Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6Kx3uSpIdFhnJv-3x8k7nM12prI.roa
File: 6Kx3uSpIdFhnJv-3x8k7nM12prI.roa (raw, json)
Hash identifier: i/1lePQHTqZEI8wkYXkpIyOqvT0ihiGSE4CPab8JdIc=
Subject key identifier: E8:AC:77:B9:2A:48:74:58:67:26:FF:B7:C7:C9:3B:9C:CD:76:A6:B2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 084772EB
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6Kx3uSpIdFhnJv-3x8k7nM12prI.roa
Signing time: Wed 23 Mar 2022 17:47:28 +0000
ROA not before: Wed 23 Mar 2022 17:47:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.188.0/24 maxlen: 24
213.209.147.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.173.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138900203 (0x84772eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 23 17:47:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8ac77b92a4874586726ffb7c7c93b9ccd76a6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:36:27:3a:08:11:ac:90:4b:20:e6:a2:0f:99:
b7:c9:10:74:ab:58:1c:2c:7e:84:a8:3f:cb:c8:22:
af:b0:11:65:20:2a:28:3c:00:d8:21:0f:3b:71:48:
1d:df:cc:02:3a:9e:45:0e:07:4f:48:32:4a:32:7f:
01:be:f7:2c:ab:95:d5:63:e0:1f:dc:84:7f:a7:57:
f5:54:f7:61:5c:43:71:f3:70:e4:2f:50:65:50:92:
1d:53:58:0f:27:99:16:12:00:de:71:13:be:35:30:
4d:81:42:a5:73:e2:c2:6e:7f:81:4e:1b:12:4b:5a:
8e:28:3c:af:bc:a0:14:f2:53:bd:49:0a:c5:ab:a3:
3e:19:4b:e2:51:9d:39:36:04:6b:7b:e4:94:5c:49:
61:d8:d7:b7:c9:91:f1:19:d6:cc:5c:69:27:30:ad:
65:44:2e:ad:85:0b:f4:78:78:7b:de:fb:9d:ed:b7:
00:2c:14:fe:33:cd:d2:20:36:b9:7f:b4:2c:5f:dd:
c1:6c:cf:35:fe:4d:ab:5c:a9:4d:1b:21:88:cc:57:
bf:b3:2c:32:66:be:4c:48:d0:b1:ca:f6:5d:a0:1d:
64:8b:d5:ea:58:fc:7c:56:73:b5:3b:e6:a4:71:fe:
fb:bc:cf:ed:e1:9e:fc:32:7b:fb:93:8d:31:48:df:
cf:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AC:77:B9:2A:48:74:58:67:26:FF:B7:C7:C9:3B:9C:CD:76:A6:B2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6Kx3uSpIdFhnJv-3x8k7nM12prI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.173.0/24
77.90.184.0/24
77.90.188.0/24
185.230.13.0/24
185.230.15.0/24
213.209.147.0/24
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:fe:7c:37:b2:0a:f8:5d:af:70:c0:7e:91:6c:56:f7:8e:20:
10:54:88:ca:ee:3f:82:31:dc:42:66:93:23:19:f6:da:2a:c3:
98:86:2d:e6:f1:da:2a:95:b0:e9:7e:e5:2e:3c:17:21:3f:10:
c1:5a:b0:8a:e7:0b:5e:2c:df:30:d9:15:f2:53:2b:75:97:1d:
aa:df:a8:c6:e2:62:5d:b1:cd:68:21:4f:d9:54:40:52:dc:c9:
0d:f4:36:55:a6:39:09:b3:50:2b:7f:7c:3c:36:d9:58:5a:d4:
b8:c8:bc:58:de:41:83:8d:5b:2a:df:b6:4d:3d:14:73:0d:80:
da:4d:0e:00:22:fc:c3:b3:7e:16:42:ad:9c:36:10:32:78:2b:
cd:c1:dd:76:30:67:cd:06:da:42:93:6f:80:78:a5:76:ac:12:
3c:58:06:76:f0:20:06:2c:fc:88:f8:8a:ee:8d:f4:0c:29:fd:
15:84:ae:4f:77:79:02:ac:4f:03:f3:ee:9f:64:e5:21:45:98:
28:c8:a1:89:bd:e8:bf:24:87:39:71:49:59:41:e8:53:8f:ab:
fa:07:1c:dc:a8:19:db:58:da:87:c3:a2:54:c5:e3:d0:90:10:
e1:80:f8:38:46:4e:6f:c1:a4:66:26:c8:42:a9:5d:40:f5:bf:
62:d1:3c:94
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECEdy6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMy
MzE3NDcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThhYzc3YjkyYTQ4
NzQ1ODY3MjZmZmI3YzdjOTNiOWNjZDc2YTZiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKs2JzoIEayQSyDmog+Zt8kQdKtYHCx+hKg/y8gir7ARZSAq
KDwA2CEPO3FIHd/MAjqeRQ4HT0gySjJ/Ab73LKuV1WPgH9yEf6dX9VT3YVxDcfNw
5C9QZVCSHVNYDyeZFhIA3nETvjUwTYFCpXPiwm5/gU4bEktajig8r7ygFPJTvUkK
xaujPhlL4lGdOTYEa3vklFxJYdjXt8mR8RnWzFxpJzCtZUQurYUL9Hh4e977ne23
ACwU/jPN0iA2uX+0LF/dwWzPNf5Nq1ypTRshiMxXv7MsMma+TEjQscr2XaAdZIvV
6lj8fFZztTvmpHH++7zP7eGe/DJ7+5ONMUjfz3ECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTorHe5Kkh0WGcm/7fHyTuczXamsjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzZLeDN1U3BJZEZobkp2LTN4OGs3bk0xMnBySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAE1amQMEAE1arQMEAE1auAMEAE1a
vAMEALnmDQMEALnmDwMEANXRkwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEAsP58
N7IK+F2vcMB+kWxW944gEFSIyu4/gjHcQmaTIxn22irDmIYt5vHaKpWw6X7lLjwX
IT8QwVqwiucLXizfMNkV8lMrdZcdqt+oxuJiXbHNaCFP2VRAUtzJDfQ2VaY5CbNQ
K398PDbZWFrUuMi8WN5Bg41bKt+2TT0Ucw2A2k0OACL8w7N+FkKtnDYQMngrzcHd
djBnzQbaQpNvgHildqwSPFgGdvAgBiz8iPiK7o30DCn9FYSuT3d5AqxPA/Pun2Tl
IUWYKMihib3ovySHOXFJWUHoU4+r+gcc3KgZ21jah8OiVMXj0JAQ4YD4OEZOb8Gk
ZibIQqldQPW/YtE8lA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org