Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/AY2I11o3oCtJZCgTN_Zen1pNODc.roa
File: AY2I11o3oCtJZCgTN_Zen1pNODc.roa (raw, json)
Hash identifier: dNEeKQ5Q8lhqnNTiJ0gdK9haEV67yBy0aI68KdrZzfE=
Subject key identifier: 01:8D:88:D7:5A:37:A0:2B:49:64:28:13:37:F6:5E:9F:5A:4D:38:37
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0804CAFC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/AY2I11o3oCtJZCgTN_Zen1pNODc.roa
Signing time: Fri 11 Mar 2022 14:27:03 +0000
ROA not before: Fri 11 Mar 2022 14:27:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.191.0/24 maxlen: 24
213.209.134.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
77.90.152.0/24 maxlen: 24
77.90.149.0/24 maxlen: 24
77.90.179.0/24 maxlen: 24
77.90.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134531836 (0x804cafc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 11 14:27:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=018d88d75a37a02b4964281337f65e9f5a4d3837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3c:17:72:19:a5:73:37:8d:84:fb:01:33:25:
7d:be:98:3b:b4:40:d3:14:ea:01:ca:6d:fa:31:b9:
b3:9d:2b:c4:2c:cc:6c:2d:11:48:93:87:67:63:3e:
8e:a6:3b:d5:7f:69:80:a4:ba:9f:b2:a4:9e:8f:e3:
3a:da:7c:ab:07:86:28:05:7a:ad:89:28:70:be:97:
81:2d:2b:5f:29:7a:e3:e9:c3:f7:1c:35:78:e4:9a:
dd:42:e2:ec:1d:04:6a:67:e2:40:8c:f2:23:fc:34:
12:c1:e1:31:39:eb:7d:46:16:ea:34:e9:22:51:88:
0a:57:7c:75:70:2f:3d:88:27:ed:d9:e0:ab:f5:b8:
ad:80:92:07:5d:8a:73:b5:49:b3:f0:58:4f:92:94:
c7:5f:a9:b3:51:4c:47:fa:cd:4a:8e:18:1f:36:27:
d1:06:72:5d:0f:7e:06:d5:41:1c:55:18:b5:7e:c7:
89:df:e4:04:7d:2d:08:3d:27:3a:d9:47:de:b5:7c:
1a:52:03:e3:86:99:9c:95:68:71:a7:4f:5f:06:8d:
17:70:fa:25:0b:dd:34:a7:17:e1:d6:d7:12:c9:f1:
9e:6b:c9:93:c0:1a:a8:d2:30:3f:72:f7:ab:e4:ed:
45:38:1d:4e:a1:50:b7:f7:cf:c9:79:97:ff:08:f5:
13:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8D:88:D7:5A:37:A0:2B:49:64:28:13:37:F6:5E:9F:5A:4D:38:37
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/AY2I11o3oCtJZCgTN_Zen1pNODc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.149.0/24
77.90.152.0/24
77.90.179.0-77.90.180.255
77.90.191.0/24
213.209.134.0/24
213.209.143.0/24
213.209.149.0/24
213.209.156.0/23
Signature Algorithm: sha256WithRSAEncryption
14:46:11:6f:ed:dc:f9:12:66:4b:68:7b:0a:33:c7:a1:82:b4:
75:b7:51:95:97:ce:44:ae:73:71:b5:29:e1:8c:75:61:2c:0e:
49:57:54:29:e0:60:f3:8d:61:bc:45:8c:7c:e3:dd:e8:96:b9:
4b:46:75:b7:58:22:df:8b:39:ad:48:85:35:28:c6:b7:62:81:
20:c1:84:65:3c:35:b6:5d:34:f0:b6:04:7a:8a:64:f5:d0:d1:
40:f7:08:0e:ae:3b:17:6d:da:e0:11:7f:7e:04:fd:de:e9:0f:
9f:3e:4a:17:db:b9:a3:0c:68:00:9a:ec:be:62:6a:18:22:53:
24:bf:c5:d0:34:ba:e8:c4:cb:ee:38:4e:d0:76:05:85:ae:9b:
65:a4:ae:b1:a6:15:93:9c:4e:97:76:95:18:31:ea:9d:f5:29:
a4:13:20:f9:82:3c:4c:89:1a:7e:1c:ac:21:8e:cf:25:9f:f9:
01:74:10:fb:aa:8e:90:60:ab:86:a1:b8:99:12:ca:a4:d1:20:
3e:df:c6:4a:2e:d8:8f:bf:b1:34:30:b9:0d:47:db:53:f0:cc:
a1:65:cd:6f:2b:c5:c2:1d:e7:dc:44:3a:63:46:8d:19:aa:f6:
b0:c2:d1:eb:7f:57:44:c6:28:58:8e:70:cf:78:8b:c9:30:7e:
1e:40:5c:77
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECATK/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
MTE0MjcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE4ZDg4ZDc1YTM3
YTAyYjQ5NjQyODEzMzdmNjVlOWY1YTRkMzgzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANU8F3IZpXM3jYT7ATMlfb6YO7RA0xTqAcpt+jG5s50rxCzM
bC0RSJOHZ2M+jqY71X9pgKS6n7Kkno/jOtp8qweGKAV6rYkocL6XgS0rXyl64+nD
9xw1eOSa3ULi7B0EamfiQIzyI/w0EsHhMTnrfUYW6jTpIlGICld8dXAvPYgn7dng
q/W4rYCSB12Kc7VJs/BYT5KUx1+ps1FMR/rNSo4YHzYn0QZyXQ9+BtVBHFUYtX7H
id/kBH0tCD0nOtlH3rV8GlID44aZnJVocadPXwaNF3D6JQvdNKcX4dbXEsnxnmvJ
k8AaqNIwP3L3q+TtRTgdTqFQt/fPyXmX/wj1ExcCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQBjYjXWjegK0lkKBM39l6fWk04NzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0FZMkkxMW8zb0N0SlpDZ1ROX1plbjFwTk9EYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAE1alQMEAE1amDAMAwQATVqzAwQA
TVq0AwQATVq/AwQA1dGGAwQA1dGPAwQA1dGVAwQB1dGcMA0GCSqGSIb3DQEBCwUA
A4IBAQAURhFv7dz5EmZLaHsKM8ehgrR1t1GVl85ErnNxtSnhjHVhLA5JV1Qp4GDz
jWG8RYx8493olrlLRnW3WCLfizmtSIU1KMa3YoEgwYRlPDW2XTTwtgR6imT10NFA
9wgOrjsXbdrgEX9+BP3e6Q+fPkoX27mjDGgAmuy+YmoYIlMkv8XQNLroxMvuOE7Q
dgWFrptlpK6xphWTnE6XdpUYMeqd9SmkEyD5gjxMiRp+HKwhjs8ln/kBdBD7qo6Q
YKuGobiZEsqk0SA+38ZKLtiPv7E0MLkNR9tT8MyhZc1vK8XCHefcRDpjRo0Zqvaw
wtHrf1dExihYjnDPeIvJMH4eQFx3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org