Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CNF4ooyyFoPFEmBmf0sJPTkjF_w.roa
File: CNF4ooyyFoPFEmBmf0sJPTkjF_w.roa (raw, json)
Hash identifier: ANAaUy+wFmYHDrNqcaHYHKR7kY3byP5H+AwyD3VX0bY=
Subject key identifier: 08:D1:78:A2:8C:B2:16:83:C5:12:60:66:7F:4B:09:3D:39:23:17:FC
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01832383CAC6AB81E1CAD4DF55B8CC51564A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CNF4ooyyFoPFEmBmf0sJPTkjF_w.roa
Signing time: Fri 09 Sep 2022 18:29:43 +0000
ROA not before: Fri 09 Sep 2022 18:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 213.209.131.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.158.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:83:ca:c6:ab:81:e1:ca:d4:df:55:b8:cc:51:56:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 9 18:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08d178a28cb21683c51260667f4b093d392317fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cb:fa:e4:c7:a2:b8:cd:e6:1c:30:e7:47:04:
e5:94:b1:6a:c4:9c:3c:5b:e8:83:35:11:d1:66:9d:
2d:85:75:53:2c:8f:c3:5f:e7:bf:eb:33:10:ff:79:
d4:34:9b:a1:73:e0:76:68:4f:9d:0d:53:fa:99:dc:
0d:32:84:1a:3c:cf:51:04:91:8b:59:81:68:a3:9a:
39:75:e5:75:96:73:6d:4b:fd:eb:f2:47:c3:2b:0b:
53:cf:e1:b9:a9:74:ee:17:b5:4e:12:ac:67:ab:2d:
1d:72:e2:0e:6a:0a:33:4f:df:5b:a2:08:16:c4:ea:
89:47:d8:67:f8:ca:15:9d:27:c0:08:f4:d9:ff:dd:
cf:db:f8:51:2b:d0:b2:fb:c1:ae:17:48:c6:d1:9a:
9b:89:d2:81:68:a4:76:18:c6:77:2d:1a:91:bf:1e:
eb:56:f8:f0:87:49:cf:d5:dc:ab:64:25:64:25:60:
2f:b2:2e:e8:d7:e9:70:07:d0:e9:c3:66:e5:fd:f7:
39:49:ee:03:a9:38:cd:24:db:a2:0a:e8:bd:f6:a2:
38:ba:5a:7f:13:00:eb:52:84:c6:65:21:2f:f6:f3:
d0:cf:ee:4f:dd:43:dd:e6:91:1c:71:0c:3a:43:a5:
0b:cf:47:bd:24:1a:63:09:74:f5:e3:6a:d8:67:2a:
f1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D1:78:A2:8C:B2:16:83:C5:12:60:66:7F:4B:09:3D:39:23:17:FC
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CNF4ooyyFoPFEmBmf0sJPTkjF_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.158.0-77.90.163.255
77.90.165.0/24
77.90.167.0/24
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.182.0/24
77.90.186.0/24
213.209.131.0/24
213.209.135.0/24
213.209.139.0/24
213.209.152.0/22
Signature Algorithm: sha256WithRSAEncryption
80:67:4c:13:32:9b:91:0c:6d:5d:a2:f5:a5:66:d9:16:cf:5d:
e7:74:14:5d:7f:ed:31:75:4f:a7:5a:7f:be:07:a4:36:61:6f:
aa:6b:03:a7:1b:ac:fa:aa:13:71:20:dd:5b:1a:67:8a:79:ca:
04:d0:85:79:f2:2d:49:b4:33:9b:a1:7f:2e:ac:69:7f:6e:4a:
42:ba:8d:50:a0:52:8a:26:d1:6d:d5:9a:2c:d8:b5:e2:2b:fe:
bf:07:4c:2d:ef:8b:3d:4f:90:ed:8a:e0:b0:01:4d:f3:57:f4:
48:fa:c3:02:f5:98:b4:0d:43:9b:e6:bc:6b:ef:fd:54:12:f7:
3d:1f:5e:b4:4b:d3:b5:ef:34:62:76:5b:cf:d0:12:cf:c9:83:
15:03:81:38:68:4a:ec:52:be:6b:b2:7b:5f:9f:d2:35:a5:47:
b1:77:1f:27:ed:41:8a:b5:5d:04:2a:c4:c1:04:68:fc:cf:61:
4b:46:9c:ea:ea:ca:07:27:df:c1:5f:0d:c8:1e:d4:26:09:99:
c3:90:45:4f:d0:2c:0c:92:81:31:6e:ea:47:8c:dd:03:77:3e:
68:4b:c1:78:0a:75:76:85:c8:d2:0a:57:da:dd:0f:6d:fb:46:
0d:36:d5:65:55:97:4c:27:7e:0a:8a:1e:a7:cc:15:01:f4:30:
16:0e:0b:1d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYMjg8rGq4HhytTfVbjMUVZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwOTA5MTgyOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQxNzhhMjhjYjIxNjgzYzUxMjYwNjY3ZjRiMDkzZDM5MjMxN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8v65MeiuM3mHDDnRwTllLFqxJw8
W+iDNRHRZp0thXVTLI/DX+e/6zMQ/3nUNJuhc+B2aE+dDVP6mdwNMoQaPM9RBJGL
WYFoo5o5deV1lnNtS/3r8kfDKwtTz+G5qXTuF7VOEqxnqy0dcuIOagozT99boggW
xOqJR9hn+MoVnSfACPTZ/93P2/hRK9Cy+8GuF0jG0ZqbidKBaKR2GMZ3LRqRvx7r
Vvjwh0nP1dyrZCVkJWAvsi7o1+lwB9Dpw2bl/fc5Se4DqTjNJNuiCui99qI4ulp/
EwDrUoTGZSEv9vPQz+5P3UPd5pEccQw6Q6ULz0e9JBpjCXT142rYZyrxTwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFAjReKKMshaDxRJgZn9LCT05Ixf8MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvQ05GNG9veXlGb1BGRW1CbWYwc0pQVGtqRl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAFNWp4D
BAJNWqADBABNWqUDBABNWqcwDAMEAE1aqQMEAE1arAMEAE1arwMEAE1asQMEAE1a
tgMEAE1augMEANXRgwMEANXRhwMEANXRiwMEAtXRmDANBgkqhkiG9w0BAQsFAAOC
AQEAgGdMEzKbkQxtXaL1pWbZFs9d53QUXX/tMXVPp1p/vgekNmFvqmsDpxus+qoT
cSDdWxpninnKBNCFefItSbQzm6F/Lqxpf25KQrqNUKBSiibRbdWaLNi14iv+vwdM
Le+LPU+Q7YrgsAFN81f0SPrDAvWYtA1Dm+a8a+/9VBL3PR9etEvTte80YnZbz9AS
z8mDFQOBOGhK7FK+a7J7X5/SNaVHsXcfJ+1BirVdBCrEwQRo/M9hS0ac6urKByff
wV8NyB7UJgmZw5BFT9AsDJKBMW7qR4zdA3c+aEvBeAp1doXI0gpX2t0PbftGDTbV
ZVWXTCd+Cooep8wVAfQwFg4LHQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org