Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DIHJKLTjFnyiqMlUk3B7HxleXwo.roa
File: DIHJKLTjFnyiqMlUk3B7HxleXwo.roa (raw, json)
Hash identifier: oUJX9Qfi3RknY6Id8aCGLYg4F1PXDRrOI9CN13vpLkE=
Subject key identifier: 0C:81:C9:28:B4:E3:16:7C:A2:A8:C9:54:93:70:7B:1F:19:5E:5F:0A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 07CBCE1E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DIHJKLTjFnyiqMlUk3B7HxleXwo.roa
Signing time: Wed 09 Mar 2022 07:30:20 +0000
ROA not before: Wed 09 Mar 2022 07:30:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39144
IP address blocks: 213.209.129.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.157.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130797086 (0x7cbce1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 9 07:30:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c81c928b4e3167ca2a8c95493707b1f195e5f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9f:a6:d7:2d:70:e2:aa:f7:46:95:54:23:c5:
f3:fa:58:dd:1a:7b:de:fe:0b:13:1c:06:52:07:d2:
fe:a5:93:fd:f5:49:61:0c:98:d5:5a:7d:c8:d5:48:
72:ea:72:60:e5:93:06:42:98:ac:89:2f:85:4a:5d:
e3:bc:56:a6:31:19:31:8b:5a:06:6c:38:d4:73:86:
2b:05:78:3c:0f:05:54:a6:f2:1f:2a:4e:1b:18:97:
50:79:b5:e9:5e:77:44:b1:c0:a1:5a:ad:b3:b6:f8:
1e:fa:51:74:a3:8c:77:a9:47:77:b4:84:cd:43:12:
75:44:a8:6a:fb:cc:6e:26:5f:63:fc:80:1b:4e:12:
44:79:1b:f3:ac:90:20:e1:e9:00:4d:e5:36:4c:a6:
ad:6c:14:98:51:78:d1:f1:e7:df:a3:2c:4f:00:0c:
1a:10:fa:71:a4:16:51:7c:54:e3:31:0f:62:95:b1:
55:e5:bd:1e:98:83:07:e4:05:6e:15:6a:54:52:91:
fb:79:0b:22:44:f0:aa:69:fa:a8:ac:77:94:84:fd:
67:aa:d7:1d:19:c1:e7:17:a7:c2:62:a2:7a:13:71:
ab:d1:ff:a1:d2:73:b5:22:68:b7:7b:a3:cc:06:b0:
3e:98:09:61:f0:d8:1e:92:7b:7f:9f:66:7a:8d:1c:
09:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:81:C9:28:B4:E3:16:7C:A2:A8:C9:54:93:70:7B:1F:19:5E:5F:0A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DIHJKLTjFnyiqMlUk3B7HxleXwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
77.90.157.0/24
77.90.185.0/24
185.230.14.0/24
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
48:bc:23:68:ec:8d:5d:38:d5:cc:a3:b5:9f:7b:1e:29:af:38:
78:64:ea:ca:3e:14:2f:bc:30:39:18:05:84:e3:23:a3:d7:1d:
b4:d2:ae:83:73:41:33:a0:80:e2:df:d5:0a:d6:5c:aa:34:21:
7c:c2:3c:9f:6d:2f:50:2b:e3:36:bc:2e:84:11:56:00:0c:9c:
a4:ff:81:8e:c2:1f:51:77:5f:c0:09:94:c2:81:12:1a:1d:ab:
35:55:91:74:bf:03:1c:67:81:bf:ec:00:c0:bf:b0:5d:d5:6e:
33:5d:0c:11:31:9f:64:3b:ea:88:2e:12:78:75:bc:56:47:2e:
0a:6d:43:aa:a1:da:e7:87:81:f9:e7:e7:bf:65:bb:53:59:ae:
da:64:dd:56:80:99:30:78:4d:25:a1:f0:6d:a1:fc:9f:3a:56:
ff:6d:90:ee:e6:c9:68:42:00:d0:14:cd:0c:ad:47:0c:f5:2b:
c1:aa:c9:0f:26:b8:99:34:1d:b8:66:a3:58:57:cb:44:a9:24:
58:72:1f:e8:4c:32:b1:99:ff:13:f9:82:1d:a4:c7:b0:84:b2:
70:2b:f6:15:8f:c5:73:b1:4c:9f:29:84:b6:f8:57:53:3d:fa:
13:b9:8d:e6:fa:17:c1:8c:97:f5:5f:03:65:57:c9:df:d6:cb:
47:79:b6:ff
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEB8vOHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMw
OTA3MzAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM4MWM5MjhiNGUz
MTY3Y2EyYThjOTU0OTM3MDdiMWYxOTVlNWYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJufptctcOKq90aVVCPF8/pY3Rp73v4LExwGUgfS/qWT/fVJ
YQyY1Vp9yNVIcupyYOWTBkKYrIkvhUpd47xWpjEZMYtaBmw41HOGKwV4PA8FVKby
HypOGxiXUHm16V53RLHAoVqts7b4HvpRdKOMd6lHd7SEzUMSdUSoavvMbiZfY/yA
G04SRHkb86yQIOHpAE3lNkymrWwUmFF40fHn36MsTwAMGhD6caQWUXxU4zEPYpWx
VeW9HpiDB+QFbhVqVFKR+3kLIkTwqmn6qKx3lIT9Z6rXHRnB5xenwmKiehNxq9H/
odJztSJot3ujzAawPpgJYfDYHpJ7f59meo0cCX0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQMgckotOMWfKKoyVSTcHsfGV5fCjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0RJSEpLTFRqRm55aXFNbFVrM0I3SHhsZVh3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAE1aigMEAE1anQMEAE1auQMEALnm
DgMEANXRgTANBgkqhkiG9w0BAQsFAAOCAQEASLwjaOyNXTjVzKO1n3seKa84eGTq
yj4UL7wwORgFhOMjo9cdtNKug3NBM6CA4t/VCtZcqjQhfMI8n20vUCvjNrwuhBFW
AAycpP+BjsIfUXdfwAmUwoESGh2rNVWRdL8DHGeBv+wAwL+wXdVuM10METGfZDvq
iC4SeHW8VkcuCm1DqqHa54eB+efnv2W7U1mu2mTdVoCZMHhNJaHwbaH8nzpW/22Q
7ubJaEIA0BTNDK1HDPUrwarJDya4mTQduGajWFfLRKkkWHIf6EwysZn/E/mCHaTH
sISycCv2FY/Fc7FMnymEtvhXUz36E7mN5voXwYyX9V8DZVfJ39bLR3m2/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org