Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BAOysjrG-NUPHMNaM-hGcLBwSnQ.roa
File: BAOysjrG-NUPHMNaM-hGcLBwSnQ.roa (raw, json)
Hash identifier: VQDwNjAP+zE3bVspVPBoMvNEwBvEjXHfRwNMPkZTUXE=
Subject key identifier: 04:03:B2:B2:3A:C6:F8:D5:0F:1C:C3:5A:33:E8:46:70:B0:70:4A:74
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 09BC229B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BAOysjrG-NUPHMNaM-hGcLBwSnQ.roa
Signing time: Mon 20 Jun 2022 09:58:44 +0000
ROA not before: Mon 20 Jun 2022 09:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.144.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
77.90.150.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163324571 (0x9bc229b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 20 09:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0403b2b23ac6f8d50f1cc35a33e84670b0704a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6e:3a:d2:39:58:10:03:fd:9f:49:1c:53:e1:
7f:11:bb:df:48:15:5c:0a:ed:b0:ce:5a:09:09:37:
38:1e:8e:06:11:68:4f:94:85:3d:14:3b:58:69:a3:
5c:a2:d2:9a:fc:36:f2:d8:19:46:81:8a:4f:11:41:
70:9b:41:5f:15:94:01:e4:fc:06:1c:66:39:75:49:
ef:0c:29:a5:36:88:00:da:14:0c:a6:2d:3f:8f:46:
a2:3f:66:bd:c9:05:24:5c:c0:0e:d9:5a:63:f7:05:
ce:cc:3b:05:dc:a3:93:4e:49:50:21:e4:55:1c:3a:
dc:43:2b:77:7f:4f:a2:ec:9e:b5:29:9f:0a:6a:11:
ba:11:11:0f:b9:3e:0d:54:8c:d4:02:05:ab:f5:ad:
60:a4:6b:65:d8:66:ed:5e:f3:c8:6d:11:99:a9:b9:
fa:81:8c:70:6d:5c:f5:f7:2a:8e:0f:a5:d7:1b:5f:
f0:68:b2:c6:47:0f:eb:c9:97:85:b8:40:78:2f:23:
62:f9:9f:59:d4:69:b5:f1:ac:fe:94:fd:42:e8:19:
34:38:37:d5:04:4d:56:39:2f:f5:19:04:0e:51:19:
b4:3c:72:43:dc:60:7b:70:de:59:be:54:6d:29:c1:
89:24:d0:02:52:47:47:01:d3:17:2d:75:97:b5:5d:
57:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:03:B2:B2:3A:C6:F8:D5:0F:1C:C3:5A:33:E8:46:70:B0:70:4A:74
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BAOysjrG-NUPHMNaM-hGcLBwSnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.150.0/24
77.90.178.0/24
77.90.185.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.144.0-213.209.146.255
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
93:75:f5:ff:4c:43:02:fc:ab:f7:bf:6f:05:6f:f5:4f:02:13:
29:94:c4:77:81:35:0f:ae:86:4e:04:f8:44:13:d3:d7:cf:fd:
bd:b1:65:6b:cd:85:2f:67:49:de:5c:25:73:1f:a0:3f:6d:b0:
f5:bd:b5:ef:64:88:59:a2:dc:03:a2:f4:0b:ce:bc:18:65:4a:
16:cc:13:fe:2e:94:52:48:29:e6:de:11:0e:a8:70:aa:6a:d9:
cb:f4:6d:b4:ff:98:7c:3c:47:a5:84:5e:51:d1:b4:d3:68:2c:
00:91:81:1c:dc:0e:53:00:32:8e:29:8e:93:56:1c:a0:26:19:
eb:0d:f9:09:2c:27:10:8e:db:5b:7b:8a:bc:c7:c1:2c:8d:0f:
a8:7b:71:e9:26:17:4a:0a:a1:68:0f:28:06:10:3c:e1:09:1b:
be:fd:e6:51:8f:3a:42:1a:47:7a:3c:ad:ae:93:2f:e6:77:46:
0d:cf:37:b9:fc:66:3e:31:62:af:20:9b:c2:08:df:e9:90:88:
e5:1a:af:b6:db:bd:34:92:0d:50:ba:0e:41:ae:d8:49:40:75:
8e:6f:46:e9:78:a2:05:d5:e0:ba:33:89:66:c9:4a:45:dc:9b:
a8:b9:44:8a:7f:06:f3:1d:1e:55:1c:e8:75:0c:36:09:d4:49:
3f:f9:d8:16
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECbwimzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MDA5NTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQwM2IyYjIzYWM2
ZjhkNTBmMWNjMzVhMzNlODQ2NzBiMDcwNGE3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJduOtI5WBAD/Z9JHFPhfxG730gVXArtsM5aCQk3OB6OBhFo
T5SFPRQ7WGmjXKLSmvw28tgZRoGKTxFBcJtBXxWUAeT8BhxmOXVJ7wwppTaIANoU
DKYtP49Goj9mvckFJFzADtlaY/cFzsw7Bdyjk05JUCHkVRw63EMrd39PouyetSmf
CmoRuhERD7k+DVSM1AIFq/WtYKRrZdhm7V7zyG0Rmam5+oGMcG1c9fcqjg+l1xtf
8GiyxkcP68mXhbhAeC8jYvmfWdRptfGs/pT9QugZNDg31QRNVjkv9RkEDlEZtDxy
Q9xge3DeWb5UbSnBiSTQAlJHRwHTFy11l7VdV5sCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBQEA7KyOsb41Q8cw1oz6EZwsHBKdDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0JBT3lzanJHLU5VUEhNTmFNLWhHY0xCd1NuUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAE1algMEAE1asgMEAE1auTAMAwQA
ueYNAwQAueYOAwQA1dGBMAwDBATV0ZADBADV0ZIDBADV0ZwwDQYJKoZIhvcNAQEL
BQADggEBAJN19f9MQwL8q/e/bwVv9U8CEymUxHeBNQ+uhk4E+EQT09fP/b2xZWvN
hS9nSd5cJXMfoD9tsPW9te9kiFmi3AOi9AvOvBhlShbME/4ulFJIKebeEQ6ocKpq
2cv0bbT/mHw8R6WEXlHRtNNoLACRgRzcDlMAMo4pjpNWHKAmGesN+QksJxCO21t7
irzHwSyND6h7cekmF0oKoWgPKAYQPOEJG7795lGPOkIaR3o8ra6TL+Z3Rg3PN7n8
Zj4xYq8gm8II3+mQiOUar7bbvTSSDVC6DkGu2ElAdY5vRul4ogXV4LoziWbJSkXc
m6i5RIp/BvMdHlUc6HUMNgnUST/52BY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org