:7d:52:05:
ae:db:32:6b:68:fa:8c:4c:7f:c2:f1:ad:00:93:20:
fa:9e:38:e0:82:cc:e5:81:7e:43:91:07:78:c2:62:
ae:8a:0d:2a:c9:6b:5a:48:ea:5d:ca:30:d5:99:18:
94:d1:a0:61:4c:c9:d6:67:59:0d:cf:17:e2:5a:d3:
33:29:66:f7:eb:2b:fd:cf:4f:5f:c8:15:c0:70:3f:
f6:50:27:43:85:c0:3c:5a:a9:4d:73:b7:51:77:f4:
61:56:28:dc:8a:aa:41:fd:6d:b7:6b:5b:54:a5:d8:
e2:11:15:7d:ba:cc:d0:d2:94:96:6a:c9:59:12:dd:
bd:fd:a8:e1:07:02:76:08:db:50:88:42:6c:46:93:
51:b3:12:97:b7:83:fb:a2:a1:86:d6:d9:f0:c4:92:
8b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:0C:7C:20:02:49:44:0B:C4:E7:20:A7:6E:03:6F:21:F8:86:5F:5E
X509v3 Authority Key Identifier:
keyid:08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/pwx8IAJJRAvE5yCnbgNvIfiGX14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.90.0/24
Signature Algorithm: sha256WithRSAEncryption
11:05:9e:31:48:32:e1:96:db:3f:b8:d3:a4:ad:b8:0f:c8:82:
ed:9e:83:82:6e:60:99:3e:6d:3b:be:67:d2:e2:ef:61:a1:33:
8e:d4:02:f5:1e:0f:52:0a:e3:f4:d6:a0:bc:1f:00:a6:61:af:
58:3f:b9:fb:7d:62:e4:b8:e5:87:a7:f6:69:76:01:89:11:1b:
15:04:78:03:e7:b6:61:71:3e:2b:31:c0:c2:75:b2:30:78:07:
94:fa:ec:cf:c4:5c:d9:72:cb:5c:02:cd:77:38:eb:dd:ec:d3:
d8:82:c8:07:b8:e2:58:60:9b:e2:99:a0:66:7b:83:38:d6:cb:
fc:f3:28:d6:83:e7:e6:e9:a9:bb:b9:32:d1:32:98:02:f6:e8:
ad:a8:45:ba:72:dd:49:8a:c6:e8:9d:da:79:0c:78:38:ab:d2:
78:47:62:c4:eb:fe:70:69:5c:e2:e2:a7:37:88:a0:f2:8b:4f:
f0:b0:c0:e3:cb:1f:08:62:1a:fe:50:95:9a:84:2b:d6:e5:c1:
8c:e9:9a:bf:e6:92:1e:a1:05:64:21:e1:c4:5c:42:61:25:09:
2c:d7:b4:ff:2c:59:4d:df:c2:3c:2a:43:9b:b6:3d:3a:ee:d1:
ac:ea:7a:c5:60:db:87:04:79:55:bc:13:f8:b9:9a:0d:3e:97:
d8:e0:25:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC8QVyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGQzYTUxNTY4M2U5ZGRiODVkMzhlN2FiMzljMzNhZWRhY2FmN2VmMB4XDTIyMDEw
MTE0MDc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTcwYzdjMjAwMjQ5
NDQwYmM0ZTcyMGE3NmUwMzZmMjFmODg2NWY1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZN1CZ8luKkH1VXJBZf1vKVC/rAn9GSMChkbze+3+r5jO2H
+bZIsuYaDOQ/BP6SlJDONf5z9Dlh2Rp0k/nts7DcJMCZwwSwjy8UdbwFP59wmtsF
wtKRRR/2JjRt8l0Bt5qi14XtfVIFrtsya2j6jEx/wvGtAJMg+p444ILM5YF+Q5EH
eMJirooNKslrWkjqXcow1ZkYlNGgYUzJ1mdZDc8X4lrTMylm9+sr/c9PX8gVwHA/
9lAnQ4XAPFqpTXO3UXf0YVYo3IqqQf1tt2tbVKXY4hEVfbrM0NKUlmrJWRLdvf2o
4QcCdgjbUIhCbEaTUbMSl7eD+6KhhtbZ8MSSi0cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnDHwgAklEC8TnIKduA28h+IZfXjAfBgNVHSMEGDAWgBQI06UVaD6d24XT
jnqznDOu2sr37zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NOT2xGV2ctbmR1RjA0NTZzNXd6cnRySzktOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNjdjZmEwLWEzMmItNDA2My05MzcwLTBiNWM1ZDk0NDI2YS8x
L3B3eDhJQUpKUkF2RTV5Q25iZ052SWZpR1gxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NjdjZmEwLWEzMmItNDA2My05MzcwLTBiNWM1ZDk0NDI2YS8xL0NOT2xGV2ctbmR1
RjA0NTZzNXd6cnRySzktOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkBWjANBgkqhkiG9w0BAQsFAAOC
AQEAEQWeMUgy4ZbbP7jTpK24D8iC7Z6Dgm5gmT5tO75n0uLvYaEzjtQC9R4PUgrj
9NagvB8ApmGvWD+5+31i5Ljlh6f2aXYBiREbFQR4A+e2YXE+KzHAwnWyMHgHlPrs
z8Rc2XLLXALNdzjr3ezT2ILIB7jiWGCb4pmgZnuDONbL/PMo1oPn5umpu7ky0TKY
AvborahFunLdSYrG6J3aeQx4OKvSeEdixOv+cGlc4uKnN4ig8otP8LDA48sfCGIa
/lCVmoQr1uXBjOmav+aSHqEFZCHhxFxCYSUJLNe0/yxZTd/CPCpDm7Y9Ou7RrOp6
xWDbhwR5VbwT+LmaDT6X2OAl4Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net