Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1WTJ9syIu_qLc4usEjHVTUlqrss.roa
File: 1WTJ9syIu_qLc4usEjHVTUlqrss.roa (raw, json)
Hash identifier: BRu6v6gvZ+RVxqlfHJj7MXU+QnXKDb9NbxtJaNSLhJs=
Subject key identifier: D5:64:C9:F6:CC:88:BB:FA:8B:73:8B:AC:12:31:D5:4D:49:6A:AE:CB
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09C89998
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1WTJ9syIu_qLc4usEjHVTUlqrss.roa
Signing time: Wed 22 Jun 2022 09:08:44 +0000
ROA not before: Wed 22 Jun 2022 09:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164141464 (0x9c89998)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 22 09:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d564c9f6cc88bbfa8b738bac1231d54d496aaecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:b4:53:dd:45:4e:68:98:38:41:c7:4e:c9:
c6:9a:b9:66:98:84:70:cf:e7:39:37:83:1e:95:04:
af:87:d4:88:f6:68:31:10:22:8b:a9:42:5f:44:c8:
17:29:81:39:e8:d2:12:7c:4e:e0:a4:30:e6:2c:39:
11:93:99:0c:c1:54:24:9b:55:80:56:e4:42:d5:33:
00:26:1d:90:d1:5e:f4:99:0c:f7:f3:0c:f8:6b:a9:
f4:0b:c5:61:f4:93:d7:5d:64:29:08:a7:af:b4:01:
0c:8b:fc:3b:16:70:dc:12:b9:b8:a1:9b:41:1d:71:
fc:1b:36:98:f0:4a:b8:50:41:be:4c:ab:c7:b3:52:
2f:52:e4:ee:43:16:81:15:de:3e:37:e6:38:14:1f:
85:38:02:b0:3e:48:7e:f8:c2:6d:36:31:65:db:f7:
55:53:37:1c:2c:04:df:0e:65:99:4b:8a:08:cb:28:
1f:ee:eb:a3:6d:f6:cf:f6:1e:d9:4e:17:56:5d:ef:
32:f7:2f:bb:1d:6d:6b:f4:28:d0:77:f8:d4:fd:7a:
53:2d:7b:a6:f0:7b:17:ab:c9:81:60:f6:ea:79:ff:
4e:ca:4e:68:0a:33:7d:d2:4f:03:d0:32:4c:1a:de:
40:a6:fd:70:a5:63:e4:3c:16:9d:45:de:c4:4b:2f:
e3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:64:C9:F6:CC:88:BB:FA:8B:73:8B:AC:12:31:D5:4D:49:6A:AE:CB
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1WTJ9syIu_qLc4usEjHVTUlqrss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.150.0/24
77.90.178.0/24
77.90.185.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.136.0/24
213.209.144.0/24
213.209.146.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
00:28:74:84:fa:8c:09:60:40:c7:eb:a4:f8:3a:15:52:4f:f3:
94:2b:33:62:4b:d6:e0:30:f7:0c:c8:dc:38:1e:96:4e:84:1e:
06:16:91:e2:b1:82:e9:db:91:98:5c:2c:02:8e:45:05:59:81:
55:9d:cf:21:b5:46:d9:0b:da:89:c0:8a:51:11:21:54:0f:22:
c2:06:e2:2d:a5:66:03:73:78:a2:6f:1e:72:f8:fc:55:19:b5:
7c:47:d0:b3:52:84:67:00:3e:da:3d:71:fe:9b:aa:08:de:c1:
cb:e4:96:2b:f2:b5:c7:b1:c9:3d:76:19:1a:32:7f:b2:dc:ff:
23:79:58:d5:52:d9:b5:0a:22:16:ba:12:2d:18:a7:37:ee:fe:
59:2a:1a:4f:0a:e1:37:fc:09:ed:83:c4:dc:ef:48:4c:61:4d:
4c:40:52:68:c3:3f:16:34:a3:ed:ee:d6:50:bd:d2:89:b0:6d:
a5:bc:0d:fc:32:7a:3f:e9:5c:02:d9:81:20:0c:9b:4b:0a:31:
35:10:73:07:02:bd:1f:f5:ab:5b:c9:ba:eb:07:99:33:68:37:
5a:36:a6:40:11:32:88:82:f7:d8:a8:c2:97:2e:e5:28:e5:e1:
1f:a2:61:02:41:94:01:c4:2b:12:91:1c:65:e2:a6:52:3c:f5:
d4:d5:ce:b8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIECciZmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MjA5MDg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU2NGM5ZjZjYzg4
YmJmYThiNzM4YmFjMTIzMWQ1NGQ0OTZhYWVjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK36tFPdRU5omDhBx07Jxpq5ZpiEcM/nOTeDHpUEr4fUiPZo
MRAii6lCX0TIFymBOejSEnxO4KQw5iw5EZOZDMFUJJtVgFbkQtUzACYdkNFe9JkM
9/MM+Gup9AvFYfST111kKQinr7QBDIv8OxZw3BK5uKGbQR1x/Bs2mPBKuFBBvkyr
x7NSL1Lk7kMWgRXePjfmOBQfhTgCsD5IfvjCbTYxZdv3VVM3HCwE3w5lmUuKCMso
H+7ro232z/Ye2U4XVl3vMvcvux1ta/Qo0Hf41P16Uy17pvB7F6vJgWD26nn/TspO
aAozfdJPA9AyTBreQKb9cKVj5DwWnUXexEsv4yUCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBTVZMn2zIi7+otzi6wSMdVNSWquyzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzFXVEo5c3lJdV9xTGM0dXNFakhWVFVscXJzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAE1algMEAE1asgMEAE1auTAMAwQA
ueYNAwQAueYOAwQA1dGBAwQA1dGIAwQA1dGQAwQA1dGSAwQA1dGcMA0GCSqGSIb3
DQEBCwUAA4IBAQAAKHSE+owJYEDH66T4OhVST/OUKzNiS9bgMPcMyNw4HpZOhB4G
FpHisYLp25GYXCwCjkUFWYFVnc8htUbZC9qJwIpRESFUDyLCBuItpWYDc3iibx5y
+PxVGbV8R9CzUoRnAD7aPXH+m6oI3sHL5JYr8rXHsck9dhkaMn+y3P8jeVjVUtm1
CiIWuhItGKc37v5ZKhpPCuE3/Antg8Tc70hMYU1MQFJowz8WNKPt7tZQvdKJsG2l
vA38Mno/6VwC2YEgDJtLCjE1EHMHAr0f9atbybrrB5kzaDdaNqZAETKIgvfYqMKX
LuUo5eEfomECQZQBxCsSkRxl4qZSPPXU1c64
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org