Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9TdUuUdJ0AVIOZ4iJBW66tALKV0.roa
File: 9TdUuUdJ0AVIOZ4iJBW66tALKV0.roa (raw, json)
Hash identifier: H0bI4fy5Q30CBfnEdOp/Nkfzzd3XI9YH04gSz7FEEis=
Subject key identifier: F5:37:54:B9:47:49:D0:05:48:39:9E:22:24:15:BA:EA:D0:0B:29:5D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08A786B9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9TdUuUdJ0AVIOZ4iJBW66tALKV0.roa
Signing time: Sat 16 Apr 2022 19:05:17 +0000
ROA not before: Sat 16 Apr 2022 19:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.191.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.133.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.158.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.155.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145196729 (0x8a786b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 16 19:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f53754b94749d00548399e222415baead00b295d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ed:ef:81:1e:89:02:e3:19:c6:00:9f:d8:e7:
66:1c:f6:7f:e6:76:a3:f2:d6:cc:b7:c4:12:0e:5f:
d8:79:fb:2b:58:b1:bc:e4:e2:5b:d0:37:27:9d:5a:
b6:f4:17:7c:e4:a2:d4:14:f3:1e:85:52:3c:40:c3:
69:e3:da:be:65:ba:83:34:9f:a1:44:3c:48:41:a6:
b0:de:8f:c8:6d:b1:40:52:48:eb:89:1e:7d:b9:6b:
7a:55:30:59:11:00:f0:74:04:f7:23:33:fe:ef:4d:
8f:1f:7f:10:92:eb:5e:37:a7:b5:5c:26:35:83:f5:
ef:9a:80:18:05:ad:d9:0c:6b:d1:dd:72:39:60:6f:
9b:79:bc:2f:d9:82:54:48:24:51:f0:16:9e:be:f0:
65:99:14:90:c4:17:f5:6d:fa:d4:a8:58:c5:a3:ea:
ef:34:df:b2:43:b9:bc:7d:c7:89:10:8f:2b:09:3f:
fe:74:bf:84:d9:58:06:68:2e:18:5c:65:80:e9:57:
3f:d0:04:6c:2b:48:72:47:8d:89:7c:63:73:3c:fe:
37:2c:12:b4:3a:0a:b9:a2:08:d9:45:62:8f:75:ae:
e3:f0:d2:7b:d4:f3:7a:d5:36:84:dc:94:9f:6b:42:
42:00:ae:99:36:3e:a1:11:7c:00:70:75:ee:60:49:
5c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:37:54:B9:47:49:D0:05:48:39:9E:22:24:15:BA:EA:D0:0B:29:5D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9TdUuUdJ0AVIOZ4iJBW66tALKV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0-77.90.150.255
77.90.152.0/22
77.90.179.0/24
77.90.191.0/24
213.209.129.0/24
213.209.133.0/24
213.209.143.0/24
213.209.145.0/24
213.209.149.0-213.209.150.255
213.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:23:3d:74:5a:e2:2f:ed:82:2c:cd:10:e8:f8:7e:3f:a6:27:
f2:a2:88:be:32:33:0f:be:b8:82:a0:97:6e:f4:02:5a:17:16:
00:e7:ad:94:8e:ae:fe:d7:c7:e4:dc:62:88:52:02:a8:60:c9:
48:16:16:4c:ce:a7:2c:63:01:72:d3:df:4b:ed:c1:10:fe:95:
80:dc:9d:f8:50:36:a9:0c:0c:41:d9:78:ff:ca:fd:d6:f9:00:
45:e9:fd:8e:64:4d:f2:e9:92:58:fa:f7:19:4c:3c:a0:78:55:
ff:eb:1d:87:b5:29:b6:a8:ae:51:28:56:33:cd:fa:2e:09:53:
b8:1f:a9:9f:f6:a0:66:cd:f6:14:bc:da:10:0a:89:1e:5b:85:
50:6e:a6:d5:7b:d6:49:a5:0c:b5:86:b6:61:4a:cd:bd:a1:18:
ac:06:b7:e9:dc:e7:55:f1:ec:c4:04:23:bf:11:7a:68:9b:3e:
28:66:44:87:5f:a0:6f:2d:db:9c:b5:2b:43:07:6a:ee:8b:ee:
d6:c1:8f:90:8c:1a:0b:34:d9:56:94:6f:2e:11:7f:c8:c1:2f:
c3:ab:9c:43:09:64:ab:37:00:b3:60:0c:d8:56:de:40:97:58:
4f:e4:4d:90:2c:5a:3b:70:f7:42:59:d8:4f:dc:d8:fa:81:a6:
98:c4:e6:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIECKeGuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQx
NjE5MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjUzNzU0Yjk0NzQ5
ZDAwNTQ4Mzk5ZTIyMjQxNWJhZWFkMDBiMjk1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7t74EeiQLjGcYAn9jnZhz2f+Z2o/LWzLfEEg5f2Hn7K1ix
vOTiW9A3J51atvQXfOSi1BTzHoVSPEDDaePavmW6gzSfoUQ8SEGmsN6PyG2xQFJI
64kefblrelUwWREA8HQE9yMz/u9Njx9/EJLrXjentVwmNYP175qAGAWt2Qxr0d1y
OWBvm3m8L9mCVEgkUfAWnr7wZZkUkMQX9W361KhYxaPq7zTfskO5vH3HiRCPKwk/
/nS/hNlYBmguGFxlgOlXP9AEbCtIckeNiXxjczz+NywStDoKuaII2UVij3Wu4/DS
e9TzetU2hNyUn2tCQgCumTY+oRF8AHB17mBJXMcCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBT1N1S5R0nQBUg5niIkFbrq0AspXTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzlUZFV1VWRKMEFWSU9aNGlKQlc2NnRBTEtWMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTDAMAwQATVqVAwQATVqWAwQCTVqYAwQA
TVqzAwQATVq/AwQA1dGBAwQA1dGFAwQA1dGPAwQA1dGRMAwDBADV0ZUDBADV0ZYD
BADV0Z4wDQYJKoZIhvcNAQELBQADggEBAKcjPXRa4i/tgizNEOj4fj+mJ/KiiL4y
Mw++uIKgl270AloXFgDnrZSOrv7Xx+TcYohSAqhgyUgWFkzOpyxjAXLT30vtwRD+
lYDcnfhQNqkMDEHZeP/K/db5AEXp/Y5kTfLpklj69xlMPKB4Vf/rHYe1KbaorlEo
VjPN+i4JU7gfqZ/2oGbN9hS82hAKiR5bhVBuptV71kmlDLWGtmFKzb2hGKwGt+nc
51Xx7MQEI78RemibPihmRIdfoG8t25y1K0MHau6L7tbBj5CMGgs02VaUby4Rf8jB
L8OrnEMJZKs3ALNgDNhW3kCXWE/kTZAsWjtw90JZ2E/c2PqBppjE5tU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org