Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6_zYXqHzBnpYIJz7XX-5GRO69OI.roa
File: 6_zYXqHzBnpYIJz7XX-5GRO69OI.roa (raw, json)
Hash identifier: 183R+Bh+2TSoISzsNAyHMl78OvABtP7cHqE+2g/vqeU=
Subject key identifier: EB:FC:D8:5E:A1:F3:06:7A:58:20:9C:FB:5D:7F:B9:19:13:BA:F4:E2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01843776EC5ACFE638C02D13CB7423134CEC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6_zYXqHzBnpYIJz7XX-5GRO69OI.roa
Signing time: Wed 02 Nov 2022 08:30:51 +0000
ROA not before: Wed 02 Nov 2022 08:30:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.156.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:76:ec:5a:cf:e6:38:c0:2d:13:cb:74:23:13:4c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 2 08:30:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebfcd85ea1f3067a58209cfb5d7fb91913baf4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:64:2c:92:d3:cf:da:18:68:58:b2:28:dd:37:
0c:50:1b:55:ff:ce:a2:8e:38:ac:f3:bf:21:d2:d7:
49:67:8b:0a:b0:dc:87:ec:e9:62:8a:49:99:ce:2c:
14:d2:95:2e:ca:67:b7:54:4c:94:a3:05:98:66:e7:
53:33:88:e5:22:c4:c1:5c:4a:fe:7b:97:21:c6:7e:
c4:d1:95:9c:b2:6a:e6:ed:4e:3d:14:8e:74:cb:c1:
d8:bf:87:21:39:23:6f:57:95:44:db:42:85:31:a9:
c1:28:f1:31:1f:3f:9a:92:c3:ce:12:af:79:17:56:
d9:87:9b:9c:42:f8:d0:f6:bf:ae:2d:ef:43:e3:83:
1a:48:50:5d:99:98:bb:c6:31:e6:9d:65:e0:90:e0:
6a:04:a8:7d:35:bf:03:d3:45:3a:e3:4c:54:f3:ef:
95:8d:b8:27:fa:0f:9a:18:dd:00:5a:29:73:c6:81:
b4:32:16:03:9a:27:98:36:f3:84:71:c1:3e:a6:cb:
9c:e8:a2:6f:9d:1e:07:e7:b9:c0:3f:5a:c6:9b:38:
a6:7d:b7:c4:b1:ab:32:1f:34:ec:18:c6:3d:e1:0d:
45:f9:39:ac:e8:4a:d8:9d:41:36:3b:90:bd:08:fd:
fe:fe:72:25:10:88:a0:07:e9:0c:60:db:82:7b:26:
28:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:FC:D8:5E:A1:F3:06:7A:58:20:9C:FB:5D:7F:B9:19:13:BA:F4:E2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6_zYXqHzBnpYIJz7XX-5GRO69OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/23
77.90.145.0/24
77.90.156.0/24
77.90.178.0/24
213.209.156.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7f:5b:7c:cf:1e:7f:f0:15:ea:00:4b:0a:06:ef:77:8a:83:
3e:9c:17:41:12:d7:22:58:59:68:c6:37:fd:a6:80:1d:50:be:
bc:73:ad:29:83:89:da:56:5a:71:f1:9e:de:48:75:70:8e:85:
65:7a:cf:b1:b6:40:fd:cf:cb:48:f3:93:45:d8:b7:a3:50:51:
a1:5c:65:ee:55:cb:c3:26:14:7a:02:e4:61:72:53:fe:33:1e:
be:0f:df:2d:18:06:35:45:2a:4e:51:b5:e2:f6:73:9e:e8:66:
de:c0:82:a2:73:67:3a:b5:b8:b6:fd:61:f5:c0:14:33:05:7e:
7c:94:dd:28:8b:93:4f:9a:78:26:e5:b6:24:19:44:1c:8d:f3:
5b:16:51:5f:e4:2d:bf:72:63:c8:ac:b4:df:fc:c8:fa:fc:45:
af:33:bb:bc:92:69:aa:69:45:25:8f:06:48:fc:e0:38:f4:c6:
bd:ee:4d:08:36:10:3f:35:49:bd:6a:0e:7c:98:ef:04:47:6f:
31:bd:cc:90:0e:64:cf:ca:e5:91:36:fe:53:29:c3:88:97:f5:
19:ae:82:1f:89:4e:c7:01:c7:a3:a5:2d:81:56:97:83:3a:af:
99:bb:7f:bb:46:98:41:bf:03:84:05:d6:94:0d:bd:5d:b8:ee:
07:19:44:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQ3duxaz+Y4wC0Ty3QjE0zsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTAyMDgzMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmZjZDg1ZWExZjMwNjdhNTgyMDljZmI1ZDdmYjkxOTEzYmFmNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGQsktPP2hhoWLIo3TcMUBtV/86i
jjis878h0tdJZ4sKsNyH7OliikmZziwU0pUuyme3VEyUowWYZudTM4jlIsTBXEr+
e5chxn7E0ZWcsmrm7U49FI50y8HYv4chOSNvV5VE20KFManBKPExHz+aksPOEq95
F1bZh5ucQvjQ9r+uLe9D44MaSFBdmZi7xjHmnWXgkOBqBKh9Nb8D00U640xU8++V
jbgn+g+aGN0AWilzxoG0MhYDmieYNvOEccE+psuc6KJvnR4H57nAP1rGmzimfbfE
sasyHzTsGMY94Q1F+Tms6ErYnUE2O5C9CP3+/nIlEIigB+kMYNuCeyYowQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOv82F6h8wZ6WCCc+11/uRkTuvTiMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNl96WVhxSHpCbnBZSUp6N1hYLTVHUk82OU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTVqKAwQA
TVqRAwQATVqcAwQATVqyAwQA1dGcAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQBj
f1t8zx5/8BXqAEsKBu93ioM+nBdBEtciWFloxjf9poAdUL68c60pg4naVlpx8Z7e
SHVwjoVles+xtkD9z8tI85NF2LejUFGhXGXuVcvDJhR6AuRhclP+Mx6+D98tGAY1
RSpOUbXi9nOe6GbewIKic2c6tbi2/WH1wBQzBX58lN0oi5NPmngm5bYkGUQcjfNb
FlFf5C2/cmPIrLTf/Mj6/EWvM7u8kmmqaUUljwZI/OA49Ma97k0INhA/NUm9ag58
mO8ER28xvcyQDmTPyuWRNv5TKcOIl/UZroIfiU7HAcejpS2BVpeDOq+Zu3+7RphB
vwOEBdaUDb1duO4HGUST
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org